From 2313aa0a450cbd39762dae39cfcfa1e5fe6dc320 Mon Sep 17 00:00:00 2001 From: Fabio Kapsahili Date: Thu, 19 Oct 2023 17:57:20 +0200 Subject: [PATCH] refs https://github.com/fyra-technologies/api-client/issues/1 | add basic version off essential community health files --- CODE_OF_CONDUCT.md | 128 +++++++++++++++++++++++++ GOVERNANCE.md | 92 ++++++++++++++++++ ISSUE_TEMPLATE/bug_report.yml | 39 ++++++++ ISSUE_TEMPLATE/documentation_issue.yml | 10 ++ ISSUE_TEMPLATE/feature_request.yml | 10 ++ SECURITY.md | 33 +++++++ 6 files changed, 312 insertions(+) create mode 100644 CODE_OF_CONDUCT.md create mode 100644 GOVERNANCE.md create mode 100644 ISSUE_TEMPLATE/bug_report.yml create mode 100644 ISSUE_TEMPLATE/documentation_issue.yml create mode 100644 ISSUE_TEMPLATE/feature_request.yml create mode 100644 SECURITY.md diff --git a/CODE_OF_CONDUCT.md b/CODE_OF_CONDUCT.md new file mode 100644 index 0000000..d67e88c --- /dev/null +++ b/CODE_OF_CONDUCT.md @@ -0,0 +1,128 @@ +# Contributor Covenant Code of Conduct + +## Our Pledge + +We as members, contributors, and leaders pledge to make participation in our +community a harassment-free experience for everyone, regardless of age, body +size, visible or invisible disability, ethnicity, sex characteristics, gender +identity and expression, level of experience, education, socio-economic status, +nationality, personal appearance, race, religion, or sexual identity +and orientation. + +We pledge to act and interact in ways that contribute to an open, welcoming, +diverse, inclusive, and healthy community. + +## Our Standards + +Examples of behavior that contributes to a positive environment for our +community include: + +- Demonstrating empathy and kindness toward other people +- Being respectful of differing opinions, viewpoints, and experiences +- Giving and gracefully accepting constructive feedback +- Accepting responsibility and apologizing to those affected by our mistakes, + and learning from the experience +- Focusing on what is best not just for us as individuals, but for the + overall community + +Examples of unacceptable behavior include: + +- The use of sexualized language or imagery, and sexual attention or + advances of any kind +- Trolling, insulting or derogatory comments, and personal or political attacks +- Public or private harassment +- Publishing others' private information, such as a physical or email + address, without their explicit permission +- Other conduct which could reasonably be considered inappropriate in a + professional setting + +## Enforcement Responsibilities + +Community leaders are responsible for clarifying and enforcing our standards of +acceptable behavior and will take appropriate and fair corrective action in +response to any behavior that they deem inappropriate, threatening, offensive, +or harmful. + +Community leaders have the right and responsibility to remove, edit, or reject +comments, commits, code, wiki edits, issues, and other contributions that are +not aligned to this Code of Conduct, and will communicate reasons for moderation +decisions when appropriate. + +## Scope + +This Code of Conduct applies within all community spaces, and also applies when +an individual is officially representing the community in public spaces. +Examples of representing our community include using an official e-mail address, +posting via an official social media account, or acting as an appointed +representative at an online or offline event. + +## Enforcement + +Instances of abusive, harassing, or otherwise unacceptable behavior may be +reported to the community leaders responsible for enforcement at +opensource@fyra.so. +All complaints will be reviewed and investigated promptly and fairly. + +All community leaders are obligated to respect the privacy and security of the +reporter of any incident. + +## Enforcement Guidelines + +Community leaders will follow these Community Impact Guidelines in determining +the consequences for any action they deem in violation of this Code of Conduct: + +### 1. Correction + +**Community Impact**: Use of inappropriate language or other behavior deemed +unprofessional or unwelcome in the community. + +**Consequence**: A private, written warning from community leaders, providing +clarity around the nature of the violation and an explanation of why the +behavior was inappropriate. A public apology