From a436432e17db8f592849c648a07a9cbea1428713 Mon Sep 17 00:00:00 2001 From: James Hunter Date: Mon, 20 Apr 2020 18:51:44 -0700 Subject: [PATCH] OPS -- [root] OSS documents --- .github/ISSUE_TEMPLATE/bug_report.md | 27 +++++ .github/ISSUE_TEMPLATE/feature_request.md | 17 +++ CODE_OF_CONDUCT.md | 127 ++++++++++++++++++++ CONTRIBUTING.md | 138 ++++++++++++++++++++++ NOTICE | 4 + SECURITY.md | 72 +++++++++++ 6 files changed, 385 insertions(+) create mode 100644 .github/ISSUE_TEMPLATE/bug_report.md create mode 100644 .github/ISSUE_TEMPLATE/feature_request.md create mode 100644 CODE_OF_CONDUCT.md create mode 100644 CONTRIBUTING.md create mode 100644 NOTICE create mode 100644 SECURITY.md diff --git a/.github/ISSUE_TEMPLATE/bug_report.md b/.github/ISSUE_TEMPLATE/bug_report.md new file mode 100644 index 000000000..60cf5a92a --- /dev/null +++ b/.github/ISSUE_TEMPLATE/bug_report.md @@ -0,0 +1,27 @@ +--- + +name: Bug report +about: Create a report to help us improve +title: "" +labels: bug +assignees: 10thfloor +---**Describe the bug** +A clear and concise description of what the bug is. + +**To Reproduce** +Steps to reproduce the behavior: + +**Expected behavior** +A clear and concise description of what you expected to happen. + +**Screenshots** +If applicable, add screenshots to help explain your problem. + +**Desktop (please complete the following information):** + +- OS: [e.g. iOS] +- Browser [e.g. chrome, safari] +- Version [e.g. 1.0.0] + +**Additional context** +Add any other context about the problem here. diff --git a/.github/ISSUE_TEMPLATE/feature_request.md b/.github/ISSUE_TEMPLATE/feature_request.md new file mode 100644 index 000000000..7b9a1cb6f --- /dev/null +++ b/.github/ISSUE_TEMPLATE/feature_request.md @@ -0,0 +1,17 @@ +--- +name: Feature request +about: Suggest an idea for this project +title: "" +labels: enhancement +assignees: 10thfloor +---**Is your feature request related to a problem? Please describe.** +A clear and concise description of what the problem is. Ex. I'm always frustrated when [...] + +**Describe the solution you'd like** +A clear and concise description of what you want to happen. + +**Describe alternatives you've considered** +A clear and concise description of any alternative solutions or features you've considered. + +**Additional context** +Add any other context or screenshots about the feature request here. diff --git a/CODE_OF_CONDUCT.md b/CODE_OF_CONDUCT.md new file mode 100644 index 000000000..0f97993ca --- /dev/null +++ b/CODE_OF_CONDUCT.md @@ -0,0 +1,127 @@ +# Contributor Covenant Code of Conduct + +## Our Pledge + +We as members, contributors, and leaders pledge to make participation in our +community a harassment-free experience for everyone, regardless of age, body +size, visible or invisible disability, ethnicity, sex characteristics, gender +identity and expression, level of experience, education, socio-economic status, +nationality, personal appearance, race, religion, or sexual identity +and orientation. + +We pledge to act and interact in ways that contribute to an open, welcoming, +diverse, inclusive, and healthy community. + +## Our Standards + +Examples of behavior that contributes to a positive environment for our +community include: + +- Demonstrating empathy and kindness toward other people +- Being respectful of differing opinions, viewpoints, and experiences +- Giving and gracefully accepting constructive feedback +- Accepting responsibility and apologizing to those affected by our mistakes, + and learning from the experience +- Focusing on what is best not just for us as individuals, but for the + overall community + +Examples of unacceptable behavior include: + +- The use of sexualized language or imagery, and sexual attention or + advances of any kind +- Trolling, insulting or derogatory comments, and personal or political attacks +- Public or private harassment +- Publishing others' private information, such as a physical or email + address, without their explicit permission +- Other conduct which could reasonably be considered inappropriate in a + professional setting + +## Enforcement Responsibilities + +Community leaders are responsible for clarifying and enforcing our standards of +acceptable behavior and will take appropriate and fair corrective action in +response to any behavior that they deem inappropriate, threatening, offensive, +or harmful. + +Community leaders have the right and responsibility to remove, edit, or reject +comments, commits, code, wiki edits, issues, and other contributions that are +not aligned to this Code of Conduct, and will communicate reasons for moderation +decisions when appropriate. + +## Scope + +This Code of Conduct applies within all community spaces, and also applies when +an individual is officially representing the community in public spaces. +Examples of representing our community include using an official e-mail address, +posting via an official social media account, or acting as an appointed +representative at an online or offline event. + +## Enforcement + +Instances of abusive, harassing, or otherwise unacceptable behavior may be +reported to the community leaders responsible for enforcement at . +All complaints will be reviewed and investigated promptly and fairly. + +All community leaders are obligated to respect the privacy and security of the +reporter of any incident. + +## Enforcement Guidelines + +Community leaders will follow these Community Impact Guidelines in determining +the consequences for any action they deem in violation of this Code of Conduct: + +### 1. Correction + +**Community Impact**: Use of inappropriate language or other behavior deemed +unprofessional or unwelcome in the community. + +**Consequence**: A private, written warning from community leaders, providing +clarity around the nature of the violation and an explanation of why the +behavior was inappropriate. A public apology may be requested. + +### 2. Warning + +**Community Impact**: A violation through a single incident or series +of actions. + +**Consequence**: A warning with consequences for continued behavior. No +interaction with the people involved, including unsolicited interaction with +those enforcing the Code of Conduct, for a specified period of time. This +includes avoiding interactions in community spaces as well as external channels +like social media. Violating these terms may lead to a temporary or +permanent ban. + +### 3. Temporary Ban + +**Community Impact**: A serious violation of community standards, including +sustained inappropriate behavior. + +**Consequence**: A temporary ban from any sort of interaction or public +communication with the community for a specified period of time. No public or +private interaction with the people involved, including unsolicited interaction +with those enforcing the Code of Conduct, is allowed during this period. +Violating these terms may lead to a permanent ban. + +### 4. Permanent Ban + +**Community Impact**: Demonstrating a pattern of violation of community +standards, including sustained inappropriate behavior, harassment of an +individual, or aggression toward or disparagement of classes of individuals. + +**Consequence**: A permanent ban from any sort