Add issue templates, PR template, and security policy#134
Merged
Conversation
This document outlines the security policy for reporting vulnerabilities, including what to include in a report and the expected response.
This template guides users in reporting bugs effectively by collecting essential information such as version, installation method, and reproduction steps.
This template helps users submit feature requests with structured information, including pre-submission checks, problem description, proposals, alternatives, and standard library considerations.
strikoder
commented
Jun 7, 2026
strikoder
left a comment
Contributor
Author
There was a problem hiding this comment.
I left review comments on a few spots where the descriptions could potentially be reworded. Take or leave them as you see fit.
|
|
||
| **Do not open a public GitHub issue for security vulnerabilities.** | ||
|
|
||
| Send an email to **[brightio.code@gmail.com](mailto:brightio.code@gmail.com)** with the details of the issue. We'll get back to you within 72 hours. If the issue is confirmed, we'll ask you to open a private GitHub security advisory so we can work on a fix together. |
Contributor
Author
There was a problem hiding this comment.
If you don't really like to be reached through email, change this.
| id: stdlib | ||
| attributes: | ||
| label: Can this be done with the standard library only? | ||
| description: Penelope sticks to Python's standard library so it needs no installation. Would this feature keep that? |
Contributor
Author
There was a problem hiding this comment.
I like that penelope doesn't depend on any external library, but if you are open to issues with more libraries you can change this description
This document outlines the principles and guidelines for contributing to the Penelope project, including design principles, issue reporting, and pull request procedures.
Update link to SECURITY.md for private reporting.
strikoder
commented
Jun 7, 2026
| from Windows targets but isn't meant to run on Windows itself. | ||
| - **Single script.** Keep changes self-contained rather than splitting things | ||
| into new modules. | ||
|
|
Contributor
Author
There was a problem hiding this comment.
Feel free to add more requirements here if there are other principles contributors should follow.
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Add this suggestion to a batch that can be applied as a single commit.This suggestion is invalid because no changes were made to the code.Suggestions cannot be applied while the pull request is closed.Suggestions cannot be applied while viewing a subset of changes.Only one suggestion per line can be applied in a batch.Add this suggestion to a batch that can be applied as a single commit.Applying suggestions on deleted lines is not supported.You must change the existing code in this line in order to create a valid suggestion.Outdated suggestions cannot be applied.This suggestion has been applied or marked resolved.Suggestions cannot be applied from pending reviews.Suggestions cannot be applied on multi-line comments.Suggestions cannot be applied while the pull request is queued to merge.Suggestion cannot be applied right now. Please check back later.
This document outlines the security policy for reporting vulnerabilities, including what to include in a report and the expected response.