may be requested. + +### 2. Warning + +**Community Impact**: A violation through a single incident or series +of actions. + +**Consequence**: A warning with consequences for continued behavior. No +interaction with the people involved, including unsolicited interaction with +those enforcing the Code of Conduct, for a specified period of time. This +includes avoiding interactions in community spaces as well as external channels +like social media. Violating these terms may lead to a temporary or +permanent ban. + +### 3. Temporary Ban + +**Community Impact**: A serious violation of community standards, including +sustained inappropriate behavior. + +**Consequence**: A temporary ban from any sort of interaction or public +communication with the community for a specified period of time. No public or +private interaction with the people involved, including unsolicited interaction +with those enforcing the Code of Conduct, is allowed during this period. +Violating these terms may lead to a permanent ban. + +### 4. Permanent Ban + +**Community Impact**: Demonstrating a pattern of violation of community +standards, including sustained inappropriate behavior, harassment of an +individual, or aggression toward or disparagement of classes of individuals. + +**Consequence**: A permanent ban from any sort of public interaction within +the community. + +## Attribution + +This Code of Conduct is adapted from the [Contributor Covenant][homepage], +version 2.0, available at +https://www.contributor-covenant.org/version/2/0/code_of_conduct.html. + +Community Impact Guidelines were inspired by [Mozilla's code of conduct +enforcement ladder](https://github.com/mozilla/diversity). + +[homepage]: https://www.contributor-covenant.org + +For answers to common questions about this code of conduct, see the FAQ at +https://www.contributor-covenant.org/faq. Translations are available at +https://www.contributor-covenant.org/translations. diff --git a/GOVERNANCE.md b/GOVERNANCE.md new file mode 100644 index 0000000..f5ab968 --- /dev/null +++ b/GOVERNANCE.md @@ -0,0 +1,92 @@ +# Governance + +This document outlines the governance model for our platform. It covers roles, nomination processes, and Code of Conduct enforcement. + +**Everyone must follow our [Code of Conduct (CoC)](CODE_OF_CONDUCT.md).** Violation consequences are in [Moderation](#moderation). + +## Get Involved + +Every contribution supports our community. We value all forms of involvement, from code changes to Discord activity or even blogging about our platform. + +## Contributor Levels + +We have different **Contributor Levels**. Each comes with privileges and responsibilities: + +### Level 1 - Contributor + +Recognized for any significant contribution. + +#### Privileges + +- `@contributor` role on Discord + +#### Responsibilities + +- Maintain a positive community presence + +### Level 2 - Maintainer + +Actively involved in long-term platform maintenance and growth. + +#### Privileges + +- `@maintainer` role on Discord +- Moderation privileges on Discord +- Invitation to the `fyra` organization on GitHub +- Ability to review and merge certain GitHub PRs + +#### Responsibilities + +- Maintain a healthy community +- Triage issues, review, and merge pull requests + +### Level 3 - Core + +Have a major impact on the platform and its community. + +#### Privileges + +- All privileges of the Maintainer role, plus... +- `@core` role on Discord +- Invitation to the `core` team on GitHub +- Decision-making privileges on platform initiatives + +#### Responsibilities + +- Ensure the long-term health of the platform +- Act as role models to other contributors + +### Level 4 - Project Steward + +Holds an administrative role, ensuring the platform's overall health. + +#### Privileges + +- Publish access to Fyra's npm packages +- Define project direction and planning +- Ability to initiate votes and make moderation decisions + +#### Responsibilities + +- Define platform direction and planning +- Resolve conflicts and ensure the platform's best interests + +## Retiring a Role (Alumni) + +Any contributor can retire their role and become an **Alumni**, recognizing past significant involvement. + +#### Privileges + +- `@alumni` role on Discord + +## Voting + +Some decisions require a vote. The project Steward can initiate votes for various decisions. A majority (50%+) is