Compare commits
17 Commits
dipree/org
...
master
Author | SHA1 | Date | |
---|---|---|---|
|
95e9dcb0b8 | ||
|
fdd808d654 | ||
|
6691a0f704 | ||
|
0a9881173c | ||
|
0a9f7832a3 | ||
|
45190ead2a | ||
|
3ba05a7a8e | ||
|
1a2a884ebf | ||
|
efa4a30c25 | ||
|
6c51705ae4 | ||
|
0b9abf27f2 | ||
|
ade2246a24 | ||
|
5540da0237 | ||
|
c91f25fc4e | ||
|
876085dde5 | ||
|
abd807e291 | ||
|
fd1446b693 |
@ -18,7 +18,7 @@ Please note that this project is released with a Contributor Code of Conduct. By
|
|||||||
|
|
||||||
Here are a few things you can do that will increase the likelihood of your pull request being accepted:
|
Here are a few things you can do that will increase the likelihood of your pull request being accepted:
|
||||||
|
|
||||||
- Follow standards for style and code quality
|
- Follow standards for style and code quality.
|
||||||
- Write tests.
|
- Write tests.
|
||||||
- Keep your change as focused as possible. If there are multiple changes you would like to make that are not dependent upon each other, consider submitting them as separate pull requests.
|
- Keep your change as focused as possible. If there are multiple changes you would like to make that are not dependent upon each other, consider submitting them as separate pull requests.
|
||||||
- Write a [good commit message](http://tbaggery.com/2008/04/19/a-note-about-git-commit-messages.html).
|
- Write a [good commit message](http://tbaggery.com/2008/04/19/a-note-about-git-commit-messages.html).
|
||||||
|
@ -1,5 +1,5 @@
|
|||||||
# .github
|
# .github
|
||||||
|
|
||||||
*Community health files for the @GitHub organization*
|
*Community health files for the [@GitHub](https://github.com/github) organization*
|
||||||
|
|
||||||
For more information, please see the article on [creating a default community health file for your organization](https://help.github.com/en/articles/creating-a-default-community-health-file-for-your-organization).
|
For more information, please see the article on [creating a default community health file for your organization](https://help.github.com/en/articles/creating-a-default-community-health-file-for-your-organization).
|
||||||
|
32
SECURITY.md
32
SECURITY.md
@ -1,7 +1,31 @@
|
|||||||
# GitHub Security Policy
|
Thanks for helping make GitHub safe for everyone.
|
||||||
|
|
||||||
GitHub's [Bug Bounty program](https://bounty.github.com) rewards researchers for discovering security vulnerabilities in a number of repositories. The full list of projects that are eligible for rewards are [available on our Bug Bounty site](https://bounty.github.com/#scope).
|
## Security
|
||||||
|
|
||||||
If the repository is eligible for rewards, you can submit a report via [HackerOne](https://hackerone.com/github). You can find more useful information in our [rules](https://bounty.github.com/#rules) and [FAQ](https://bounty.github.com/#faqs).
|
GitHub takes the security of our software products and services seriously, including all of the open source code repositories managed through our GitHub organizations, such as [GitHub](https://github.com/GitHub).
|
||||||
|
|
||||||
For repositories not covered by the Bug Bounty program, please open an issue.
|
Even though [open source repositories are outside of the scope of our bug bounty program](https://bounty.github.com/index.html#scope) and therefore not eligible for bounty rewards, we will ensure that your finding gets passed along to the appropriate maintainers for remediation.
|
||||||
|
|
||||||
|
## Reporting Security Issues
|
||||||
|
|
||||||
|
If you believe you have found a security vulnerability in any GitHub-owned repository, please report it to us through coordinated disclosure.
|
||||||
|
|
||||||
|
**Please do not report security vulnerabilities through public GitHub issues, discussions, or pull requests.**
|
||||||
|
|
||||||
|
Instead, please send an email to opensource-security[@]github.com.
|
||||||
|
|
||||||
|
Please include as much of the information listed below as you can to help us better understand and resolve the issue:
|
||||||
|
|
||||||
|
* The type of issue (e.g., buffer overflow, SQL injection, or cross-site scripting)
|
||||||
|
* Full paths of source file(s) related to the manifestation of the issue
|
||||||
|
* The location of the affected source code (tag/branch/commit or direct URL)
|
||||||
|
* Any special configuration required to reproduce the issue
|
||||||
|
* Step-by-step instructions to reproduce the issue
|
||||||
|
* Proof-of-concept or exploit code (if possible)
|
||||||
|
* Impact of the issue, including how an attacker might exploit the issue
|
||||||
|
|
||||||
|
This information will help us triage your report more quickly.