of public interaction within +the community. + +## Attribution + +This Code of Conduct is adapted from the [Contributor Covenant][homepage], +version 2.0, available at +https://www.contributor-covenant.org/version/2/0/code_of_conduct.html. + +Community Impact Guidelines were inspired by [Mozilla's code of conduct +enforcement ladder](https://github.com/mozilla/diversity). + +[homepage]: https://www.contributor-covenant.org + +For answers to common questions about this code of conduct, see the FAQ at +https://www.contributor-covenant.org/faq. Translations are available at +https://www.contributor-covenant.org/translations. diff --git a/CONTRIBUTING.md b/CONTRIBUTING.md new file mode 100644 index 000000000..509679e23 --- /dev/null +++ b/CONTRIBUTING.md @@ -0,0 +1,138 @@ +# Contributing to FCL and the Flow JS SDK + +The following is a set of guidelines for contributing to FCL and the Flow JS SDK +These are mostly guidelines, not rules. +Use your best judgment, and feel free to propose changes to this document in a pull request. + +## Table Of Contents + +[Getting Started](#project-overview) + +[How Can I Contribute?](#how-can-i-contribute) + +- [Reporting Bugs](#reporting-bugs) +- [Suggesting Enhancements](#suggesting-enhancements) +- [Your First Code Contribution](#your-first-code-contribution) +- [Pull Requests](#pull-requests) + +[Styleguides](#styleguides) + +- [Git Commit Messages](#git-commit-messages) +- [JavaScript Styleguide](#javascript-styleguide) + +[Additional Notes](#additional-notes) + +## How Can I Contribute? + +### Reporting Bugs + +#### Before Submitting A Bug Report + +- **Search existing issues** to see if the problem has already been reported. + If it has **and the issue is still open**, add a comment to the existing issue instead of opening a new one. + +#### How Do I Submit A (Good) Bug Report? + +Explain the problem and include additional details to help maintainers reproduce the problem: + +- **Use a clear and descriptive title** for the issue to identify the problem. +- **Describe the exact steps which reproduce the problem** in as many details as possible. + When listing steps, **don't just say what you did, but explain how you did it**. +- **Provide specific examples to demonstrate the steps**. + Include links to files or GitHub projects, or copy/pasteable snippets, which you use in those examples. + If you're providing snippets in the issue, + use [Markdown code blocks](https://help.github.com/articles/markdown-basics/#multiple-lines). +- **Describe the behavior you observed after following the steps** and point out what exactly is the problem with that behavior. +- **Explain which behavior you expected to see instead and why.** +- **Include error messages and stack traces** which show the output / crash and clearly demonstrate the problem. + +Provide more context by answering these questions: + +- **Can you reliably reproduce the issue?** If not, provide details about how often the problem happens + and under which conditions it normally happens. + +Include details about your configuration and environment: + +- **What is the version of the Cadence you're using**? +- **What's the name and version of the Operating System you're using**? + +### Suggesting Enhancements + +#### Before Submitting An Enhancement Suggestion + +- **Perform a cursory search** to see if the enhancement has already been suggested. + If it has, add a comment to the existing issue instead of opening a new one. + +#### How Do I Submit A (Good) Enhancement Suggestion? + +Enhancement suggestions are tracked as [GitHub issues](https://guides.github.com/features/issues/). +Create