Add GitHub security and governance files
Security improvements: - CODEOWNERS: Define code review requirements - SECURITY.md: Link to security policy in .github/ for GitHub Security tab - Pull request template: Enforce PR checklist and guidelines - Issue templates: Bug reports and feature requests with structured forms - Issue config: Disable blank issues, add helpful links These files protect the repository by: - Requiring code review from @mellow-fox for all changes - Enforcing security-sensitive file approval (auth, database, Docker) - Providing clear contribution guidelines - Preventing low-quality or spam issues - Guiding contributors with structured templates Co-Authored-By: Claude Sonnet 4.5 <noreply@anthropic.com>
This commit is contained in:
parent
a7cd81fe81
commit
ca42323934
6 changed files with 302 additions and 0 deletions
22
.github/CODEOWNERS
vendored
Normal file
22
.github/CODEOWNERS
vendored
Normal file
|
|
@ -0,0 +1,22 @@
|
|||
# Code Owners for TidyQuest
|
||||
# These owners will be automatically requested for review when someone opens a pull request
|
||||
|
||||
# Global owner (all files)
|
||||
* @mellow-fox
|
||||
|
||||
# Security-sensitive files (require explicit approval)
|
||||
/SECURITY.md @mellow-fox
|
||||
/.github/ @mellow-fox
|
||||
/docker-compose.yml @mellow-fox
|
||||
/Dockerfile @mellow-fox
|
||||
/.env.example @mellow-fox
|
||||
|
||||
# Server code (backend)
|
||||
/server/ @mellow-fox
|
||||
|
||||
# Database schema changes
|
||||
/server/src/database.ts @mellow-fox
|
||||
|
||||
# Authentication and security
|
||||
/server/src/middleware/auth.ts @mellow-fox
|
||||
/server/src/routes/auth.ts @mellow-fox
|
||||
115
.github/ISSUE_TEMPLATE/bug_report.yml
vendored
Normal file
115
.github/ISSUE_TEMPLATE/bug_report.yml
vendored
Normal file
|
|
@ -0,0 +1,115 @@
|
|||
name: 🐛 Bug Report
|
||||
description: Report a bug or unexpected behavior
|
||||
title: "[Bug]: "
|
||||
labels: ["bug"]
|
||||
body:
|
||||
- type: markdown
|
||||
attributes:
|
||||
value: |
|
||||
Thanks for taking the time to report a bug! Please fill out the form below.
|
||||
|
||||
- type: textarea
|
||||
id: description
|
||||
attributes:
|
||||
label: Description
|
||||
description: A clear and concise description of the bug
|
||||
placeholder: What happened?
|
||||
validations:
|
||||
required: true
|
||||
|
||||
- type: textarea
|
||||
id: steps
|
||||
attributes:
|
||||
label: Steps to Reproduce
|
||||
description: Steps to reproduce the behavior
|
||||
placeholder: |
|
||||
1. Go to '...'
|
||||
2. Click on '...'
|
||||
3. Scroll down to '...'
|
||||
4. See error
|
||||
validations:
|
||||
required: true
|
||||
|
||||
- type: textarea
|
||||
id: expected
|
||||
attributes:
|
||||
label: Expected Behavior
|
||||
description: What did you expect to happen?
|
||||
validations:
|
||||
required: true
|
||||
|
||||
- type: textarea
|
||||
id: actual
|
||||
attributes:
|
||||
label: Actual Behavior
|
||||
description: What actually happened?
|
||||
validations:
|
||||
required: true
|
||||
|
||||
- type: dropdown
|
||||
id: version
|
||||
attributes:
|
||||
label: TidyQuest Version
|
||||
description: Which version are you running?
