all: update docs

See golang/go#53961

CONTRIBUTING.md

@@ -13,7 +13,7 @@ path including version (or "all" for everything or misc chores), followed
 by a colon. For example:
 
 ```
-v2/lazy: error when doing something
+v2/loader: error when doing something
 v2/all: help getting started
 ```
 
@@ -31,7 +31,7 @@ For example:
 
 ```
 all: update README
-lazy: fix something
+loader: fix something
 legacy/foo: fix something else
 ```
 
@@ -44,19 +44,13 @@ All code contributions **must** be made available under the exact same
 terms as the [LICENSE.txt](/LICENSE.txt) file (and cannot be accepted 
 otherwise).
 
-Contributors will have their name and email added to the CONTRIBUTORS file
-at the start of each minor version release.
-
 If you are contributing in the course of your employment, and your employer
 is the copyright holder of your contribution (this is usually the case when
-you are contributing code at work),  then please also add your employer's 
-legal name, the country where that company is registered, and the year(s) 
-of the contribution(s) to the AUTHORS file (please preserve alphabetical
-order).
+you are contributing code at work), then please contribute using an email
+address or account that credits your employer.
 
 ### Style guide
 
 * Unlike most Go projects, we exclusively use spaces for indentation.
-* Use British English (en-GB) for code comments and documentation
+* Use British English (en-GB) for code comments and documentation.
 * Use US  English (en-US) for identifiers and file names.
-* Use any English language for commit messages, pull requests, etc. 

LICENSE.txt

@@ -2,7 +2,7 @@ github.com/tawesoft/golib
 
 Copyright © 2019 - 2022 Ben Golightly <ben@tawesoft.co.uk>
 Copyright © 2019 - 2022 Tawesoft Ltd <opensource@tawesoft.co.uk>
-Copyright © AUTHORS and CONTRIBUTORS
+Copyright © CONTRIBUTORS (api.github.com/repos/tawesoft/golib/contributors)
 Portions copyright © 1991 - 2022 Unicode, Inc. (see also UNICODE.txt)
 
 Permission is hereby granted, free of charge, to any person obtaining a copy

MIGRATIONS.md

@@ -23,15 +23,13 @@ described in the following table.
 | Unstable  | Large breaking changes to this package are likely, even between minor versions, and may not have migration instructions. |
 
 Security fixes may not always be backwards compatible, even between minor 
-versions. Applicable security fixes will always be backported to frozen 
-packages, to the previous two major versions of normal packages, and the 
-previous one major version of candidate packages.
+versions.
 
 Downstream module authors should avoid using a candidate package
 in a stable release of their module, particularly in their public API. 
 Candidate packages are appropriate for "release candidate" pre-release 
 versions of modules, development versions of modules, and `main()` programs. 
-Alternatively, please vendor the package.
+Alternatively, please vendor the package as a temporary measure.
 
 
 ## Updating `github.com/tawesoft/golib`
@@ -45,7 +43,7 @@ Placeholder
 ## Migrating from `tawesoft.co.uk/go`
 
 There are no breaking changes, but you should update your imports as indicated
-for each package.
+below for each package.
 
 
 ### Package **tawesoft.co.uk/go/dialog:**
@@ -78,16 +76,7 @@ Although the new package is API-compatible with the old one, check out the
 ```
 
 This `golib/v2/legacy/humanize` package is frozen and will not appear 
-in v3. It will always be available at the v2 import path. Note that this
-is different to the new (non-legacy) humanize package, which is not directly
-compatible with existing code.
-
-### (Optional) migrate **humanize** → **goblib/v2/humanize:**
-
-Package `goblib/v2/humanize` provides similar features to the old
-`tawesoft.co.uk/go/humanize` package, but migrating will require changes to 
-existing code. Note that this package is different to the legacy humanize 
-package, which is compatible with existing code.
+in v3. It will always be available at the v2 import path.
 
 
 ### Package **tawesoft.co.uk/go/lxstrconv:**
@@ -102,13 +91,6 @@ package, which is compatible with existing code.
 This `golib/v2/legacy/localize` package is frozen and will not appear 
 in v3. It will always be available at the v2 import path.
 
-### (Optional) migrate **lxstrconv** → **goblib/v2/humanize:**
-
-Package `goblib/v2/humanize` provides similar features to the old
-`tawesoft.co.uk/go/lxstrconv` package, but migrating will require changes to 
-existing code. Note that this package is different to the legacy humanize 
-package, which is compatible with existing code.
-
 
 ### Package **tawesoft.co.uk/go/operator:**
 

README.md

@@ -19,9 +19,9 @@ This is modern code with generics, for go v1.19beta1+
 |     grace     |       TODO       |  -  | start and gracefully shutdown processes                   |
 |   humanize    |       TODO       |  -  | locale-aware parsing & formatting of times & quantities   |
 |      ks       | [unstable][102]  |  -  | misc helpful things                                       |
-|     lazy      | [candidate][103] |  -  | composable lazy sequences                                 |
+|     lazy      | [unstable][103]  |  -  | composable lazy sequences                                 |
 |    loader     | [unstable][105]  |  -  | concurrent dependency graph solver                        |
-|    numbers    | [candidate][106] |  -  | helpful things for number types                           |
+|    numbers    | [unstable][106]  |  -  | helpful things for number types                           |
 |   text/ccc    | [candidate][107] |  -  | Unicode Canonical Combining Class values                  |
 |    text/dm    | [candidate][108] |  -  | Unicode decomposition mappings & selective decompositions |
 | text/fallback | [candidate][109] |  -  | Unicode Character Fallback Substitutions                  | 
@@ -57,6 +57,6 @@ Use the [tawesoft/golib issue tracker](), powered by GitHub issues.
 ### Commercial Support
 
 Open source software from Tawesoft® is backed by commercial support options.
-Email [open-source@tawesoft.co.uk](mailto:open-source@tawesoft.co.uk) or visit
+Email [opensource@tawesoft.co.uk](mailto:opensource@tawesoft.co.uk) or visit
 [tawesoft.co.uk/products/open-source-software](https://www.tawesoft.co.uk/products/open-source-software) 
 to learn more.

SECURITY.md

@@ -22,20 +22,21 @@ used by a large volume of users. Email us with the subject
 
 ## Backporting fixes
 
-Applicable security fixes will always be backported to legacy 
-packages, to the previous two major versions of normal packages, and the 
-previous one major version of candidate packages.
+Applicable security fixes will always be backported to all legacy and stable
+packages, where possible. Fixes will be backported to candidate and unstable
+packages on a case-by-case basis.
 
-Security fixes may not always be backwards compatible, even between minor 
-versions.
+Security fixes may break backwards compatibility, even between minor versions,
+if necessary.
 
 
 ## Reporting a vulnerability
 
 Please disclose responsibly so that we can notify the users of our software
 with a fix and/or instructions, including a pre-announcement where appropriate.
 Do not report security issues through the public issue tracker in the first
-instance, unless it is being actively exploited in the wild.
+instance, unless the vulnerability is being actively exploited in the wild or
+is already public knowledge.
 
 Instead, please email information about vulnerabilities to
 [security@tawesoft.co.uk](mailto:security@tawesoft.co.uk).
@@ -51,5 +52,6 @@ For example:
 If you don't receive an acknowledgement within 48 hours, please contact us
 through any contact method listed on the Tawesoft website.
 
-If we have not fixed or disclosed a vulnerability after 90 days, then you may
-reserve your right to disclose this publicly.
+If, after being notified, we have not fixed or disclosed a vulnerability after
+90 days, then you may exercise your right to disclose it publicly.
+