|
||||||
|
|
||||||
|
## Policy
|
||||||
|
|
||||||
|
See [GitHub's Safe Harbor Policy](https://docs.github.com/en/site-policy/security-policies/github-bug-bounty-program-legal-safe-harbor)
|
||||||
|
70
config/repolinter-ruleset.json
Normal file
70
config/repolinter-ruleset.json
Normal file
@ -0,0 +1,70 @@
|
|||||||
|
{
|
||||||
|
"$schema": "https://raw.githubusercontent.com/prototypicalpro/repolinter/master/rulesets/schema.json",
|
||||||
|
"version": 2,
|
||||||
|
"axioms": {},
|
||||||
|
"rules": {
|
||||||
|
"license-file-is-MIT": {
|
||||||
|
"level": "warning",
|
||||||
|
"rule": {
|
||||||
|
"type": "file-contents",
|
||||||
|
"options": {
|
||||||
|
"globsAll": ["LICENSE*", "COPYING*"],
|
||||||
|
"nocase": true,
|
||||||
|
"fail-on-non-existant": true,
|
||||||
|
"content": "MIT License"
|
||||||
|
}
|
||||||
|
},
|
||||||
|
"fix": {
|
||||||
|
"type": "file-create",
|
||||||
|
"options": {
|
||||||
|
"file": "LICENSE",
|
||||||
|
"replace": true,
|
||||||
|
"text": { "url": "https://opensource.org/licenses/MIT" }
|
||||||
|
}
|
||||||
|
},
|
||||||
|
"policyInfo": "MIT License is required for code or legal approval for an alternative",
|
||||||
|
"policyUrl": "https://github.com/github/open-source/blob/main/policies/release.md"
|
||||||
|
},
|
||||||
|
"readme-file-exists": {
|
||||||
|
"level": "warning",
|
||||||
|
"rule": {
|
||||||
|
"type": "file-existence",
|
||||||
|
"options": {
|
||||||
|
"globsAny": ["README*"],
|
||||||
|
"nocase": true
|
||||||
|
}
|
||||||
|
},
|
||||||
|
"fix": {
|
||||||
|
"type": "file-create",
|
||||||
|
"options": {
|
||||||
|
"file": "README.md",
|
||||||
|
"text": { "url": "https://raw.githubusercontent.com/newrelic/open-source-tools/master/nerdpacks/oss-template/README.md" }
|
||||||
|
}
|
||||||
|
},
|
||||||
|
"policyInfo": "GitHub requires a README file in all projects. This README should give a general overview of the project, and should point to additional resources (security, contributing, etc.) where developers and users can learn further",
|
||||||
|
"policyUrl": "https://github.com/github/open-source/blob/main/policies/release.md"
|
||||||
|
},
|
||||||
|
"codeowners-file-exists": {
|
||||||
|
"level": "warning",
|
||||||
|
"rule": {
|
||||||
|
"type": "file-existence",
|
||||||
|
"options": {
|
||||||
|
"globsAny": ["CODEOWNERS*", "*/CODEOWNERS*", ".github/CODEOWNERS*"],
|
||||||
|
"nocase": true
|
||||||
|
}
|
||||||
|
},
|
||||||
|
"fix": {
|
||||||
|
"type": "file-create",
|
||||||
|
"options": {
|
||||||
|
"file": "CODEOWNERS",
|
||||||
|
"text": { "url": "https://docs.github.com/en/repositories/managing-your-repositorys-settings-and-features/customizing-your-repository/about-code-owners" }
|
||||||
|
}
|
||||||
|
},
|
||||||
|
"policyInfo": "GitHub requires a CODEOWNERS file in all projects. This enables GitHub to contact the maintainers in the event it is necessary.",
|
||||||
|
"policyUrl": "https://github.com/github/open-source/blob/main/policies/release.md"
|
||||||
|
},
|
||||||
|
},
|
||||||
|
"formatOptions": {
|
||||||
|
"disclaimer": "🤖*This issue was automatically generated by [repolinter-action](https://github.com/newrelic/repolinter-action), developed by the Open Source and Developer Advocacy team at New Relic.*"
|
||||||
|
}
|
||||||
|
}
|
@ -12,7 +12,7 @@ The open source community is the 💗 heart of GitHub and fundamental to how we
|
|||||||
- Open source projects on GitHub received a stunning **218 million** contributions 🚀 in the last year alone
|
- Open source projects on GitHub received a stunning **218 million** contributions 🚀 in the last year alone
|
||||||
- **Every minute** a developer creates a new release 🏄 for a public project on GitHub
|
- **Every minute** a developer creates a new release 🏄 for a public project on GitHub
|
||||||
|
|
||||||
Now that we are talking about the important things ☝️, are you contributing to open source? Yes? Okay, you rock! 🪨 If not, we can help you get started! Open source software is made by people just like you. Learn more about [how to contribute](https://opensource.guide/).
|
Now that we are talking about the important things ☝️, are you contributing to open source? Yes? Okay, you rock! 🎸 If not, we can help you get started! Open source software is made by people just like you. Learn more about [how to contribute](https://opensource.guide/).
|
||||||
|
|
||||||
### 🦦 Contributing to the ecosystem
|
### 🦦 Contributing to the ecosystem
|
||||||
|
|
||||||
@ -30,7 +30,7 @@ See what's next on our [public roadmap](https://github.com/github/roadmap) ✨ a
|
|||||||
<summary>"Tell me more, I can't get enough!"</summary>
|
<summary>"Tell me more, I can't get enough!"</summary>
|
||||||
<br>
|
<br>
|
||||||
<ul>
|
<ul>
|
||||||
<li>GitHub is built using mighty 🔨 open source technologies like <a href="https://github.com/rails">Ruby on Rails</a>, <a href="https://github.com/golang">Go</a>, <a href="https://github.com/primer/">Primer</a>, <a href="https://github.com/reactjs">React</a> and <a href="https://github.com/apache/kafka">Kafka</a> among others.</li>
|
<li>GitHub is built using mighty 🔨 open source technologies like <a href="https://github.com/rails">Ruby on Rails</a>, <a href="https://github.com/golang">Go</a>, <a href="https://github.com/primer">Primer</a>, <a href="https://github.com/reactjs">React</a> and <a href="https://github.com/apache/kafka">Kafka</a> among others.</li>
|
||||||
<li>The three open source projects GitHub members have most contributed 👩💻 to are:
|
<li>The three open source projects GitHub members have most contributed 👩💻 to are:
|
||||||
<ul>
|
<ul>
|
||||||
<li><a href="https://github.com/microsoft/vscode">Visual Studio Code</a></li>
|
<li><a href="https://github.com/microsoft/vscode">Visual Studio Code</a></li>
|
||||||
|
Loading…
Reference in New Issue
Block a user