Skip to content

Add issue templates, PR template, and security policy#134

Merged
brightio merged 7 commits into
brightio:mainfrom
strikoder:main
Jun 7, 2026
Merged

Add issue templates, PR template, and security policy#134
brightio merged 7 commits into
brightio:mainfrom
strikoder:main

Conversation

@strikoder

Copy link
Copy Markdown
Contributor

This document outlines the security policy for reporting vulnerabilities, including what to include in a report and the expected response.

strikoder added 4 commits June 7, 2026 08:47
This document outlines the security policy for reporting vulnerabilities, including what to include in a report and the expected response.
This template guides users in reporting bugs effectively by collecting essential information such as version, installation method, and reproduction steps.
This template helps users submit feature requests with structured information, including pre-submission checks, problem description, proposals, alternatives, and standard library considerations.

@strikoder strikoder left a comment

Copy link
Copy Markdown
Contributor Author

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

I left review comments on a few spots where the descriptions could potentially be reworded. Take or leave them as you see fit.

Comment thread .github/SECURITY.md

**Do not open a public GitHub issue for security vulnerabilities.**

Send an email to **[brightio.code@gmail.com](mailto:brightio.code@gmail.com)** with the details of the issue. We'll get back to you within 72 hours. If the issue is confirmed, we'll ask you to open a private GitHub security advisory so we can work on a fix together.

Copy link
Copy Markdown
Contributor Author

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

If you don't really like to be reached through email, change this.

id: stdlib
attributes:
label: Can this be done with the standard library only?
description: Penelope sticks to Python's standard library so it needs no installation. Would this feature keep that?

Copy link
Copy Markdown
Contributor Author

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

I like that penelope doesn't depend on any external library, but if you are open to issues with more libraries you can change this description

@strikoder strikoder changed the title Add SECURITY.md for vulnerability reporting guidelines Add issue templates, PR template, and security policy Jun 7, 2026
strikoder added 2 commits June 7, 2026 09:44
This document outlines the principles and guidelines for contributing to the Penelope project, including design principles, issue reporting, and pull request procedures.
Update link to SECURITY.md for private reporting.
Comment thread CONTRIBUTING.md
from Windows targets but isn't meant to run on Windows itself.
- **Single script.** Keep changes self-contained rather than splitting things
into new modules.

Copy link
Copy Markdown
Contributor Author

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Feel free to add more requirements here if there are other principles contributors should follow.

@brightio brightio merged commit 95153a0 into brightio:main Jun 7, 2026
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Labels

None yet

Projects

None yet

Development

Successfully merging this pull request may close these issues.

2 participants