ci: fix secret name to GITEATOKEN

.gitea/workflows/release.yml

@@ -0,0 +1,51 @@
+name: Release
+
+on:
+  push:
+    tags:
+      - 'v*'
+
+jobs:
+  build:
+    runs-on: ubuntu-latest
+    steps:
+      - name: Checkout
+        uses: actions/checkout@v4
+
+      - name: Set up Go
+        uses: actions/setup-go@v5
+        with:
+          go-version-file: 'go.mod'
+
+      - name: Build
+        run: CGO_ENABLED=0 go build -ldflags="-s -w" -o snitch .
+
+      - name: Create Release
+        env:
+          GITEATOKEN: ${{ secrets.GITEATOKEN }}
+        run: |
+          VERSION="${{ github.ref_name }}"
+          VER="${VERSION#v}"
+          
+          # Package binary
+          tar czf "snitch_${VER}_linux_amd64.tar.gz" snitch
+          
+          # Create release
+          RELEASE_ID=$(curl -s -X POST "https://gitea.bitua.io/api/v1/repos/bitua/snitch/releases" \
+            -H "Authorization: token ${GITEATOKEN}" \
+            -H "Content-Type: application/json" \
+            -d "{\"tag_name\": \"${VERSION}\", \"name\": \"${VERSION}\"}" | jq -r .id)
+          
+          if [ "$RELEASE_ID" = "null" ] || [ -z "$RELEASE_ID" ]; then
+            echo "Failed to create release"
+            exit 1
+          fi
+          
+          echo "Created release ID: $RELEASE_ID"
+          
+          # Upload asset
+          curl -s -X POST "https://gitea.bitua.io/api/v1/repos/bitua/snitch/releases/${RELEASE_ID}/assets?name=snitch_${VER}_linux_amd64.tar.gz" \
+            -H "Authorization: token ${GITEATOKEN}" \
+            -F "attachment=@snitch_${VER}_linux_amd64.tar.gz"
+          
+          echo "Release ${VERSION} complete!"

.github/ISSUE_TEMPLATE/bug_report.yml

@@ -0,0 +1,118 @@
+name: Bug Report
+description: Report a bug or unexpected behavior
+title: "[bug]: "
+labels: ["bug", "triage"]
+body:
+  - type: markdown
+    attributes:
+      value: |
+        thanks for taking the time to fill out this bug report!
+        please provide as much detail as possible to help us investigate.
+
+  - type: textarea
+    id: description
+    attributes:
+      label: Description
+      description: A clear description of what the bug is.
+      placeholder: What happened? What did you expect to happen?
+    validations:
+      required: true
+
+  - type: textarea
+    id: reproduce
+    attributes:
+      label: Steps to Reproduce
+      description: How can we reproduce this issue?
+      placeholder: |
+        1. run `snitch ...`
+        2. press '...'
+        3. see error
+    validations:
+      required: true
+
+  - type: textarea
+    id: expected
+    attributes:
+      label: Expected Behavior
+      description: What did you expect to happen?
+    validations:
+      required: false
+
+  - type: textarea
+    id: actual
+    attributes:
+      label: Actual Behavior
+      description: What actually happened? Include any error messages.
+    validations:
+      required: false
+
+  - type: input
+    id: version
+    attributes:
+      label: Version
+      description: What version of snitch are you running? (`snitch version`)
+      placeholder: "v0.1.0"
+    validations:
+      required: true
+
+  - type: dropdown
+    id: os
+    attributes:
+      label: Operating System
+      options:
+        - Linux
+        - macOS
+        - Other
+    validations:
+      required: true
+
+  - type: input
+    id: os-version
+    attributes:
+      label: OS Version
+      description: e.g., Ubuntu 22.04, macOS 14.1, Arch Linux
+      placeholder: "Ubuntu 22.04"
+    validations:
+      required: false
+
+  - type: dropdown
+    id: install-method
+    attributes:
+      label: Installation Method
+      options:
+        - Homebrew
+        - go install
+        - Nix/NixOS
+        - AUR
+        - Binary download
+        - Install script
+        - Other
+    validations:
+      required: false
+
+  - type: textarea
+    id: config
+    attributes:
+      label: Configuration
+      description: Paste your `~/.config/snitch/snitch.toml` if relevant (optional)
+      render: toml
+    validations:
+      required: false
+
+  - type: textarea
+    id: logs
+    attributes:
+      label: Logs / Terminal Output
+      description: Paste any relevant terminal output or error messages
+      render: text
+    validations:
+      required: false
+
+  - type: textarea
+    id: additional
+    attributes:
+      label: Additional Context
+      description: Any other context about the problem? Screenshots, related issues, etc.
+    validations:
+      required: false
+

