Merge pull request #47 from didx-xyz/Kentoseth-patch-1

Kentoseth · web-flow · commit 031de72c81ed · 2021-07-15T22:24:37.000+02:00
Adding Contribution guidelines and Security policy
diff --git a/CONTRIBUTING.md b/CONTRIBUTING.md
@@ -0,0 +1,11 @@
+## How to contribute
+
+You are encouraged to contribute to the repository by **forking the repo, making your changes and then submitting a pull request back to this repo**.
+
+For significant changes, please open an issue first to discuss the proposed changes to avoid re-work.
+
+(If you are new to GitHub, you might start with a [basic tutorial](https://help.github.com/articles/set-up-git), how to [fork a repo](https://docs.github.com/en/get-started/quickstart/fork-a-repo) and check out a more detailed guide to [pull requests](https://help.github.com/articles/using-pull-requests/).)
+
+Pull requests will be evaluated by the respective repo maintainers on a schedule and if deemed beneficial, will be committed to the `main` branch. Pull requests should have a descriptive name, include a summary of all changes made in the pull request description and include unit tests that provide good coverage of the feature or fix. A Continuous Integration (CI) pipeline is executed on all PRs before review and contributors are expected to address all CI issues identified. Where appropriate, PRs that impact the end-user and developer demos in the repo should include updates or extensions to those demos to cover the new capabilities.
+
+All contributors retain the original copyright to their stuff, but by contributing to this project, you grant a world-wide, royalty-free, perpetual, irrevocable, non-exclusive, transferable license to all users **under the terms of the [license](./LICENSE) under which this project is distributed.**
diff --git a/SECURITY.md b/SECURITY.md
@@ -0,0 +1,19 @@
+# Yoma Security Policy
+
+## Reporting a Security Bug
+
+If you think you have discovered a security issue in any of the Yoma projects, we'd love to
+hear from you. We will take all security bugs seriously and if confirmed upon investigation we will
+patch it within a reasonable amount of time and release a public security announcement discussing the
+bug and credit the discoverer.
+
+Security bugs can be reported via email. The process is as follows:
+
+(email) Subject: Security Issue: [repo-name] - [Type of bug]
+
+(email) Content: Description of the bug + how to reproduce the bug
+
+Email Yoma at: [tech at yoma dot world](mailto:tech@yoma.world).
+
+*Note. It is not necessary to include the type of bug if you are not sure how to classify it.*
+*A detailed description will be adequate.*
