Feat multiple dnn

.github/CODEOWNERS

@@ -0,0 +1,4 @@
+# SPDX-FileCopyrightText: 2025 Intel Corporation
+# SPDX-License-Identifier: Apache-2.0
+
+* @omec-project/5gc-maintainers

.github/dependabot.yml

@@ -19,3 +19,15 @@ updates:
       day: "sunday"
       time: "21:00"
       timezone: "America/Los_Angeles"
+
+  - package-ecosystem: github-actions
+    directory: /
+    schedule:
+      interval: "weekly"
+      day: "sunday"
+      time: "21:00"
+      timezone: "America/Los_Angeles"
+    groups:
+      actions-deps:
+        patterns:
+          - "*"

.github/workflows/main.yml

@@ -1,5 +1,7 @@
 # SPDX-License-Identifier: Apache-2.0
 # Copyright 2024 Intel Corporation
+name: CI Pipeline
+
 on:
   pull_request:
     branches:
@@ -8,43 +10,110 @@ on:
     branches:
       - main
 
+permissions:
+  contents: read
+
 jobs:
   build:
-    uses: omec-project/.github/.github/workflows/build.yml@main
+    permissions:
+      contents: read
+      actions: read
+      security-events: write
+      id-token: write
+      attestations: write
+    uses: omec-project/.github/.github/workflows/build.yml@76c248f1621bfe102956c558ea8cecfe5df143bf # v0.0.3
     with:
       branch_name: ${{ github.ref }}
 
   docker-build:
-    uses: omec-project/.github/.github/workflows/docker-build.yml@main
+    permissions:
+      contents: read
+      packages: write
+      id-token: write
+      attestations: write
+    uses: omec-project/.github/.github/workflows/docker-build.yml@76c248f1621bfe102956c558ea8cecfe5df143bf # v0.0.3
     with:
       branch_name: ${{ github.ref }}
 
   static-analysis:
-    uses: omec-project/.github/.github/workflows/static-analysis.yml@main
+    permissions:
+      contents: read
+      security-events: write
+      actions: read
+      id-token: write
+      attestations: write
+    uses: omec-project/.github/.github/workflows/static-analysis.yml@76c248f1621bfe102956c558ea8cecfe5df143bf # v0.0.3
     with:
       branch_name: ${{ github.ref }}
 
   lint:
-    uses: omec-project/.github/.github/workflows/lint.yml@main
+    permissions:
+      contents: read
+      checks: write
+      id-token: write
+      attestations: write
+    uses: omec-project/.github/.github/workflows/lint.yml@76c248f1621bfe102956c558ea8cecfe5df143bf # v0.0.3
     with:
       branch_name: ${{ github.ref }}
 
   hadolint:
-    uses: omec-project/.github/.github/workflows/hadolint.yml@main
+    permissions:
+      contents: read
+      security-events: write
+      id-token: write
+      attestations: write
+    uses: omec-project/.github/.github/workflows/hadolint.yml@76c248f1621bfe102956c558ea8cecfe5df143bf # v0.0.3
     with:
       branch_name: ${{ github.ref }}
 
   license-check:
-    uses: omec-project/.github/.github/workflows/license-check.yml@main
+    permissions:
+      contents: read
+      id-token: write
+      attestations: write
+    uses: omec-project/.github/.github/workflows/license-check.yml@76c248f1621bfe102956c558ea8cecfe5df143bf # v0.0.3
     with:
       branch_name: ${{ github.ref }}
 
   fossa-scan:
-    uses: omec-project/.github/.github/workflows/fossa-scan.yml@main
+    permissions:
+      contents: read
+      security-events: write
+      id-token: write
+      attestations: write
+    uses: omec-project/.github/.github/workflows/fossa-scan.yml@76c248f1621bfe102956c558ea8cecfe5df143bf # v0.0.3
     with:
       branch_name: ${{ github.ref }}
 
   unit-tests:
-    uses: omec-project/.github/.github/workflows/unit-test.yml@main
+    permissions:
+      contents: read
+      checks: write
+      id-token: write
+      attestations: write
+    uses: omec-project/.github/.github/workflows/unit-test.yml@76c248f1621bfe102956c558ea8cecfe5df143bf # v0.0.3
+    with:
+      branch_name: ${{ github.ref }}
+
+  analysis:
+    if: github.repository_owner == 'omec-project'
+    permissions:
+      actions: read
+      artifact-metadata: read
+      attestations: read
+      checks: read
+      contents: read
+      deployments: read
+      discussions: read
+      id-token: write
+      issues: read
+      models: read
+      packages: read
+      pages: read
+      pull-requests: read
+      repository-projects: read
+      security-events: write
+      statuses: read
+    uses: omec-project/.github/.github/workflows/scorecard-analysis.yml@76c248f1621bfe102956c558ea8cecfe5df143bf # v0.0.3
     with:
       branch_name: ${{ github.ref }}

