Compare commits

..

17 Commits

Author SHA1 Message Date
Zack Koppert
95e9dcb0b8
Merge pull request #116 from ghost/master 2022-10-28 08:42:48 -07:00
Zack Koppert
fdd808d654
Merge pull request #122 from nihaals/fix-trailing-slash 2022-10-28 08:39:22 -07:00
Zack Koppert
6691a0f704
Merge pull request #196 from cicdguy/patch-1
Add period to list item
2022-10-27 20:23:16 -07:00
Dinakar
0a9881173c
Add period to list item 2022-07-16 08:41:28 -05:00
Ashley Wolf
0a9f7832a3
Merge pull request #180 from xn4p4lm/patch-1
Updating the link for the Safe Harbor Policy
2022-05-25 19:01:27 -07:00
Ashley Wolf
45190ead2a
Merge pull request #181 from zkoppert/patch-2
Allow CODEOWNERS file detection to see into the .github directory
2022-05-02 11:19:58 -07:00
Zack Koppert
3ba05a7a8e
* was not matching directories beginning with . 2022-05-02 11:06:31 -07:00
Diana Moore
1a2a884ebf
Updating the link for the Safe Harbor Policy
The old link is broken, this is updating the link to the current Safe Harbor Policy
2022-04-19 14:50:32 -04:00
Ashley Wolf
efa4a30c25
Merging rules for repolinter 2022-03-10 16:29:01 -08:00
Zack Koppert
6c51705ae4
Create repolinter-ruleset.json 2022-03-10 16:26:52 -08:00
Ashley Wolf
0b9abf27f2
Updating security email address
To reduce spam
2022-03-10 10:36:20 -08:00
Ashley Wolf
ade2246a24
update security.md
Updating security.md file
2022-01-06 09:35:18 -08:00
Ashley Wolf
5540da0237
Updating security.md file 2022-01-05 11:44:17 -08:00
Nihaal Sangha
c91f25fc4e
Fix inconsistent trailing slash 2021-10-17 21:13:26 +01:00
Fayas Noushad
876085dde5
Added hyperlink on @GitHub 2021-09-28 12:50:11 +05:30
Matthias Wenz
abd807e291
Guitars rock more than rocks! 2021-09-17 11:03:35 -07:00
Daniel Adams
fd1446b693
Add org README (#105) 2021-09-14 17:21:01 +02:00
5 changed files with 102 additions and 8 deletions

View File

@ -18,7 +18,7 @@ Please note that this project is released with a Contributor Code of Conduct. By
Here are a few things you can do that will increase the likelihood of your pull request being accepted: Here are a few things you can do that will increase the likelihood of your pull request being accepted:
- Follow standards for style and code quality - Follow standards for style and code quality.
- Write tests. - Write tests.
- Keep your change as focused as possible. If there are multiple changes you would like to make that are not dependent upon each other, consider submitting them as separate pull requests. - Keep your change as focused as possible. If there are multiple changes you would like to make that are not dependent upon each other, consider submitting them as separate pull requests.
- Write a [good commit message](http://tbaggery.com/2008/04/19/a-note-about-git-commit-messages.html). - Write a [good commit message](http://tbaggery.com/2008/04/19/a-note-about-git-commit-messages.html).

View File

@ -1,5 +1,5 @@
# .github # .github
*Community health files for the @GitHub organization* *Community health files for the [@GitHub](https://github.com/github) organization*
For more information, please see the article on [creating a default community health file for your organization](https://help.github.com/en/articles/creating-a-default-community-health-file-for-your-organization). For more information, please see the article on [creating a default community health file for your organization](https://help.github.com/en/articles/creating-a-default-community-health-file-for-your-organization).

View File

@ -1,7 +1,31 @@
# GitHub Security Policy Thanks for helping make GitHub safe for everyone.
GitHub's [Bug Bounty program](https://bounty.github.com) rewards researchers for discovering security vulnerabilities in a number of repositories. The full list of projects that are eligible for rewards are [available on our Bug Bounty site](https://bounty.github.com/#scope). ## Security
If the repository is eligible for rewards, you can submit a report via [HackerOne](https://hackerone.com/github). You can find more useful information in our [rules](https://bounty.github.com/#rules) and [FAQ](https://bounty.github.com/#faqs). GitHub takes the security of our software products and services seriously, including all of the open source code repositories managed through our GitHub organizations, such as [GitHub](https://github.com/GitHub).
For repositories not covered by the Bug Bounty program, please open an issue. Even though [open source repositories are outside of the scope of our bug bounty program](https://bounty.github.com/index.html#scope) and therefore not eligible for bounty rewards, we will ensure that your finding gets passed along to the appropriate maintainers for remediation.
## Reporting Security Issues
If you believe you have found a security vulnerability in any GitHub-owned repository, please report it to us through coordinated disclosure.
**Please do not report security vulnerabilities through public GitHub issues, discussions, or pull requests.**
Instead, please send an email to opensource-security[@]github.com.
Please include as much of the information listed below as you can to help us better understand and resolve the issue:
* The type of issue (e.g., buffer overflow, SQL injection, or cross-site scripting)
* Full paths of source file(s) related to the manifestation of the issue
* The location of the affected source code (tag/branch/commit or direct URL)
* Any special configuration required to reproduce the issue
* Step-by-step instructions to reproduce the issue
* Proof-of-concept or exploit code (if possible)
* Impact of the issue, including how an attacker might exploit the issue
This information will help us triage your report more quickly.
## Policy
See [GitHub's Safe Harbor Policy](https://docs.github.com/en/site-policy/security-policies/github-bug-bounty-program-legal-safe-harbor)