|
||||
options:
|
||||
- v0.1.0
|
||||
- main (latest)
|
||||
- Other (please specify in additional context)
|
||||
validations:
|
||||
required: true
|
||||
|
||||
- type: dropdown
|
||||
id: deployment
|
||||
attributes:
|
||||
label: Deployment Method
|
||||
options:
|
||||
- Docker Compose
|
||||
- Docker (manual)
|
||||
- Other
|
||||
validations:
|
||||
required: true
|
||||
|
||||
- type: textarea
|
||||
id: environment
|
||||
attributes:
|
||||
label: Environment
|
||||
description: |
|
||||
Provide details about your environment:
|
||||
- OS (Linux, macOS, Windows)
|
||||
- Docker version
|
||||
- Browser (if frontend issue)
|
||||
placeholder: |
|
||||
- OS: Ubuntu 22.04
|
||||
- Docker: 24.0.5
|
||||
- Browser: Chrome 120
|
||||
validations:
|
||||
required: false
|
||||
|
||||
- type: textarea
|
||||
id: logs
|
||||
attributes:
|
||||
label: Logs
|
||||
description: Paste relevant logs (if any)
|
||||
render: shell
|
||||
validations:
|
||||
required: false
|
||||
|
||||
- type: textarea
|
||||
id: additional
|
||||
attributes:
|
||||
label: Additional Context
|
||||
description: Any other context about the problem
|
||||
validations:
|
||||
required: false
|
||||
|
||||
- type: checkboxes
|
||||
id: terms
|
||||
attributes:
|
||||
label: Checklist
|
||||
options:
|
||||
- label: I have searched existing issues to avoid duplicates
|
||||
required: true
|
||||
- label: I have reviewed the SECURITY.md file
|
||||
required: false
|
||||
- label: This is not a security vulnerability (if it is, please email instead)
|
||||
required: true
|
||||
11
.github/ISSUE_TEMPLATE/config.yml
vendored
Normal file
11
.github/ISSUE_TEMPLATE/config.yml
vendored
Normal file
|
|
@ -0,0 +1,11 @@
|
|||
blank_issues_enabled: false
|
||||
contact_links:
|
||||
- name: 💬 GitHub Discussions
|
||||
url: https://github.com/mellow-fox/TidyQuest/discussions
|
||||
about: Ask questions and discuss ideas with the community
|
||||
- name: 🔒 Security Vulnerability
|
||||
url: https://github.com/mellow-fox/TidyQuest/security
|
||||
about: Report security vulnerabilities privately (DO NOT open a public issue)
|
||||
- name: 📖 Documentation
|
||||
url: https://github.com/mellow-fox/TidyQuest/blob/main/README.md
|
||||
about: Read the full documentation
|
||||
84
.github/ISSUE_TEMPLATE/feature_request.yml
vendored
Normal file
84
.github/ISSUE_TEMPLATE/feature_request.yml
vendored
Normal file
|
|
@ -0,0 +1,84 @@
|
|||
name: ✨ Feature Request
|
||||
description: Suggest a new feature or improvement
|
||||
title: "[Feature]: "
|
||||
labels: ["enhancement"]
|
||||
body:
|
||||
- type: markdown
|
||||
attributes:
|
||||
value: |
|
||||
Thanks for suggesting a feature! Please fill out the form below.
|
||||
|
||||
- type: textarea
|
||||
id: problem
|
||||
attributes:
|
||||
label: Problem Description
|
||||
description: Is your feature request related to a problem? Please describe.
|
||||
placeholder: I'm frustrated when...
|
||||
validations:
|
||||
required: true
|
||||
|
||||
- type: textarea
|
||||
id: solution
|
||||
attributes:
|
||||
label: Proposed Solution
|
||||
description: Describe the solution you'd like
|
||||
placeholder: I would like TidyQuest to...
|
||||
validations:
|
||||
required: true
|
||||
|
||||
- type: textarea
|
||||
id: alternatives
|
||||
attributes:
|
||||
label: Alternatives Considered
|
||||
description: Describe alternatives you've considered
|
||||
validations:
|
||||
required: false
|
||||
|
||||
- type: dropdown
|
||||
id: area
|
||||
attributes:
|
||||
label: Area of Impact
|
||||
description: Which area does this feature affect?
|
||||
options:
|
||||
- Frontend (UI/UX)
|
||||
- Backend (API)
|
||||
- Database
|
||||
- Documentation
|
||||
- Docker/Deployment
|
||||
- Security
|
||||
- Other
|
||||
validations:
|
||||
required: true
|
||||
|
||||
- type: dropdown
|
||||
id: priority
|
||||
attributes:
|
||||
label: Priority
|
||||
description: How important is this feature to you?
