* Add Dependabot

* Add CodeQL scanner
* Lock libraries
* More linters
* Fix logo URL

.github/dependabot.yml

@@ -0,0 +1,16 @@
+version: 2
+updates:
+  # Maintain dependencies for GitHub Actions
+  - package-ecosystem: "github-actions"
+    directory: "/"
+    schedule:
+      interval: "weekly"
+
+  # Maintain dependencies for Python
+  - package-ecosystem: "pip"
+    directory: "/"
+    schedule:
+      interval: "weekly"
+    allow:
+      - dependency-type: "all"
+    open-pull-requests-limit: 2

.github/workflows/codeql.yml

@@ -0,0 +1,27 @@
+name: codeql
+
+on:
+  push:
+    branches: [main]
+  pull_request:
+    branches: [main]
+  schedule:
+    - cron: "0 13 * * 1"
+  workflow_dispatch:
+
+jobs:
+  analyze:
+    permissions:
+      actions: read
+      contents: read
+      security-events: write
+    runs-on: ubuntu-latest
+    steps:
+      - uses: actions/checkout@v3
+      - uses: actions/setup-python@v4
+        with:
+          python-version: "3.x"
+      - uses: github/codeql-action/init@v1
+        with:
+          languages: python
+      - uses: github/codeql-action/analyze@v1

.pre-commit-config.yaml

@@ -5,9 +5,12 @@ repos:
       - id: check-yaml
       - id: end-of-file-fixer
       - id: trailing-whitespace
+      - id: end-of-file-fixer
+        types: [ python ]
+      - id: requirements-txt-fixer
 
   - repo: https://github.com/psf/black
-    rev: 23.3.0
+    rev: 23.7.0
     hooks:
       - id: black
         args: [ --line-length=100, --exclude="" ]
@@ -24,7 +27,7 @@ repos:
   # and this tool removes unused imports, which may be providing
   # necessary side effects for the code to run
   - repo: https://github.com/PyCQA/autoflake
-    rev: v1.6.1
+    rev: v2.2.0
     hooks:
       - id: autoflake
         args:

CHANGELOG.md

@@ -10,6 +10,23 @@ and this project adheres to [Semantic Versioning](https://semver.org/spec/v2.0.0
 ### Added
 -
 
+## [0.0.3] - 2023-08-10
+
+### Added
+- Dependabot support
+- CodeQL support
+- More pre-commit hooks to improve linters
+
+### Fixed
+- Locked libraries in `requirements.txt`
+- Logo link in README
+
+## [0.0.2] - 2023-08-07
+
+### Fixed
+
+- Fixed missing `.json` files in the package
+
 ## [0.0.1] - 2023-08-07
 
 ### Added
@@ -38,4 +55,6 @@ and this project adheres to [Semantic Versioning](https://semver.org/spec/v2.0.0
   - [Toxicity](./llm_guard/output_scanners/toxicity.py)
 
 [Unreleased]: https://github.com/laiyer-ai/llm-guard/commits/main
-[0.0.1]: https://github.com/laiyer-ai/llm-guard/compare/v0.0.0...v0.0.1
+[0.0.3]: https://github.com/laiyer-ai/llm-guard/commits/v0.0.3
+[0.0.2]: https://github.com/laiyer-ai/llm-guard/commits/v0.0.2
+[0.0.1]: https://github.com/laiyer-ai/llm-guard/commits/v0.0.1

README.md

@@ -1,4 +1,4 @@
-![LLM-Guard Logo](./docs/logo.png)
+![LLM-Guard Logo](https://github.com/laiyer-ai/llm-guard/blob/a7cde324dec3118ebe8427da1a9e15fbd03ce5fe/docs/logo.png?raw=true)
 
 # LLM Guard - The Security Toolkit for LLM Interactions
 

llm_guard/input_scanners/token_limit.py

@@ -1,5 +1,5 @@
 import logging
-from typing import List
+from typing import List, Optional
 
 import tiktoken
 
@@ -18,7 +18,7 @@ def __init__(
         self,
         limit: int = 4096,
         encoding_name: str = "cl100k_base",
-        model_name: str = None,
+        model_name: Optional[str] = None,
     ):
         """
         Initializes TokenLimit with a limit, encoding name, and model name.

requirements-dev.txt

@@ -1,5 +1,5 @@
-black
-pytest
-pytest-cov
-isort
-autoflake
+autoflake==2.2.0
+black==23.7.0
+isort==5.12.0
+pytest==7.4.0
+pytest-cov==4.1.0

requirements.txt

@@ -1,8 +1,8 @@
-sentence-transformers
-spacy
-transformers
-xformers
-nltk
-tiktoken
-presidio-anonymizer
-presidio-analyzer
+nltk==3.8.1
+presidio-analyzer==2.2.33
+presidio-anonymizer==2.2.33
+sentence-transformers==2.2.2
+spacy==3.6.1
+tiktoken==0.4.0
+transformers==4.31.0
+xformers==0.0.20

setup.py

@@ -17,7 +17,7 @@ def parse_requirements(file_name: str) -> List[str]:
 
 setuptools.setup(
     name="llm-guard",
-    version="0.0.2",
+    version="0.0.3",
     author="Laiyer.ai",
     author_email="hello@laiyer.ai",
     description=(