Add contributor guidelines, code of conduct and security

CODE_OF_CONDUCT.rst

@@ -0,0 +1,144 @@
+Contributor Covenant Code of Conduct
+====================================
+
+Our Pledge
+----------
+
+We as members, contributors, and leaders pledge to make participation in
+our community a harassment-free experience for everyone, regardless of
+age, body size, visible or invisible disability, ethnicity, sex
+characteristics, gender identity and expression, level of experience,
+education, socio-economic status, nationality, personal appearance,
+race, religion, or sexual identity and orientation.
+
+We pledge to act and interact in ways that contribute to an open,
+welcoming, diverse, inclusive, and healthy community.
+
+Our Standards
+-------------
+
+Examples of behavior that contributes to a positive environment for our
+community include:
+
+-  Demonstrating empathy and kindness toward other people
+-  Being respectful of differing opinions, viewpoints, and experiences
+-  Giving and gracefully accepting constructive feedback
+-  Accepting responsibility and apologizing to those affected by our
+   mistakes, and learning from the experience
+-  Focusing on what is best not just for us as individuals, but for the
+   overall community
+
+Examples of unacceptable behavior include:
+
+-  The use of sexualized language or imagery, and sexual attention or
+   advances of any kind
+-  Trolling, insulting or derogatory comments, and personal or political
+   attacks
+-  Public or private harassment
+-  Publishing others’ private information, such as a physical or email
+   address, without their explicit permission
+-  Other conduct which could reasonably be considered inappropriate in a
+   professional setting
+
+Enforcement Responsibilities
+----------------------------
+
+Community leaders are responsible for clarifying and enforcing our
+standards of acceptable behavior and will take appropriate and fair
+corrective action in response to any behavior that they deem
+inappropriate, threatening, offensive, or harmful.
+
+Community leaders have the right and responsibility to remove, edit, or
+reject comments, commits, code, wiki edits, issues, and other
+contributions that are not aligned to this Code of Conduct, and will
+communicate reasons for moderation decisions when appropriate.
+
+Scope
+-----
+
+This Code of Conduct applies within all community spaces, and also
+applies when an individual is officially representing the community in
+public spaces. Examples of representing our community include using an
+official e-mail address, posting via an official social media account,
+or acting as an appointed representative at an online or offline event.
+
+Enforcement
+-----------
+
+Instances of abusive, harassing, or otherwise unacceptable behavior may
+be reported to the community leaders responsible for enforcement at
+artur.barseghyan@gmail.com. All complaints will be reviewed and
+investigated promptly and fairly.
+
+All community leaders are obligated to respect the privacy and security
+of the reporter of any incident.
+
+Enforcement Guidelines
+----------------------
+
+Community leaders will follow these Community Impact Guidelines in
+determining the consequences for any action they deem in violation of
+this Code of Conduct:
+
+1. Correction
+~~~~~~~~~~~~~
+
+**Community Impact**: Use of inappropriate language or other behavior
+deemed unprofessional or unwelcome in the community.
+
+**Consequence**: A private, written warning from community leaders,
+providing clarity around the nature of the violation and an explanation
+of why the behavior was inappropriate. A public apology may be
+requested.
+
+2. Warning
+~~~~~~~~~~
+
+**Community Impact**: A violation through a single incident or series of
+actions.
+
+**Consequence**: A warning with consequences for continued behavior. No
+interaction with the people involved, including unsolicited interaction
+with those enforcing the Code of Conduct, for a specified period of
+time. This includes avoiding interactions in community spaces as well as
+external channels like social media. Violating these terms may lead to a
+temporary or permanent ban.
+
+3. Temporary Ban
+~~~~~~~~~~~~~~~~
+
+**Community Impact**: A serious violation of community standards,
+including sustained inappropriate behavior.
+
+**Consequence**: A temporary ban from any sort of interaction or public
+communication with the community for a specified period of time. No
+public or private interaction with the people involved, including
+unsolicited interaction with those enforcing the Code of Conduct, is
+allowed during this period. Violating these terms may lead to a
+permanent ban.
+
+4. Permanent Ban
+~~~~~~~~~~~~~~~~
+
+**Community Impact**: Demonstrating a pattern of violation of community
+standards, including sustained inappropriate behavior, harassment of an
+individual, or aggression toward or disparagement of classes of
+individuals.
+
+**Consequence**: A permanent ban from any sort of public interaction
+within the community.
+
+Attribution
+-----------
+
+This Code of Conduct is adapted from the `Contributor
+Covenant <https://www.contributor-covenant.org>`__, version 2.0,
+available at
+https://www.contributor-covenant.org/version/2/0/code_of_conduct.html.
+
+Community Impact Guidelines were inspired by `Mozilla’s code of conduct
+enforcement ladder <https://github.com/mozilla/diversity>`__.
+
+For answers to common questions about this code of conduct, see the FAQ
+at https://www.contributor-covenant.org/faq. Translations are available
+at https://www.contributor-covenant.org/translations.

