Skip to content

chore: add community health files and .gitattributes#6

Merged
Fafoooo merged 1 commit into
mainfrom
chore/community-health-files
Jul 1, 2026
Merged

chore: add community health files and .gitattributes#6
Fafoooo merged 1 commit into
mainfrom
chore/community-health-files

Conversation

@raphaelbleier

Copy link
Copy Markdown
Collaborator

Closes #1.

What

Adds the public-repo community health files so the GitHub Community Profile is complete now that the project is opening up to broader contribution, plus a .gitattributes to stop line-ending churn.

File Purpose
SECURITY.md Private vulnerability reporting via GitHub Security Advisories. Threat model centers on Arbella's core promise — no secret ever reaches the backup repo (denylist/sanitizer bypass, self-held token escaping its 0600 file, restore path-traversal, command injection).
.github/ISSUE_TEMPLATE/bug_report.yml Structured bug form with command/tool/OS dropdowns (incl. the new opencode/copilot/kilo tools) and explicit "redact secrets/paths" guidance.
.github/ISSUE_TEMPLATE/feature_request.yml Feature form with a "tool to support" field, since Arbella adds tools as adapters.
.github/ISSUE_TEMPLATE/config.yml Disables blank issues; routes security reports to the advisory flow.
.github/PULL_REQUEST_TEMPLATE.md Checklist: typecheck/test/build, cross-platform paths, and the secret-containment guarantee.
.gitattributes * text=auto eol=lf — see below.

Why .gitattributes

Checkouts on a Windows filesystem (including a WSL /mnt mount) currently flip every file to CRLF, producing whole-file diffs that bury real changes. * text=auto eol=lf normalizes line endings to LF going forward; *.sh/install.sh are pinned LF and image assets are marked binary.

This PR adds the file only — it does not renormalize existing files (that would balloon the diff into ~70 EOL-flip files). A one-shot git add --renormalize . && git commit can clean the existing churn in a separate, isolated commit whenever you want.

Notes

  • CONTRIBUTING.md is intentionally deferred per the issue's scope note ("optionally add later if outside contributors become relevant"). Happy to add a short one if you'd like it now.
  • Pure additions — no source code touched, no CI impact.

Closes #1.

Raises the GitHub Community Profile now that the project is opening up to
broader contribution:

- SECURITY.md: private vulnerability reporting via GitHub Security
  Advisories, with a threat model centered on Arbella's core promise —
  no secret ever reaches the backup repo.
- .github/ISSUE_TEMPLATE/: structured bug-report and feature-request forms
  (the feature form has a "tool to support" field, since Arbella adds tools
  as adapters), plus config.yml that disables blank issues and routes
  security reports to the advisory flow.
- .github/PULL_REQUEST_TEMPLATE.md: a checklist covering typecheck/test/
  build, cross-platform paths, and the secret-containment guarantee.

Also adds .gitattributes (`* text=auto eol=lf`) so checkouts on a Windows
filesystem or a WSL /mnt mount no longer flip every file to CRLF and
produce whole-file diffs. This normalizes line endings going forward; a
one-shot `git add --renormalize .` can clean existing churn separately.

CONTRIBUTING.md is intentionally deferred per the issue's scope note.
@coderabbitai

coderabbitai Bot commented Jun 22, 2026

Copy link
Copy Markdown

Warning

Review limit reached

@raphaelbleier, we couldn't start this review because you've reached your PR review rate limit.

More reviews will be available in 51 minutes and 4 seconds. Learn how PR review limits work.

Your organization has used up its prepaid credits, and credit purchases are no longer available. Enable the review add-on in the billing tab to keep reviews running — you're only billed for reviews past your plan's rate limits ($0.25/file).

⌛ How to resolve this issue?

After more reviews become available, a review can be triggered using the @coderabbitai review command as a PR comment. Alternatively, push new commits to this PR.

To avoid repeated limits, reduce automatic review volume by pausing incremental auto-reviews earlier, using label-based review opt-in, excluding WIP or generated PR titles, or requesting reviews manually when the PR is ready. If your team needs uninterrupted high-volume reviews, an organization admin can enable usage-based credits.

🚦 How do rate limits work?

CodeRabbit enforces per-developer PR review limits for each organization. Most developers receive the normal plan refill rate.

For paid Pro and Pro+ PR reviews, CodeRabbit uses adaptive limits for sustained high-volume activity. When a developer's recent PR review activity reaches the 95th percentile or higher among CodeRabbit users, the refill rate gradually slows as usage increases. The highest same-day bursts are limited more strictly.

Please see our Fair Usage Limits Policy for further information.

ℹ️ Review info
⚙️ Run configuration

Configuration used: defaults

Review profile: CHILL

Plan: Pro Plus

Run ID: b0c5b27d-39c1-4449-be29-b9fd8c69f61a

📥 Commits

Reviewing files that changed from the base of the PR and between bdc56d1 and 0dff79c.

📒 Files selected for processing (6)
  • .gitattributes
  • .github/ISSUE_TEMPLATE/bug_report.yml
  • .github/ISSUE_TEMPLATE/config.yml
  • .github/ISSUE_TEMPLATE/feature_request.yml
  • .github/PULL_REQUEST_TEMPLATE.md
  • SECURITY.md
✨ Finishing Touches
🧪 Generate unit tests (beta)
  • Create PR with unit tests
  • Commit unit tests in branch chore/community-health-files

Thanks for using CodeRabbit! It's free for OSS, and your support helps us grow. If you like it, consider giving us a shout-out.

❤️ Share

Comment @coderabbitai help to get the list of available commands and usage tips.

@chatgpt-codex-connector chatgpt-codex-connector Bot left a comment

Copy link
Copy Markdown

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

💡 Codex Review

Here are some automated review suggestions for this pull request.

Reviewed commit: 0dff79c1eb

ℹ️ About Codex in GitHub

Your team has set up Codex to review pull requests in this repo. Reviews are triggered when you

  • Open a pull request for review
  • Mark a draft as ready
  • Comment "@codex review".

If Codex has suggestions, it will comment; otherwise it will react with 👍.

Codex can also answer questions or update the PR. Try commenting "@codex address that feedback".

Comment thread .github/ISSUE_TEMPLATE/bug_report.yml
@Fafoooo Fafoooo merged commit 824fc70 into main Jul 1, 2026
7 checks passed
@Fafoooo Fafoooo deleted the chore/community-health-files branch July 1, 2026 21:35
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Labels

None yet

Projects

None yet

Development

Successfully merging this pull request may close these issues.

Add community health files

2 participants