Add project code of conduct and security policy

This commit is contained in:
Sebastian Palencsar
2026-05-31 17:48:55 +02:00
parent 4507023da2
commit 63698709a6
3 changed files with 94 additions and 2 deletions

42
CODE_OF_CONDUCT.md Normal file
View File

@@ -0,0 +1,42 @@
# Code of Conduct
## Our Commitment
The Bearhub project is committed to providing a respectful, harassment-free environment for everyone participating in issues, discussions, and pull requests.
## Expected Behavior
- Be respectful and constructive.
- Assume good intent and focus on technical content.
- Provide clear, reproducible reports for bugs and regressions.
- Accept feedback and collaborate on fixes.
## Unacceptable Behavior
- Harassment, hate speech, personal attacks, or discrimination.
- Trolling, intimidation, or repeated hostile communication.
- Publishing private information without consent.
- Any behavior that makes collaboration unsafe or unproductive.
## Scope
This Code of Conduct applies to all project spaces, including:
- GitHub issues and pull requests
- discussions and comments
- any public communication channels used for project collaboration
## Enforcement
Project maintainers may remove, edit, or reject comments, issues, or pull requests that violate this Code of Conduct.
Repeated or severe violations may lead to temporary or permanent bans from project participation.
## Reporting
If you experience or witness unacceptable behavior, report it privately to the maintainers through GitHub:
- Open a private security advisory for sensitive incidents when appropriate.
- Otherwise, contact maintainers directly via GitHub profile contact options.
All reports will be reviewed and handled as confidentially as possible.

View File

@@ -81,8 +81,10 @@ Key features
14. [Code structure](#code) 14. [Code structure](#code)
15. [Roadmap](#roadmap) 15. [Roadmap](#roadmap)
16. [Contributing](https://github.com/vinifmor/bauh/blob/master/CONTRIBUTING.md) 16. [Contributing](https://github.com/vinifmor/bauh/blob/master/CONTRIBUTING.md)
17. [Maintainer docs](#maintainer_docs) 17. [Code of Conduct](CODE_OF_CONDUCT.md)
18. [Donations](#donations) 18. [Security Policy](SECURITY.md)
19. [Maintainer docs](#maintainer_docs)
20. [Donations](#donations)

48
SECURITY.md Normal file
View File

@@ -0,0 +1,48 @@
# Security Policy
## Supported Versions
Security fixes are provided on a best-effort basis for:
- the latest Bearhub release
- the current `main` branch
Older releases may not receive security updates.
## Reporting a Vulnerability
Please do not open public issues for undisclosed security vulnerabilities.
Use one of these channels:
1. GitHub Security Advisories (preferred):
- Go to the repository `Security` tab
- Create a private vulnerability report
2. If advisory reporting is unavailable, contact maintainers directly via GitHub.
Include as much detail as possible:
- affected Bearhub version
- platform details (Arch version, Python version, desktop session)
- reproduction steps
- expected vs. actual behavior
- logs, stack traces, and proof-of-concept (if available)
## Response Process
Maintainers will:
- acknowledge the report as soon as possible
- validate impact and scope
- prepare and publish a fix
- credit reporters where appropriate (if desired)
## Disclosure
Please allow reasonable time for validation and patching before public disclosure.
Once fixed, we will disclose:
- impacted versions
- mitigation/fix guidance
- release references containing the patch