-
Notifications
You must be signed in to change notification settings - Fork 0
Commit
This commit does not belong to any branch on this repository, and may belong to a fork outside of the repository.
Add CONTRIBUTING.md and SECURITY.md templates
- Loading branch information
1 parent
aa6aa64
commit f16a55e
Showing
2 changed files
with
96 additions
and
0 deletions.
There are no files selected for viewing
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| Original file line number | Diff line number | Diff line change |
|---|---|---|
| @@ -0,0 +1,42 @@ | ||
| # Contributing to Our Project | ||
|
|
||
| Thank you for your interest in contributing! We're excited to have you join our community. Everyone | ||
| is welcome to contribute, whether you're fixing bugs, adding features, or improving documentation. | ||
| Here's how you can get started: | ||
|
|
||
| ### Start with a Fork | ||
|
|
||
| Feel free to fork this repository if you want to make substantial changes. This lets you tweak the | ||
| project as much as you like in your own version while still allowing you to contribute back to the | ||
| main project. | ||
|
|
||
| ### Making Contributions | ||
|
|
||
| 1. **Agree to Our Contributor License Agreement (CLA):** Before your contributions can be accepted, | ||
| please sign our [CLA][CLA]. This ensures there are no legal hitches with your submissions. | ||
|
|
||
| 2. **Make Your Changes:** Work on your forked version of the repository and make your changes. Try | ||
| to keep your updates clear and stick to the project's existing style as much as you can. | ||
|
|
||
| 3. **Submit a Pull Request:** Once you're ready, send us a pull request. Describe what you've done | ||
| and how it affects the project. We're eager to see your ideas! | ||
|
|
||
| ### What Happens Next? | ||
|
|
||
| We'll review your pull request as soon as we can. We appreciate every contribution, but sometimes | ||
| changes might not align perfectly with our project's direction. We'll discuss potential adjustments | ||
| with you, so your hard work can still be part of the project. | ||
|
|
||
| ## Keep Your Fork Updated | ||
|
|
||
| Even if your changes don't make it into the project, keep your fork active! Your unique tweaks could | ||
| inspire others, and you might find ways to integrate your changes over time. | ||
|
|
||
| ## Got Questions or Suggestions? | ||
|
|
||
| If you have questions or suggestions, please open an issue in the repository. We're always looking | ||
| to improve and love hearing from the community. | ||
|
|
||
| Thank you for helping us make this project better. We can't wait to see what you bring to the table! | ||
|
|
||
| [CLA]: https://forms.gle/J5iqyH4hrHQQDfUCA |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| Original file line number | Diff line number | Diff line change |
|---|---|---|
| @@ -0,0 +1,54 @@ | ||
| # Security Policy | ||
|
|
||
| ## Supported Versions | ||
|
|
||
| Use this section to let people know which versions of your project are currently being supported | ||
| with security updates. | ||
|
|
||
| | Version | Supported | | ||
| |---------|--------------------| | ||
| | 1.2.x | :white_check_mark: | | ||
| | 1.1.x | :white_check_mark: | | ||
| | 1.0.x | :x: | | ||
| | < 1.0 | :x: | | ||
|
|
||
| ## Reporting a Vulnerability | ||
|
|
||
| Your contributions to the security of our project are greatly appreciated. If you've discovered a | ||
| security vulnerability within the project, we encourage you to report it as soon as possible. Please | ||
| follow these guidelines to communicate the issue responsibly. | ||
|
|
||
| ### How to Report a Security Vulnerability? | ||
|
|
||
| If you believe you have found a security vulnerability, please send us an email | ||
| at [[email protected]](mailto:[email protected]). Provide a clear description of the issue, | ||
| including how it can be reproduced, and, if possible, a code snippet or an executable test case | ||
| demonstrating the vulnerability. | ||
|
|
||
| ### What to Expect | ||
|
|
||
| After submitting a vulnerability report, you should receive an acknowledgment of your report within | ||
| 48 hours. Following this, the team will: | ||
|
|
||
| - Review your report and determine whether the vulnerability can be confirmed. | ||
| - Assign a severity level to the vulnerability according to its impact and urgency. | ||
| - Notify you of the progress towards a fix and full announcement. | ||
| - Work to remediate the issue through mutual agreement, ensuring that a fix is confirmed and an | ||
| update is prepared and deployed. | ||
|
|
||
| ### Public Disclosure Timing | ||
|
|
||
| Please keep your vulnerability report confidential until we have completed the fix and rollout | ||
| process. The timeline for public disclosure depends on the severity of the issue and may involve | ||
| coordinating with stakeholders and industry partners. | ||
|
|
||
| We strive to resolve all security issues in a timely and transparent manner. Collaboration and | ||
| communication during the vulnerability disclosure process are vital. We appreciate your help in | ||
| keeping our project safe and secure for everyone. | ||
|
|
||
| ## More Information | ||
|
|
||
| For more information on how to contribute or other ways to get involved with the project, check out | ||
| our [CONTRIBUTING.md](./CONTRIBUTING.md). | ||
|
|
||
| Thank you for supporting our project and helping us ensure the security and reliability of our code! |