.github/ISSUE_TEMPLATE/config.yml

@@ -0,0 +1,9 @@
+blank_issues_enabled: true
+contact_links:
+  - name: Question / Discussion
+    url: https://github.com/karol-broda/snitch/discussions
+    about: Ask questions, share ideas, or discuss snitch usage
+  - name: Documentation
+    url: https://github.com/karol-broda/snitch#readme
+    about: Check the README for usage and configuration docs
+

.github/ISSUE_TEMPLATE/feature_request.yml

@@ -0,0 +1,69 @@
+name: Feature Request
+description: Suggest a new feature or enhancement
+title: "[feature]: "
+labels: ["enhancement"]
+body:
+  - type: markdown
+    attributes:
+      value: |
+        thanks for suggesting a feature! please describe your idea clearly.
+
+  - type: textarea
+    id: problem
+    attributes:
+      label: Problem / Use Case
+      description: What problem does this solve? What are you trying to accomplish?
+      placeholder: I'm always frustrated when...
+    validations:
+      required: true
+
+  - type: textarea
+    id: solution
+    attributes:
+      label: Proposed Solution
+      description: Describe your proposed solution or feature
+      placeholder: I would like snitch to...
+    validations:
+      required: true
+
+  - type: textarea
+    id: alternatives
+    attributes:
+      label: Alternatives Considered
+      description: Have you considered any alternative solutions or workarounds?
+    validations:
+      required: false
+
+  - type: dropdown
+    id: area
+    attributes:
+      label: Area
+      description: What part of snitch does this affect?
+      options:
+        - TUI (interactive mode)
+        - CLI output (ls, json, watch)
+        - Filtering / Sorting
+        - DNS resolution
+        - Configuration
+        - Installation / Packaging
+        - Documentation
+        - Other
+    validations:
+      required: false
+
+  - type: textarea
+    id: additional
+    attributes:
+      label: Additional Context
+      description: Any other context, mockups, or screenshots about the feature request
+    validations:
+      required: false
+
+  - type: checkboxes
+    id: contribution
+    attributes:
+      label: Contribution
+      description: Would you be interested in contributing this feature?
+      options:
+        - label: I'd be willing to submit a PR for this feature
+

.github/PULL_REQUEST_TEMPLATE.md

@@ -0,0 +1,39 @@
+## Description
+
+<!-- describe what this PR does -->
+
+## Related Issues
+
+<!-- link any related issues: fixes #123, closes #456 -->
+
+## Type of Change
+
+- [ ] bug fix
+- [ ] new feature
+- [ ] breaking change
+- [ ] documentation
+- [ ] refactoring
+- [ ] other: <!-- describe -->
+
+## AI Disclosure
+
+<!-- required: select one -->
+
+- [ ] `ai: none` — no ai assistance used
+- [ ] `ai: assisted` — ai helped with portions (describe below)
+- [ ] `ai: generated` — significant portions were ai-generated (describe below)
+
+<!-- if ai-assisted or ai-generated, briefly describe what was ai-generated: -->
+
+## Checklist
+
+- [ ] i have tested these changes locally
+- [ ] i have run `make test` and all tests pass
+- [ ] i have run `make lint` and fixed any issues
+- [ ] i have updated documentation if needed
+- [ ] my code follows the existing style of the project
+
+## Screenshots / Terminal Output
+
+<!-- if applicable, add screenshots or terminal output showing the change -->
+