|
||||
options:
|
||||
- Nice to have
|
||||
- Would be helpful
|
||||
- Important
|
||||
- Critical
|
||||
validations:
|
||||
required: true
|
||||
|
||||
- type: textarea
|
||||
id: additional
|
||||
attributes:
|
||||
label: Additional Context
|
||||
description: Add any other context, screenshots, or mockups
|
||||
validations:
|
||||
required: false
|
||||
|
||||
- type: checkboxes
|
||||
id: terms
|
||||
attributes:
|
||||
label: Checklist
|
||||
options:
|
||||
- label: I have searched existing issues to avoid duplicates
|
||||
required: true
|
||||
- label: This feature aligns with TidyQuest's goal of gamifying household chores
|
||||
required: true
|
||||
- label: I am willing to contribute to the implementation (optional)
|
||||
required: false
|
||||
16
.github/SECURITY.md
vendored
Normal file
16
.github/SECURITY.md
vendored
Normal file
|
|
@ -0,0 +1,16 @@
|
|||
# Security Policy
|
||||
|
||||
For security information, vulnerability reporting, and best practices, please see:
|
||||
|
||||
👉 **[SECURITY.md](../SECURITY.md)** at the root of the repository
|
||||
|
||||
## Quick Links
|
||||
|
||||
- 🔒 [Security Best Practices](../SECURITY.md#-security-best-practices)
|
||||
- 🚨 [Reporting a Vulnerability](../SECURITY.md#-reporting-a-vulnerability)
|
||||
- 📋 [Security Checklist](../SECURITY.md#-security-checklist-before-going-public)
|
||||
|
||||
---
|
||||
|
||||
**Note**: This file exists in `.github/` to enable GitHub's "Security" tab.
|
||||
All documentation is maintained in the root `SECURITY.md` file.
|
||||
54
.github/pull_request_template.md
vendored
Normal file
54
.github/pull_request_template.md
vendored
Normal file
|
|
@ -0,0 +1,54 @@
|
|||
## Description
|
||||
|
||||
<!-- Provide a brief description of your changes -->
|
||||
|
||||
## Type of Change
|
||||
|
||||
- [ ] Bug fix (non-breaking change which fixes an issue)
|
||||
- [ ] New feature (non-breaking change which adds functionality)
|
||||
- [ ] Breaking change (fix or feature that would cause existing functionality to not work as expected)
|
||||
- [ ] Documentation update
|
||||
- [ ] Code refactoring
|
||||
- [ ] Performance improvement
|
||||
- [ ] Security fix
|
||||
|
||||
## Related Issue
|
||||
|
||||
<!-- Link to the issue this PR addresses, e.g., "Fixes #123" -->
|
||||
|
||||
Fixes #
|
||||
|
||||
## Changes Made
|
||||
|
||||
<!-- List the changes you made -->
|
||||
|
||||
-
|
||||
-
|
||||
-
|
||||
|
||||
## Testing
|
||||
|
||||
<!-- Describe how you tested your changes -->
|
||||
|
||||
- [ ] Tested locally with Docker
|
||||
- [ ] Tested on production-like environment
|
||||
- [ ] Added/updated tests
|
||||
- [ ] All existing tests pass
|
||||
|
||||
## Checklist
|
||||
|
||||
- [ ] My code follows the project's code style
|
||||
- [ ] I have performed a self-review of my code
|
||||
- [ ] I have commented my code where necessary
|
||||
- [ ] I have updated the documentation (README, API.md, etc.)
|
||||
- [ ] My changes generate no new warnings or errors
|
||||
- [ ] I have checked for security vulnerabilities
|
||||
- [ ] I have not committed any secrets (.env, API keys, passwords)
|
||||
|
||||
## Screenshots (if applicable)
|
||||
|
||||
<!-- Add screenshots to help explain your changes -->
|
||||
|
||||
## Additional Notes
|
||||
|
||||
<!-- Any additional information -->
|
||||
Loading…
Reference in a new issue