jedarden
|
97fecb7b4b
|
docs(contributing): add Argo-CI caveat, DCO sign-off, and contributor templates
- Restructured CONTRIBUTING.md with all nine required sections:
- Project licensing (MIT OR Apache-2.0, DCO sign-off required)
- Code of conduct (Contributor Covenant v2.1)
- Security reporting (link to SECURITY.md)
- Development setup (with OCR dependencies)
- Local validation checklist (6 commands matching pdftract-ci)
- CI on forks caveat (maintainer-triggered, 48-hour response)
- PR template requirements
- Commit message style (Conventional Commits)
- Issue triage
- Created CODE_OF_CONDUCT.md (Contributor Covenant v2.1)
- Created .github/PULL_REQUEST_TEMPLATE.md with required fields:
- Linked issue or RFC
- Scope statement (Phase / Acceptance Scenario)
- Test plan
- Manual-test evidence
- Performance impact
- Created issue templates:
- bug_report.md (with pdftract doctor output requirement)
- feature_request.md (with use case and proposed solution)
- performance_regression.md (with baseline vs current)
- Updated README.md with Contributing section linking to CONTRIBUTING.md
- Added footer links to CONTRIBUTING.md in all templates
Closes: pdftract-i9rk
Verification: notes/pdftract-i9rk.md
Signed-off-by: jedarden <github@jedarden.com>
|
2026-05-24 06:00:48 -04:00 |
|
jedarden
|
bb5346b305
|
docs(pdftract-58kz): add security policy documentation
Add comprehensive SECURITY.md covering:
- Supported versions policy
- Private vulnerability reporting (email + GitHub)
- 90-day disclosure window with timelines
- CVE assignment via GitHub Security Advisories
- In-scope and out-of-scope vulnerability classes
- Safe harbor policy for good-faith researchers
Add security issue template redirecting users to private reporting.
Add Security section to CONTRIBUTING.md and README.md with links to SECURITY.md.
Add docs/security/pgp-public-key.asc placeholder with generation instructions.
References: bead pdftract-58kz, plan line 3433
Co-Authored-By: Claude Opus 4.7 <noreply@anthropic.com>
|
2026-05-20 19:39:24 -04:00 |
|