CODE_OF_CONDUCT.md

@@ -0,0 +1,85 @@
+
+# Contributor Covenant Code of Conduct
+
+## Our Pledge
+
+We as members, contributors, and leaders pledge to make participation in our community a harassment-free experience for everyone, regardless of age, body size, visible or invisible disability, ethnicity, sex characteristics, gender identity and expression, level of experience, education, socio-economic status, nationality, personal appearance, race, caste, color, religion, or sexual identity and orientation.
+
+We pledge to act and interact in ways that contribute to an open, welcoming, diverse, inclusive, and healthy community.
+
+## Our Standards
+
+Examples of behavior that contributes to a positive environment for our community include:
+
+* Demonstrating empathy and kindness toward other people
+* Being respectful of differing opinions, viewpoints, and experiences
+* Giving and gracefully accepting constructive feedback
+* Accepting responsibility and apologizing to those affected by our mistakes, and learning from the experience
+* Focusing on what is best not just for us as individuals, but for the overall community
+
+Examples of unacceptable behavior include:
+
+* The use of sexualized language or imagery, and sexual attention or advances of any kind
+* Trolling, insulting or derogatory comments, and personal or political attacks
+* Public or private harassment
+* Publishing others' private information, such as a physical or email address, without their explicit permission
+* Other conduct which could reasonably be considered inappropriate in a professional setting
+
+## Enforcement Responsibilities
+
+Community leaders are responsible for clarifying and enforcing our standards of acceptable behavior and will take appropriate and fair corrective action in response to any behavior that they deem inappropriate, threatening, offensive, or harmful.
+
+Community leaders have the right and responsibility to remove, edit, or reject comments, commits, code, wiki edits, issues, and other contributions that are not aligned to this Code of Conduct, and will communicate reasons for moderation decisions when appropriate.
+
+## Scope
+
+This Code of Conduct applies within all community spaces, and also applies when an individual is officially representing the community in public spaces. Examples of representing our community include using an official e-mail address, posting via an official social media account, or acting as an appointed representative at an online or offline event.
+
+## Enforcement
+
+Instances of abusive, harassing, or otherwise unacceptable behavior may be reported by opening a [GitHub issue](https://github.com/karol-broda/snitch/issues) or contacting the maintainer directly. All complaints will be reviewed and investigated promptly and fairly.
+
+All community leaders are obligated to respect the privacy and security of the reporter of any incident.
+
+## Enforcement Guidelines
+
+Community leaders will follow these Community Impact Guidelines in determining the consequences for any action they deem in violation of this Code of Conduct:
+
+### 1. Correction
+
+**Community Impact**: Use of inappropriate language or other behavior deemed unprofessional or unwelcome in the community.
+
+**Consequence**: A private, written warning from community leaders, providing clarity around the nature of the violation and an explanation of why the behavior was inappropriate. A public apology may be requested.
+
+### 2. Warning
+
+**Community Impact**: A violation through a single incident or series of actions.
+
+**Consequence**: A warning with consequences for continued behavior. No interaction with the people involved, including unsolicited interaction with those enforcing the Code of Conduct, for a specified period of time. This includes avoiding interactions in community spaces as well as external channels like social media. Violating these terms may lead to a temporary or permanent ban.
+
+### 3. Temporary Ban
+
+**Community Impact**: A serious violation of community standards, including sustained inappropriate behavior.
+
+**Consequence**: A temporary ban from any sort of interaction or public communication with the community for a specified period of time. No public or private interaction with the people involved, including unsolicited interaction with those enforcing the Code of Conduct, is allowed during this period. Violating these terms may lead to a permanent ban.
+
+### 4. Permanent Ban
+
+**Community Impact**: Demonstrating a pattern of violation of community standards, including sustained inappropriate behavior, harassment of an individual, or aggression toward or disparagement of classes of individuals.
+
+**Consequence**: A permanent ban from any sort of public interaction within the community.
+
+## Attribution
+
+This Code of Conduct is adapted from the [Contributor Covenant][homepage], version 2.1, available at [https://www.contributor-covenant.org/version/2/1/code_of_conduct.html][v2.1].
+
+Community Impact Guidelines were inspired by [Mozilla's code of conduct enforcement ladder][Mozilla CoC].
+
+For answers to common questions about this code of conduct, see the FAQ at [https://www.contributor-covenant.org/faq][FAQ]. Translations are available at [https://www.contributor-covenant.org/translations][translations].
+
+[homepage]: https://www.contributor-covenant.org
+[v2.1]: https://www.contributor-covenant.org/version/2/1/code_of_conduct.html
+[Mozilla CoC]: https://github.com/mozilla/diversity
+[FAQ]: https://www.contributor-covenant.org/faq
+[translations]: https://www.contributor-covenant.org/translations
+

