Skip to content

chore(docs): add SECURITY.md and textlint setup for development consistency #15

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom
Merged
merged 2 commits into from
Oct 13, 2024
Merged

chore(docs): add SECURITY.md and textlint setup for development consistency #15

merged 2 commits into from
Oct 13, 2024

Conversation

virgofx
Copy link
Member

@virgofx virgofx commented Oct 12, 2024
edited
Loading

  • Added SECURITY.md to establish security guidelines for the Terraform Module Releaser, including reporting instructions and best practices such as reviewing CodeQL results, pinning to the latest major version, and setting least privilege permissions. This resolves issue Add a SECURITY.md file #11.
  • Added textlint and related dev dependencies to enable local testing of textlint rules that are enforced in CI.
  • Created a textlint script in package.json to facilitate easier local linting and ensure consistency with CI checks.

Fixes #11

@virgofx virgofx added the documentation Improvements or additions to documentation label Oct 12, 2024
@virgofx virgofx self-assigned this Oct 12, 2024
@virgofx
docs: add SECURITY.md to outline security practices and best practices
4c1316b 
- Added a SECURITY.md file to establish security guidelines and best practices for the Terraform Module Releaser GitHub Action.
- Included reporting guidelines for non-confidential and confidential vulnerabilities.
- Recommended best practices like reviewing CodeQL results, pinning to the latest major version (e.g., v1), and using least privilege permissions.
- Added resources for further security documentation.

Resolves issue #11
@virgofx
chore: add textlint dev dependencies and package.json script for loca…
280c883 
…l testing

- Added textlint and related development dependencies to facilitate local testing of textlint rules.
- Created a `textlint` script in package.json to allow developers to run textlint checks locally before pushing changes.
- Helps ensure consistency with textlint rules that are enforced in CI.
@virgofx virgofx force-pushed the 11-add-a-securitymd-file branch from 7dcdb6f to 280c883 Compare October 13, 2024 03:45
@github-actions GitHub Actions
Copy link

Release Plan

No terraform modules updated in this pull request.

✅ Wiki Check

Note: The following Terraform modules no longer exist in source; howevever corresponding tags/releases exist. Automation tag/release deletion is disabled and no subsequent action will take place.

  • v1.0.2
  • v1.0.1
  • v1.0.0
  • v1

@virgofx virgofx changed the title docs: add SECURITY.md to outline security practices and best practices chore(docs): add SECURITY.md and textlint setup for development consistency Oct 13, 2024
@virgofx virgofx merged commit fc2a409 into main Oct 13, 2024
21 checks passed
@virgofx virgofx deleted the 11-add-a-securitymd-file branch October 13, 2024 03:48
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers
No reviews
Assignees

@virgofx virgofx

Labels
documentation Improvements or additions to documentation
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.

Add a SECURITY.md file
1 participant
@virgofx