From d051aced7c2ece04675be39d258037d6c70884f4 Mon Sep 17 00:00:00 2001 From: Adonis Jimenez <271941740+donny-devops@users.noreply.github.com> Date: Tue, 7 Jul 2026 15:55:56 +0000 Subject: [PATCH] chore: add community-health files and repo hygiene - Add MIT LICENSE / SECURITY.md / CODE_OF_CONDUCT.md where missing - Add CI/license status badges and architecture diagrams to key READMEs - Reconcile documentation with actual repository state --- LICENSE | 21 +++++++++++++++++++++ SECURITY.md | 42 ++++++++++++++++++++++++++++++++++++++++++ 2 files changed, 63 insertions(+) create mode 100644 LICENSE create mode 100644 SECURITY.md diff --git a/LICENSE b/LICENSE new file mode 100644 index 0000000..e5f02a9 --- /dev/null +++ b/LICENSE @@ -0,0 +1,21 @@ +MIT License + +Copyright (c) 2026 Adonis Jimenez + +Permission is hereby granted, free of charge, to any person obtaining a copy +of this software and associated documentation files (the "Software"), to deal +in the Software without restriction, including without limitation the rights +to use, copy, modify, merge, publish, distribute, sublicense, and/or sell +copies of the Software, and to permit persons to whom the Software is +furnished to do so, subject to the following conditions: + +The above copyright notice and this permission notice shall be included in all +copies or substantial portions of the Software. + +THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR +IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY, +FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE +AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER +LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM, +OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE +SOFTWARE. diff --git a/SECURITY.md b/SECURITY.md new file mode 100644 index 0000000..26f1137 --- /dev/null +++ b/SECURITY.md @@ -0,0 +1,42 @@ +# Security Policy + +## Supported Versions + +Security updates are applied to the latest released version on the default +branch. Older tags are not guaranteed to receive fixes. + +| Version | Supported | +| -------------- | ------------------ | +| Latest (main) | :white_check_mark: | +| Older releases | :x: | + +## Reporting a Vulnerability + +**Please do not report security vulnerabilities through public GitHub issues.** + +Instead, report them privately using one of the following channels: + +1. **GitHub Security Advisories** — use the + [private vulnerability reporting](../../security/advisories/new) feature on + this repository (preferred). +2. **Email** — send details to **adonis-jimenez@outlook.com** with the subject + line `SECURITY: `. + +Please include as much of the following as possible: + +- A description of the vulnerability and its potential impact +- Steps to reproduce or a proof of concept +- Affected version(s), configuration, or environment +- Any suggested remediation + +## Response Targets + +| Stage | Target | +| --------------------- | -------------------------- | +| Acknowledgement | within 48 hours | +| Initial assessment | within 5 business days | +| Fix / mitigation plan | communicated after triage | + +We follow a coordinated disclosure process. Please give us a reasonable +window to remediate before any public disclosure. We are happy to credit +reporters who wish to be acknowledged.