Added contributing and security policies (#142)

GrahamCampbell · web-flow · commit eb833c949d11 · 2019-06-28T11:30:47.000+01:00
diff --git a/.github/CODE_OF_CONDUCT.md b/.github/CODE_OF_CONDUCT.md
@@ -0,0 +1,76 @@
+# CONTRIBUTOR COVENANT CODE OF CONDUCT
+
+## Our Pledge
+
+In the interest of fostering an open and welcoming environment, we as
+contributors and maintainers pledge to making participation in our project and
+our community a harassment-free experience for everyone, regardless of age, body
+size, disability, ethnicity, sex characteristics, gender identity and expression,
+level of experience, education, socio-economic status, nationality, personal
+appearance, race, religion, or sexual identity and orientation.
+
+## Our Standards
+
+Examples of behavior that contributes to creating a positive environment
+include:
+
+* Using welcoming and inclusive language
+* Being respectful of differing viewpoints and experiences
+* Gracefully accepting constructive criticism
+* Focusing on what is best for the community
+* Showing empathy towards other community members
+
+Examples of unacceptable behavior by participants include:
+
+* The use of sexualized language or imagery and unwelcome sexual attention or
+ advances
+* Trolling, insulting/derogatory comments, and personal or political attacks
+* Public or private harassment
+* Publishing others' private information, such as a physical or electronic
+ address, without explicit permission
+* Other conduct which could reasonably be considered inappropriate in a
+ professional setting
+
+## Our Responsibilities
+
+Project maintainers are responsible for clarifying the standards of acceptable
+behavior and are expected to take appropriate and fair corrective action in
+response to any instances of unacceptable behavior.
+
+Project maintainers have the right and responsibility to remove, edit, or
+reject comments, commits, code, wiki edits, issues, and other contributions
+that are not aligned to this Code of Conduct, or to ban temporarily or
+permanently any contributor for other behaviors that they deem inappropriate,
+threatening, offensive, or harmful.
+
+## Scope
+
+This Code of Conduct applies both within project spaces and in public spaces
+when an individual is representing the project or its community. Examples of
+representing a project or community include using an official project e-mail
+address, posting via an official social media account, or acting as an appointed
+representative at an online or offline event. Representation of a project may be
+further defined and clarified by project maintainers.
+
+## Enforcement
+
+Instances of abusive, harassing, or otherwise unacceptable behavior may be
+reported by contacting the project team at graham@alt-three.com. All
+complaints will be reviewed and investigated and will result in a response that
+is deemed necessary and appropriate to the circumstances. The project team is
+obligated to maintain confidentiality with regard to the reporter of an incident.
+Further details of specific enforcement policies may be posted separately.
+
+Project maintainers who do not follow or enforce the Code of Conduct in good
+faith may face temporary or permanent repercussions as determined by other
+members of the project's leadership.
+
+## Attribution
+
+This Code of Conduct is adapted from the [Contributor Covenant][homepage], version 1.4,
+available at https://www.contributor-covenant.org/version/1/4/code-of-conduct.html
+
+[homepage]: https://www.contributor-covenant.org
+
+For answers to common questions about this code of conduct, see
+https://www.contributor-covenant.org/faq
diff --git a/.github/CONTRIBUTING.md b/.github/CONTRIBUTING.md
@@ -0,0 +1,31 @@
+# CONTRIBUTION GUIDELINES
+
+Contributions are **welcome** and will be fully **credited**.
+
+We accept contributions via pull requests on Github. Please review these guidelines before continuing.
+
+## Guidelines
+
+* Please follow the [PSR-2 Coding Style Guide](https://www.php-fig.org/psr/psr-2/), enforced by [StyleCI](https://styleci.io/).
+* Ensure that the current tests pass, and if you've added something new, add the tests where relevant.
+* Send a coherent commit history, making sure each individual commit in your pull request is meaningful.
+* You may need to [rebase](https://git-scm.com/book/en/v2/Git-Branching-Rebasing) to avoid merge conflicts.
+* If you are changing or adding to the behaviour or public api, you may need to update the docs.
+* Please remember that we follow [SemVer](https://semver.org/).
+
+## Running Tests
+
+First, install the dependencies using [Composer](https://getcomposer.org/):
+
+```bash
+$ composer install
+```
+
+Then run [PHPUnit](https://phpunit.de/):
+
+```bash
+$ vendor/bin/phpunit
+```
+
+* The tests will be automatically run by [Travis CI](https://travis-ci.org/) against pull requests.
+* We also have [StyleCI](https://styleci.io/) setup to automatically fix any code style issues.
diff --git a/.github/SECURITY.md b/.github/SECURITY.md
@@ -0,0 +1,21 @@
+# SECURITY POLICY
+
+## Supported Versions
+
+After each new major (minor) release, the previous release will be supported
+for no less than 12 (6) months, unless explictly otherwise. This may mean that
+there are multiple supported versions at any given time.
+
+## Reporting a Vulnerability
+
+If you discover a security vulnerability within this package, please send an
+email to one the security contacts. All security vulnerabilities will be
+promptly addressed. Please do not disclose security-related issues publicly
+until a fix has been announced.
+
+### Security Contacts
+
+* Graham Campbell (graham@alt-three.com)
+* Julien Didier (genzo.wm@gmail.com)
+* Grégoire Pineau (lyrixx@lyrixx.info)
+* Alexandre Salomé (alexandre.salome@gmail.com)
diff --git a/composer.json b/composer.json
@@ -4,14 +4,20 @@
     "license": "MIT",
     "authors": [
         {
-            "name": "Alexandre Salomé",
-            "email": "alexandre.salome@gmail.com",
-            "homepage": "http://alexandre-salome.fr"
+            "name": "Graham Campbell",
+            "email": "graham@alt-three.com"
+        },
+        {
+            "name": "Julien Didier",
+            "email": "genzo.wm@gmail.com"
         },
         {
-            "name": "Julien DIDIER",
-            "email": "genzo.wm@gmail.com",
-            "homepage": "http://www.jdidier.net"
+            "name": "Grégoire Pineau",
+            "email": "lyrixx@lyrixx.info"
+        },
+        {
+            "name": "Alexandre Salomé",
+            "email": "alexandre.salome@gmail.com"
         }
     ],
     "homepage": "http://gitonomy.com",