an issue and provide the following information: + +- **Use a clear and descriptive title** for the issue to identify the suggestion. +- **Provide a step-by-step description of the suggested enhancement** in as many details as possible. +- **Provide specific examples to demonstrate the steps**. + Include copy/pasteable snippets which you use in those examples, + as [Markdown code blocks](https://help.github.com/articles/markdown-basics/#multiple-lines). +- **Describe the current behavior** and **explain which behavior you expected to see instead** and why. +- **Explain why this enhancement would be useful** to Cadence users. + +### Your First Code Contribution + +Unsure where to begin contributing to Cadence? +You can start by looking through these `good-first-issue` and `help-wanted` issues: + +- [Good first issues][https://github.com/onflow/cadence/labels/good%20first%20issue]: + issues which should only require a few lines of code, and a test or two. +- [Help wanted issues][https://github.com/onflow/cadence/labels/help%20wanted]: + issues which should be a bit more involved than `good-first-issue` issues. + +Both issue lists are sorted by total number of comments. +While not perfect, number of comments is a reasonable proxy for impact a given change will have. + +### Pull Requests + +The process described here has several goals: + +- Maintain code quality +- Fix problems that are important to users +- Engage the community in working toward the best possible Developer/User Experience +- Enable a sustainable system for the Cadence's maintainers to review contributions + +Please follow the [styleguides](#styleguides) to have your contribution considered by the maintainers. +Reviewer(s) may ask you to complete additional design work, tests, +or other changes before your pull request can be ultimately accepted. + +## Styleguides + +### Git Commit Messages + +- Use the present tense ("Add feature" not "Added feature") +- Use the imperative mood ("Move cursor to..." not "Moves cursor to...") +- Limit the first line to 72 characters or less +- Reference issues and pull requests liberally after the first line +- Start commits with a 3 character topic + - Topics: + - PKG -- Modified a package (Requires a Changelog Entry) + - DOC -- Modified a some form of documentation + - OPS -- Modified repository tooling/scripts + - VSN -- Changed a version number +- Scope commits to individual packages and include package name in commit message + +Format: TOPIC -- [package-name] what is change + +Examples: + +- OPS -- [root] tests only run once now for ci master branch +- PKG -- [decode] fix issue with using regex for type matching +- DOC -- [root] update readme with emulator instructions +- VSN -- [interaction] 0.0.3 -> 0.0.4 +- VSN -- [fcl] 1.5.3 -> 2.0.0 breaking change +- VSN -- [sdk] @onflow/send 0.0.5 -> 0.0.6 + +### JavaScript Styleguide + +Use Prettier with the setting in the root `.prettierrc` file + +## Additional Notes + +Thank you for your interest in contributing to the FCL and Flow JS SDK diff --git a/NOTICE b/NOTICE new file mode 100644 index 000000000..bc3a8b918 --- /dev/null +++ b/NOTICE @@ -0,0 +1,4 @@ +Flow +Copyright 2019-2020 Dapper Labs, Inc. + +This product includes software developed at Dapper Labs, Inc. (https://www.dapperlabs.com/). diff --git a/SECURITY.md b/SECURITY.md new file mode 100644 index 000000000..8ed3f8fc2 --- /dev/null +++ b/SECURITY.md @@ -0,0 +1,72 @@ +# Security Policy + +Flow was built from the ground up with security in mind. +Our code, infrastructure, and development methodology helps us keep our users