View File

@ -0,0 +1,70 @@
{
"$schema": "https://raw.githubusercontent.com/prototypicalpro/repolinter/master/rulesets/schema.json",
"version": 2,
"axioms": {},
"rules": {
"license-file-is-MIT": {
"level": "warning",
"rule": {
"type": "file-contents",
"options": {
"globsAll": ["LICENSE*", "COPYING*"],
"nocase": true,
"fail-on-non-existant": true,
"content": "MIT License"
}
},
"fix": {
"type": "file-create",
"options": {
"file": "LICENSE",
"replace": true,
"text": { "url": "https://opensource.org/licenses/MIT" }
}
},
"policyInfo": "MIT License is required for code or legal approval for an alternative",
"policyUrl": "https://github.com/github/open-source/blob/main/policies/release.md"
},
"readme-file-exists": {
"level": "warning",
"rule": {
"type": "file-existence",
"options": {
"globsAny": ["README*"],
"nocase": true
}
},
"fix": {
"type": "file-create",
"options": {
"file": "README.md",
"text": { "url": "https://raw.githubusercontent.com/newrelic/open-source-tools/master/nerdpacks/oss-template/README.md" }
}
},
"policyInfo": "GitHub requires a README file in all projects. This README should give a general overview of the project, and should point to additional resources (security, contributing, etc.) where developers and users can learn further",
"policyUrl": "https://github.com/github/open-source/blob/main/policies/release.md"
},
"codeowners-file-exists": {
"level": "warning",
"rule": {
"type": "file-existence",
"options": {
"globsAny": ["CODEOWNERS*", "*/CODEOWNERS*", ".github/CODEOWNERS*"],
"nocase": true
}
},
"fix": {
"type": "file-create",
"options": {
"file": "CODEOWNERS",
"text": { "url": "https://docs.github.com/en/repositories/managing-your-repositorys-settings-and-features/customizing-your-repository/about-code-owners" }
}
},
"policyInfo": "GitHub requires a CODEOWNERS file in all projects. This enables GitHub to contact the maintainers in the event it is necessary.",
"policyUrl": "https://github.com/github/open-source/blob/main/policies/release.md"
},
},
"formatOptions": {
"disclaimer": "🤖*This issue was automatically generated by [repolinter-action](https://github.com/newrelic/repolinter-action), developed by the Open Source and Developer Advocacy team at New Relic.*"
}
}

View File

@ -12,7 +12,7 @@ The open source community is the 💗 heart of GitHub and fundamental to how we
- Open source projects on GitHub received a stunning **218 million** contributions 🚀 in the last year alone - Open source projects on GitHub received a stunning **218 million** contributions 🚀 in the last year alone
- **Every minute** a developer creates a new release 🏄 for a public project on GitHub - **Every minute** a developer creates a new release 🏄 for a public project on GitHub
Now that we are talking about the important things ☝️, are you contributing to open source? Yes? Okay, you rock! 🪨 If not, we can help you get started! Open source software is made by people just like you. Learn more about [how to contribute](https://opensource.guide/). Now that we are talking about the important things ☝️, are you contributing to open source? Yes? Okay, you rock! 🎸 If not, we can help you get started! Open source software is made by people just like you. Learn more about [how to contribute](https://opensource.guide/).
### 🦦 Contributing to the ecosystem ### 🦦 Contributing to the ecosystem
@ -30,7 +30,7 @@ See what's next on our [public roadmap](https://github.com/github/roadmap) ✨ a
<summary>"Tell me more, I can't get enough!"</summary> <summary>"Tell me more, I can't get enough!"</summary>
<br> <br>
<ul> <ul>
<li>GitHub is built using mighty 🔨 open source technologies like <a href="https://github.com/rails">Ruby on Rails</a>, <a href="https://github.com/golang">Go</a>, <a href="https://github.com/primer/">Primer</a>, <a href="https://github.com/reactjs">React</a> and <a href="https://github.com/apache/kafka">Kafka</a> among others.</li> <li>GitHub is built using mighty 🔨 open source technologies like <a href="https://github.com/rails">Ruby on Rails</a>, <a href="https://github.com/golang">Go</a>, <a href="https://github.com/primer">Primer</a>, <a href="https://github.com/reactjs">React</a> and <a href="https://github.com/apache/kafka">Kafka</a> among others.</li>
<li>The three open source projects GitHub members have most contributed 👩‍💻 to are: <li>The three open source projects GitHub members have most contributed 👩‍💻 to are:
<ul> <ul>
<li><a href="https://github.com/microsoft/vscode">Visual Studio Code</a></li> <li><a href="https://github.com/microsoft/vscode">Visual Studio Code</a></li>