.github/workflows/push.yml

@@ -1,36 +1,60 @@
 # SPDX-License-Identifier: Apache-2.0
 # Copyright 2024 Intel Corporation
+name: Release Pipeline
+
 on:
   push:
     branches:
       - main
     paths:
       - "VERSION"
 
+permissions:
+  contents: read
+
 jobs:
   tag-github:
-    uses: omec-project/.github/.github/workflows/tag-github.yml@main
+    permissions:
+      contents: write
+      actions: read
+      id-token: write
+    uses: omec-project/.github/.github/workflows/tag-github.yml@76c248f1621bfe102956c558ea8cecfe5df143bf # v0.0.3
     secrets: inherit
 
   release-image:
     needs: tag-github
-    uses: omec-project/.github/.github/workflows/release-image.yml@main
+    permissions:
+      contents: read
+      packages: write
+      actions: read
+      id-token: write
+      attestations: write
+    uses: omec-project/.github/.github/workflows/release-image.yml@76c248f1621bfe102956c558ea8cecfe5df143bf # v0.0.3
     with:
       changed: ${{ needs.tag-github.outputs.changed }}
       version: ${{ needs.tag-github.outputs.version }}
     secrets: inherit
 
   update-version:
     needs: tag-github
-    uses: omec-project/.github/.github/workflows/update-version.yml@main
+    permissions:
+      contents: write
+      pull-requests: write
+      actions: read
+      id-token: write
+    uses: omec-project/.github/.github/workflows/update-version.yml@76c248f1621bfe102956c558ea8cecfe5df143bf # v0.0.3
     with:
       changed: ${{ needs.tag-github.outputs.changed }}
       version: ${{ needs.tag-github.outputs.version }}
     secrets: inherit
 
   branch-release:
     needs: tag-github
-    uses: omec-project/.github/.github/workflows/branch-release.yml@main
+    permissions:
+      contents: write
+      actions: read
+      id-token: write
+    uses: omec-project/.github/.github/workflows/branch-release.yml@76c248f1621bfe102956c558ea8cecfe5df143bf # v0.0.3
     with:
       release_branch: ${{ needs.tag-github.outputs.release_branch }}
       version_branch: ${{ needs.tag-github.outputs.version_branch }}

.github/workflows/stale.yml

@@ -4,9 +4,19 @@ on:
   schedule:
     - cron: "0 0 * * *"
 
+permissions:
+  issues: write
+  pull-requests: write
+  contents: read
+
 jobs:
   stale:
-    uses: omec-project/.github/.github/workflows/stale-issue.yml@main
+    permissions:
+      issues: write
+      pull-requests: write
+      contents: read
+      actions: read
+    uses: omec-project/.github/.github/workflows/stale-issue.yml@76c248f1621bfe102956c558ea8cecfe5df143bf # v0.0.3
     with:
       days_before_stale: 120
       days_before_close: 15

.pre-commit-config.yaml

@@ -0,0 +1,17 @@
+# SPDX-FileCopyrightText: 2025 Intel Corporation
+# SPDX-License-Identifier: Apache-2.0
+
+repos:
+- repo: https://github.com/gitleaks/gitleaks
+  rev: v8.29.0
+  hooks:
+  - id: gitleaks
+- repo: https://github.com/golangci/golangci-lint
+  rev: v2.6.1
+  hooks:
+  - id: golangci-lint
+- repo: https://github.com/pre-commit/pre-commit-hooks
+  rev: v6.0.0
+  hooks:
+  - id: end-of-file-fixer
+  - id: trailing-whitespace

Dockerfile

@@ -4,7 +4,7 @@
 # SPDX-License-Identifier: Apache-2.0
 #
 
-FROM golang:1.24.5-bookworm AS builder
+FROM golang:1.25.5-bookworm@sha256:2c7c65601b020ee79db4c1a32ebee0bf3d6b298969ec683e24fcbea29305f10e AS builder
 
 RUN apt-get update && \
     apt-get -y install --no-install-recommends \
@@ -15,7 +15,7 @@ WORKDIR $GOPATH/src/simapp
 COPY . .
 RUN make all
 
-FROM alpine:3.22 AS simapp
+FROM alpine:3.23@sha256:865b95f46d98cf867a156fe4a135ad3fe50d2056aa3f25ed31662dff6da4eb62 AS simapp
 
