docs: align governance docs with project contribution policy#83
Open
docs: align governance docs with project contribution policy#83
Conversation
- Replace old fork-based CONTRIBUTING.md with standard policy (no-fork model, Conventional Commits, ci/ branch prefix, access-request flow) - Add SECURITY.md with private vulnerability reporting instructions - Add CODE_OF_CONDUCT.md (Contributor Covenant v2.1) - Fix wp-react-lib/package.json: author email, license MIT→Apache-2.0, add contributors field, fix stale repository URL (dg-wp-react→wp-react-lib)
Contributor
There was a problem hiding this comment.
Pull request overview
Aligns this repository’s governance and contribution documentation with the broader “data-viz-*” policy, and updates the published package metadata accordingly.
Changes:
- Rewrites
CONTRIBUTING.mdto standardize contribution workflow (branching, Conventional Commits, changesets, security guidance). - Adds
SECURITY.mdandCODE_OF_CONDUCT.mdto formalize vulnerability reporting and community standards. - Updates
wp-react-lib/package.jsonandREADME.mdto reflect updated project metadata (license/repo URL/author/contributors).
Reviewed changes
Copilot reviewed 5 out of 5 changed files in this pull request and generated 4 comments.
Show a summary per file
| File | Description |
|---|---|
wp-react-lib/package.json |
Updates npm package metadata (author, contributors, license, repository URL). |
SECURITY.md |
Adds a security policy and private vulnerability reporting process. |
CODE_OF_CONDUCT.md |
Adds a Contributor Covenant v2.1-based code of conduct. |
CONTRIBUTING.md |
Replaces legacy contribution guidance with standardized policy and workflows. |
README.md |
Fixes “Author” heading and adds a dedicated Contributors section. |
💡 Add Copilot custom instructions for smarter, more guided reviews. Learn how to get started.
| "module": "dist/esm/index.js", | ||
| "types": "dist/types/index.d.ts", | ||
| "license": "MIT", | ||
| "license": "Apache-2.0", |
Contributor
Author
There was a problem hiding this comment.
LICENSE was update on this commit too
Comment on lines
3
to
+5
| "version": "0.6.2", | ||
| "author": "Sebastian Dimunzio <sdimunzio@developmentgateway.org/>", | ||
| "author": "Sebastian Dimunzio <sdimunzio@gmail.com>", | ||
| "contributors": [ |
Comment on lines
+20
to
+31
| ### Prerequisites | ||
|
|
||
| Then, you can cherry-pick your project's branch over the **wp-react-lib** remote branch. By doing so, you can pick what commits to apply and what to leave out and you will choose only the commits that implement the generic new module functionality and you will leave out the client-specific customizations that are not meant to be posted to **wp-react-lib**. | ||
| - Node.js v22+ | ||
| - pnpm v10+ | ||
|
|
||
| And thanks for contributing to this project! | ||
| ### Install | ||
|
|
||
| ```bash | ||
| git clone git@github.com:devgateway/wp-react-lib.git | ||
| cd wp-react-lib/wp-react-lib | ||
| pnpm install | ||
| ``` |
Comment on lines
+33
to
+40
| ### Secrets scanning (pre-commit hook) | ||
|
|
||
| This project uses [Gitleaks](https://github.com/gitleaks/gitleaks) to prevent secrets from being accidentally committed. Install the hook after cloning: | ||
|
|
||
| ```bash | ||
| pip install pre-commit | ||
| pre-commit install | ||
| ``` |
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Add this suggestion to a batch that can be applied as a single commit.This suggestion is invalid because no changes were made to the code.Suggestions cannot be applied while the pull request is closed.Suggestions cannot be applied while viewing a subset of changes.Only one suggestion per line can be applied in a batch.Add this suggestion to a batch that can be applied as a single commit.Applying suggestions on deleted lines is not supported.You must change the existing code in this line in order to create a valid suggestion.Outdated suggestions cannot be applied.This suggestion has been applied or marked resolved.Suggestions cannot be applied from pending reviews.Suggestions cannot be applied on multi-line comments.Suggestions cannot be applied while the pull request is queued to merge.Suggestion cannot be applied right now. Please check back later.
Description
Aligns wp-react-lib with the governance policy established across data-viz-ui, data-viz-api, and data-viz-wordpress.
Changes
ci/,!breaking change notation, changeset guide)MIT→Apache-2.0, addcontributorsfield, fix stale repository URL (dg-wp-react→wp-react-lib)Type of change
docs:)chore:)Checklist