CONTRIBUTING.rst

@@ -0,0 +1,132 @@
+Contributor guidelines
+======================
+
+.. _documentation: https://ska.readthedocs.io/#writing-documentation
+.. _testing: https://ska.readthedocs.io/#testing
+.. _pre-commit: https://pre-commit.com/#installation
+.. _black: https://black.readthedocs.io/
+.. _isort: https://pycqa.github.io/isort/
+.. _doc8: https://doc8.readthedocs.io/
+.. _ruff: https://beta.ruff.rs/docs/
+.. _pip-tools: https://pip-tools.readthedocs.io/
+.. _issues: https://github.com/barseghyanartur/ska/issues
+.. _discussions: https://github.com/barseghyanartur/ska/discussions
+.. _pull request: https://github.com/barseghyanartur/ska/pulls
+.. _support: https://ska.readthedocs.io/#support
+.. _installation: https://ska.readthedocs.io/#installation
+.. _features: https://ska.readthedocs.io/#features
+.. _prerequisites: https://ska.readthedocs.io/#prerequisites
+
+Developer prerequisites
+-----------------------
+pre-commit
+~~~~~~~~~~
+Refer to `pre-commit`_ for installation instructions.
+
+TL;DR:
+
+.. code-block:: sh
+
+    pip install pipx --user  # Install pipx
+    pipx install pre-commit  # Install pre-commit
+    pre-commit install  # Install pre-commit hooks
+
+Installing `pre-commit`_ will ensure you adhere to the project code quality
+standards.
+
+Code standards
+--------------
+`black`_, `isort`_, `ruff`_ and `doc8`_ will be automatically triggered by
+`pre-commit`_. Still, if you want to run checks manually:
+
+.. code-block:: sh
+
+    ./scripts/black.sh
+    ./scripts/doc8.sh
+    ./scripts/isort.sh
+    ./scripts/ruff.sh
+
+Requirements
+------------
+Requirements are compiled using `pip-tools`_.
+
+.. code-block:: sh
+
+    ./scripts/compile_requirements.sh
+
+Virtual environment
+-------------------
+You are advised to work in virtual environment.
+
+TL;DR:
+
+.. code-block:: sh
+
+    python -m venv env
+    pip install -e .
+    pip install -r examples/requirements/django_4_2.txt
+
+Documentation
+-------------
+Check `documentation`_.
+
+Testing
+-------
+Check `testing`_.
+
+If you introduce changes or fixes, make sure to test them locally using
+all supported environments. For that use tox.
+
+.. code-block:: sh
+
+    tox
+
+In any case, GitHub Actions will catch potential errors, but using tox speeds
+things up.
+
+Pull requests
+-------------
+You can contribute to the project by making a `pull request`_.
+
+For example:
+
+- To fix documentation typos.
+- To improve documentation (for instance, to add new recipe or fix
+  an existing recipe that doesn't seem to work).
+- To introduce a new feature (for instance, add support for a non-supported
+  file type).
+
+**Good to know:**
+
+- Test suite makes extensive use of parametrization. Make sure you have added
+  your changes in the right place.
+
+**General list to go through:**
+
+- Does your change require documentation update?
+- Does your change require update to tests?
+- Did you test both Latin and Unicode characters?
+- Does your change rely on third-party cloud based service? If so, please
+  make sure it's added to tests that should be retried a couple of times.
+  Example: ``@pytest.mark.flaky(reruns=5)``.
+
+**When fixing bugs (in addition to the general list):**
+
+- Make sure to add regression tests.
+
+**When adding a new feature (in addition to the general list):**
+
+- Check the licenses of added dependencies carefully and make sure to list them
+  in `prerequisites`_.
+- Make sure to update the documentation (check whether the `installation`_,
+  or `features`_ require changes).
+
+Questions
+---------
+Questions can be asked on GitHub `discussions`_.
+
+Issues
+------
+For reporting a bug or filing a feature request use GitHub `issues`_.
+
+**Do not report security issues on GitHub**. Check the `support`_ section.

SECURITY.rst

@@ -0,0 +1,30 @@
+Security Policy
+===============
+Reporting a Vulnerability
+-------------------------
+**Do not report security issues on GitHub!**
+
+Please report security issues by emailing Artur Barseghyan
+<artur.barseghyan@gmail.com>.
+
+Supported Versions
+------------------
+**Make sure to use the latest version.**
+
+The two most recent ``ska`` release series receive security support.
+
+For example, during the development cycle leading to the release
+of ``ska`` 1.10.x, support will be provided for ``ska`` 1.9.x.
+
+Upon the release of ``ska`` 1.11, security support for ``ska``
+1.9.x will end.
+
++-----------+-----------+
+| Version   | Supported |
++===========+===========+
+| 1.10.x    | Yes       |
++-----------+-----------+
+| 1.9.x     | Yes       |
++-----------+-----------+
+| < 1.9     | No        |
++-----------+-----------+

docs/code_of_conduct.rst

@@ -0,0 +1 @@
+.. include:: ../CODE_OF_CONDUCT.rst

docs/contributor_guidelines.rst

@@ -0,0 +1 @@
+.. include:: ../CONTRIBUTING.rst

docs/documentation.rst

@@ -10,4 +10,7 @@ Contents:
 
    index
    changelog
+   security
+   code_of_conduct
+   contributor_guidelines
    package

docs/index.rst

@@ -1,2 +1,2 @@
 .. include:: ../README.rst
-.. include:: documentation.rst.distrib
+.. include:: documentation.rst

docs/index.rst.distrib

@@ -1,2 +1,2 @@
 .. include:: ../README.rst
-.. include:: documentation.rst.distrib
+.. include:: documentation.rst

docs/security.rst

@@ -0,0 +1 @@
+.. include:: ../SECURITY.rst