 LABEL maintainer="Aether SD-Core <[email protected]>" \
     description="Aether open source 5G Core Network" \

README.md

@@ -3,6 +3,7 @@ Copyright 2021-present Open Networking Foundation
 SPDX-License-Identifier: Apache-2.0
 -->
 [![Go Report Card](https://goreportcard.com/badge/github.com/omec-project/simapp)](https://goreportcard.com/report/github.com/omec-project/simapp)
+[![OpenSSF Scorecard](https://api.scorecard.dev/projects/github.com/omec-project/simapp/badge)](https://scorecard.dev/viewer/?uri=github.com/omec-project/simapp)
 
 # Simapp
 ## Sim subscription app for Aether
@@ -22,7 +23,7 @@ slices as well
 - In case ROC is running in the deployment then network slices can be configured
 from ROC
 
-## Reach out to us thorugh
+## Reach out to us through
 1. #sdcore-dev channel in [ONF Community Slack](https://onf-community.slack.com/)
 2. Extensive SD-Core documentation can be found at [SD-Core Documentation](https://docs.sd-core.opennetworking.org/main/index.html)
 3. Raise Github issues

docs/SECURITY.md

@@ -0,0 +1,41 @@
+<!--
+SPDX-FileCopyrightText: 2025 Intel Corporation
+SPDX-License-Identifier: Apache-2.0
+-->
+# Security Policy
+
+## Supported Versions
+
+We release patches for security vulnerabilities in the following versions:
+
+| Version | Supported          |
+| ------- | ------------------ |
+| 1.x.x   | :white_check_mark: |
+
+## Reporting a Vulnerability
+
+If you discover a security vulnerability, please:
+
+1. **DO NOT** create a public GitHub issue
+2. Email us at: [email protected]
+3. Include detailed information about the vulnerability
+4. Allow us reasonable time to address the issue before public disclosure
+
+### What to Include
+
+- Description of the vulnerability
+- Steps to reproduce the issue
+- Potential impact assessment
+- Any proof-of-concept code (if applicable)
+
+## Security Best Practices
+
+When using this project:
+- Keep dependencies up to date
+- Use the latest supported version
+- Follow secure coding practices
+- Regularly audit your implementation
+
+## Contact
+
+Please see [here](https://github.com/omec-project/simapp/?tab=readme-ov-file#reach-out-to-us-through)

go.mod

@@ -4,24 +4,24 @@ go 1.24.0
 
 require (
 	github.com/fsnotify/fsnotify v1.9.0
-	github.com/spf13/viper v1.20.1
-	github.com/urfave/cli/v3 v3.3.8
-	go.uber.org/zap v1.27.0
-	golang.org/x/net v0.42.0
-	gopkg.in/yaml.v2 v2.4.0
+	github.com/spf13/viper v1.21.0
+	github.com/urfave/cli/v3 v3.6.1
+	go.uber.org/zap v1.27.1
+	go.yaml.in/yaml/v4 v4.0.0-rc.3
+	golang.org/x/net v0.48.0
 )
 
 require (
-	github.com/go-viper/mapstructure/v2 v2.3.0 // indirect
+	github.com/go-viper/mapstructure/v2 v2.4.0 // indirect
 	github.com/pelletier/go-toml/v2 v2.2.4 // indirect
-	github.com/sagikazarmark/locafero v0.9.0 // indirect
-	github.com/sourcegraph/conc v0.3.0 // indirect
-	github.com/spf13/afero v1.14.0 // indirect
-	github.com/spf13/cast v1.9.2 // indirect
-	github.com/spf13/pflag v1.0.6 // indirect
+	github.com/sagikazarmark/locafero v0.11.0 // indirect
+	github.com/sourcegraph/conc v0.3.1-0.20240121214520-5f936abd7ae8 // indirect
+	github.com/spf13/afero v1.15.0 // indirect
+	github.com/spf13/cast v1.10.0 // indirect
+	github.com/spf13/pflag v1.0.10 // indirect
 	github.com/subosito/gotenv v1.6.0 // indirect
 	go.uber.org/multierr v1.11.0 // indirect
-	golang.org/x/sys v0.34.0 // indirect
-	golang.org/x/text v0.27.0 // indirect
-	gopkg.in/yaml.v3 v3.0.1 // indirect
+	go.yaml.in/yaml/v3 v3.0.4 // indirect
+	golang.org/x/sys v0.39.0 // indirect
+	golang.org/x/text v0.32.0 // indirect
 )