CONTRIBUTING.md

@@ -0,0 +1,170 @@
+# Contributing to snitch
+
+thanks for your interest in contributing to snitch! this document outlines how to get started.
+
+## development setup
+
+### prerequisites
+
+- go 1.21 or later
+- make (optional, but recommended)
+- linux or macos
+
+### building from source
+
+```bash
+git clone https://github.com/karol-broda/snitch.git
+cd snitch
+
+# build
+make build
+# or
+go build -o snitch .
+
+# run
+./snitch
+```
+
+### running tests
+
+```bash
+make test
+# or
+go test ./...
+```
+
+### linting
+
+```bash
+make lint
+# requires golangci-lint
+```
+
+## making changes
+
+### branch naming
+
+use descriptive branch names following the [conventional branch naming](https://conventional-branch.github.io/) pattern:
+
+- `fix/description` for bug fixes
+- `feat/description` for new features
+- `docs/description` for documentation changes
+- `refactor/description` for refactoring
+- `chore/description` for maintenance tasks
+
+### code style
+
+- follow existing code patterns and conventions
+- avoid deep nesting; refactor for readability
+- use explicit checks rather than implicit boolean coercion
+- keep functions focused on a single responsibility
+- write meaningful variable names
+- add comments only when they clarify non-obvious behavior
+
+### commits
+
+this project follows [conventional commits](https://www.conventionalcommits.org/). format:
+
+```
+<type>[optional scope]: <description>
+
+[optional body]
+
+[optional footer(s)]
+```
+
+types: `fix`, `feat`, `docs`, `style`, `refactor`, `perf`, `test`, `chore`
+
+examples:
+- `fix: resolve crash on empty input`
+- `feat(tui): add vim-style navigation`
+- `docs: update installation instructions`
+- `fix!: change default config path` (breaking change)
+
+## ai-assisted contributions
+
+ai tools (copilot, chatgpt, claude, cursor, etc.) are welcome, but i require transparency.
+
+### disclosure requirements
+
+**you must disclose ai involvement** in your pull request. add one of the following to your PR description:
+
+- `ai: none` — no ai assistance used
+- `ai: assisted` — ai helped with portions (specify what)
+- `ai: generated` — significant portions were ai-generated
+
+for commits with substantial ai involvement, use a git trailer:
+
+```
+feat: add new filtering option
+
+Co-authored-by: AI Assistant <ai@example.com>
+```
+
+### your responsibilities
+
+- **you own the code** — you are accountable for all submitted code, regardless of how it was produced
+- **you must understand it** — don't submit code you can't explain or debug
+- **you must test it** — verify the code works as intended before submitting
+- **you must review it** — check for correctness, security issues, and code style compliance
+
+### what i check
+
+ai-generated code often has patterns i look for:
+- overly verbose or generic variable names
+- unnecessary abstractions or over-engineering
+- hallucinated apis or non-existent functions
+- inconsistent style with the rest of the codebase
+
+i may ask clarifying questions or request changes if code appears to be unreviewed ai output.
+
+### why i require disclosure
+
+- maintains trust and transparency in the project
+- helps reviewers understand context and potential issues
+- ensures contributors remain engaged with their submissions
+- respects the collaborative nature of open source
+
+## submitting changes
+
+1. fork the repository
+2. create a feature branch from `master`
+3. make your changes
+4. run tests: `make test`
+5. run linter: `make lint`
+6. push to your fork
+7. open a pull request
+
+### pull request guidelines
+
+- fill out the PR template
+- link any related issues
+- keep PRs focused on a single change
+- respond to review feedback promptly
+
+## reporting bugs
+
+use the [bug report template](https://github.com/karol-broda/snitch/issues/new?template=bug_report.yml) and include:
+
+- snitch version (`snitch version`)
+- operating system and version
+- steps to reproduce
+- expected vs actual behavior
+
+## requesting features
+
+use the [feature request template](https://github.com/karol-broda/snitch/issues/new?template=feature_request.yml) and describe:
+
+- the problem you're trying to solve
+- your proposed solution
+- any alternatives you've considered
+
+## getting help
+
+- open a [discussion](https://github.com/karol-broda/snitch/discussions) for questions
+- check existing [issues](https://github.com/karol-broda/snitch/issues) before opening new ones
+
+## license
+
+by contributing, you agree that your contributions will be licensed under the project's MIT license.
+

SECURITY.md

@@ -0,0 +1,56 @@
+# Security Policy
+
+## Supported Versions
+
+| Version | Supported          |
+| ------- | ------------------ |
+| latest  | :white_check_mark: |
+| < latest| :x:                |
+
+i recommend always using the latest version of snitch.
+
+## Reporting a Vulnerability
+
+if you discover a security vulnerability, please report it responsibly:
+
+1. **do not** open a public issue for security vulnerabilities
+2. email the maintainer directly or use github's [private vulnerability reporting](https://github.com/karol-broda/snitch/security/advisories/new)
+3. include as much detail as possible:
+   - description of the vulnerability
+   - steps to reproduce
+   - potential impact
+   - suggested fix (if any)
+
+## What to Expect
+
+- acknowledgment of your report within 48 hours
+- regular updates on the progress of addressing the issue
+- credit in the release notes (unless you prefer to remain anonymous)
+
+## Security Considerations
+
+snitch reads network socket information from the operating system:
+
+- **linux**: reads from `/proc/net/*` which requires appropriate permissions
+- **macos**: uses system APIs that may require elevated privileges
+
+snitch does not:
+- make network connections (except for `snitch upgrade` which fetches from github)
+- write to system files
+- collect or transmit any data
+
+## Scope
+
+the following are considered in-scope for security reports:
+
+- vulnerabilities in snitch code
+- insecure defaults or configurations
+- privilege escalation issues
+- information disclosure beyond intended functionality
+
+out of scope:
+
+- social engineering attacks
+- issues in dependencies (report to the upstream project)
+- issues requiring physical access to the machine
+