typically required for a proposal to pass. + +## Moderation + +Any Code of Conduct violations will be reviewed by the project stewards. Outcomes can range from no action to permanent bans. + +--- + +_Inspired by other open-source projects._ diff --git a/ISSUE_TEMPLATE/bug_report.yml b/ISSUE_TEMPLATE/bug_report.yml new file mode 100644 index 0000000..f2151e3 --- /dev/null +++ b/ISSUE_TEMPLATE/bug_report.yml @@ -0,0 +1,39 @@ +name: 🐛 Bug Report +description: Report a reproducible bug or regression +labels: ["bug"] +body: + - type: markdown + attributes: + value: | + Please provide all the information requested. Issues that do not follow this format are likely to stall. + - type: textarea + id: description + attributes: + label: Description + validations: + required: true + - type: input + id: version + attributes: + label: Version + description: What version does this appear on? + validations: + required: true + - type: textarea + id: reproduction + attributes: + label: Steps to reproduce + description: Provide a detailed list of steps that reproduce the issue. + validations: + required: true + - type: textarea + id: extra + attributes: + label: Snack, code example, screenshot, or link to a repository + description: | + Please provide a Snack, a link to a repository on GitHub, or provide a minimal code example that reproduces the problem. + You may provide a screenshot of the application if you think it is relevant to your bug report. + Here are some tips for providing a minimal example: https://stackoverflow.com/help/mcve + Please note that a reproducer is mandatory. Issues without reproducer are more likely to stall and will be closed. + validations: + required: true diff --git a/ISSUE_TEMPLATE/documentation_issue.yml b/ISSUE_TEMPLATE/documentation_issue.yml new file mode 100644 index 0000000..610ab3d --- /dev/null +++ b/ISSUE_TEMPLATE/documentation_issue.yml @@ -0,0 +1,10 @@ +name: 📖 Documentation issue +description: Report an issue with a Fyra OSS project's documentation +labels: ["documentation"] +body: + - type: textarea + id: description + attributes: + label: Description + validations: + required: true diff --git a/ISSUE_TEMPLATE/feature_request.yml b/ISSUE_TEMPLATE/feature_request.yml new file mode 100644 index 0000000..1bc0bba --- /dev/null +++ b/ISSUE_TEMPLATE/feature_request.yml @@ -0,0 +1,10 @@ +name: 🆕 Feature Request +description: (OSS project name) feature request +labels: ["enhancement"] +body: + - type: textarea + id: description + attributes: + label: Description + validations: + required: true diff --git a/SECURITY.md b/SECURITY.md new file mode 100644 index 0000000..843f4a4 --- /dev/null +++ b/SECURITY.md @@ -0,0 +1,33 @@ +## Fyra's Security Policy + +Fyra takes the security of our software products and services seriously, which includes all source code repositories managed through our GitHub organization. + +If you believe you have found a security vulnerability in any Fyra-owned repository that meets [Microsoft's definition of a security vulnerability](https://aka.ms/security.md/definition), please report it to us as described below. + +## Reporting Security Issues + +**Please do not report security vulnerabilities through public GitHub issues.** + +Instead, please report them via email to [secure@fyra.so](mailto:secure@fyra.so). + +You should receive a response within 48 hours. If for some reason you do not, please follow up via email to ensure we received your original message. + +Please include the requested information listed below (as much as you can provide) to help us better understand the nature and scope of the possible issue: + +- Type of issue (e.g. buffer overflow, SQL injection, cross-site scripting, etc.) +- Full paths of source file(s) related to the manifestation of the issue +- The location of the affected source code (tag/branch/commit or direct URL) +- Any special configuration required to reproduce the issue +- Step-by-step instructions to reproduce the issue +- Proof-of-concept or exploit code (if possible) +- Impact of the issue, including how an attacker might exploit the issue + +This information will help us triage your report more quickly. + +## Preferred Languages + +We prefer all communications to be in English. + +## Policy + +Fyra follows Microsoft's principle of [Coordinated Vulnerability Disclosure](https://aka.ms/security.md/cvd).