safe. + +We really appreciate the community's help. +Responsible disclosure of vulnerabilities helps to maintain the security and privacy of everyone. + +If you care about making a difference, please follow the guidelines below. + +## Reporting a Vulnerability + +Reports are welcome! Please definitely reach out to us if you have a security concern. + +If you believe you may have found a security vulnerability in our project, +to be on the safe side, **do NOT open a public issue**. + +Rather, we prefer you to please send us an email: **security@dapperlabs.com** + +To encrypt messages to us, we encourage you to use our PGP key: + +-----BEGIN PGP PUBLIC KEY BLOCK----- +mQINBF1J1mABEADX/mVq3Fn1/7+V/fc5UMOlShtQ0n3lTxUkYsKHsQIp4IuDrCZy +XbHayQ9DaoLPOQtXqG0Vosz/KuxQyW5GQ0dL/DwCs+23BAV8ZpTxHQ3RFIfYfjXk +GYS1/aJ0U0TqrdUAkRC2In8YUmWbUZuPI6qJCbtPg+EIJ/3516R23t8UePhSGQ1r +sqTbKg9VaiZkeMNSk07WxqBaC5nUeK94rKEmv+fOwEd/0Ky74s92DDRmaYzfRhaf +FJfIwDTgvZcOIq9iBiLqWnGq7+/uBnJeXwzF6+6+BrR1K9UniTizmuybeyRP2xhO +x1fR0r1Hkcqo5gaPkFzftOr32bS1RENGm8+M7oTJwStnYde/+ynMULrLrgbyPjkx +FX4s8pefuXM7oW4jP+HFjiaqI6LI6t6j4fRwHxPTR4tfpuVJ24hH2oA6A9tDr6d8 +MnmYKvSwVTGwkOEFQtLBmxHIc+iNnsBcrpQlQm6MnENGb2MP4lLW/kJnENLXetSx +YIapjpMH7SOqU1fFqDRL7UlTt/DeUFjUeX1dsmJ0PsqLbYEgTFOZFypQ+bU4/nxw +LOygalLo/qGVWrCGz9Of6PNeJMby1mRKBbkgETnujM/k3sNC0NzgUIeq83ONqtVw +RGHYXjz2au9AEb3SLG/ErwYF5L/xVHB20V1+/ddSPNR57zfxO5h18EHAcQARAQAB +tC5EYXBwZXIgTGFicyBTZWN1cml0eSA8c2VjdXJpdHlAZGFwcGVybGFicy5jb20+ +iQJUBBMBCAA+FiEEk9NxmWaCVPBVVvQjtLdTxkDR//wFAl1J1mACGwMFCQeGH4AF +CwkIBwIGFQoJCAsCBBYCAwECHgECF4AACgkQtLdTxkDR//w7YRAAzD8P8qVzd00W +HEAd/Aig7FugHiYqXucyFnC1TPGzUhhRW/wEc4kz9BTN5SNhYlR5ksUARNdisRTX +mCqU0Y6I/PVaO5PITqGvx25NcS4sYzIGMlqpzI6y0dMTpJWh3jcfwwlm3W7aUAeW +32NNxpUH50OAm9p5wxCAErBF0PFznNC6Q/tgvQT1Q+nCp+qSC8h+4axfincJ1EIc +/N9AyOhnMSFGFeDHFF2Q1k75qpychtQ0NA1m6mVjoh0WrRdWYCBCRZ+TKKCGjkOC +Xyg7SFxjIG0b7t0fqfDItIgEJqcCgGiXzcUSmWpi9ePNAoW+U/GF3FMG6hBI7b5R +JMt347Di/ckbfEuftTI/GkQH9FSAZ35ncGRf+D5+ssJ1R7T9dQB0aEptq/IpJx8n +5VDeL0IufyagxK0oLnUtS8qhwqUbX7N1xLEH1zGwDWYwXd+2iTHNxGwhDqBeu1z9 +8w0a5mZLJb2P9MeLccm1dy67XlFpZgyg9WIJvgNmpDdUO9481ceoRDXW9ymkiBYK +SR65ZCsbQhsL7CG3alkyFDwTQvkGMDFPPMTMclZ+L/st8QEGTJdJFIhvE9xEpJ9a +K8hR3qUdhlwClRFgiRcyRO+l9pbVe9/QesW5vL/rl6kUviXuVP/kkMT4JJpaE0Ws +DggK02TvyuBs6bT4HMnC0SZggYYbFfu5Ag0EXUnWYAEQAMOPTBRefH/OzdGOdEJe +V0lU5r4nR+o4eD2+KRb1ex00mFaTGMjWTpnwIEKe+wfljvY+P7WE/jp5KNUE1/Ld +4ZH39NvSyXiZV4zHNjgL3ug3vwK4KekdMPdRC7faNG17/g1rhcjctBQyx9Ztb4qT +JlDipYPCBxYM9N07Z4ZUfdh73AtM466Y99yW5zFcConLzpX9+gkuHwQwGRyWjrHS +ydd60sWjRd1O0O4NWmL9C0bNy8opL0js6uI8hqks6txx6CR5VM41C9tscv6EL+4L +vGy36qdHNGYPo/KD4BW3q1n911mLHLlOVZK35PafRnOy/Wg0JEU/riiirkBbSoAo +NeSk/iEnWos/IL0mnBeORFhfZEddrO9lCfBH3m1cBCaphcnlYEyM02ddYqY5Q9AE +tNDbsMjkwvn48EVe5qjSJHSzafYjo7vypEyk0y1SoVM9OcF8IDroEIQ7atCPwgXb +EaIk2VCP6iresVG9LFn0WESeO3wxbRYmn+HlWIPfFcOGYoJ0vJOGhol9Vd23J74+ +SMD69Uf+duGAy2nsaN5fFGhUuNS1SAlFPCUJ5tdwyYsoTtsw8J8CU/N0HEbsvAej +SxKNGpGHlMZO9OeM1x8SMhDWrdaVIlAExWbxT24CACYmIa6yoaNygJfqZxuH7rXD +Yvv+fUJbdX/ZZuPuRAPzHTH5ABEBAAGJAjwEGAEIACYWIQST03GZZoJU8FVW9CO0 +t1PGQNH//AUCXUnWYAIbDAUJB4YfgAAKCRC0t1PGQNH//ID9EADGcbXzRypfyEBq +PUyoA7qHkKQyAv3r/PVmsKo0gPufi1vlTiCsGCx7cKclxGC/7W8doXSNddLp8+Qq +eIUu323ncD7JCabHp2r5Fa+9G+6aeoF5PJgIQGrgxSrlyg8LR+pAXLfuObC7ruDE +a5xQ3yt1fJUfjJZJJpus+Jwz54As9pAsX0hgflAY/2zN2gPUW4OqBwZpykdyfUbU +KgyqKXvWs/d5YhYjD6C+33k/j+jhkmTvc97FEfu3rrAo8rzX5wVY+Qr4stV44LYh +FbLF2bLlZ/292Q7erdt9GSoxwJ1TwW8CuefkNvsjB+FE6mMe0U+7IKejY8OMIb2i +1oD7LTygqmUGbjwNPzNAjh2aaH5er+LHkpETIoPH1we/rxqCWN725J3vALN48xTC +RRvvVHF0f5SKx3xt6Jkc2s7PcOcnqtdv1LGZ0XOLtrE1GMF54+M4Y3RnJHZ7oQaR +wYz2Jcf5rrHUNfEwcR8tW2xkWCn7JI9L/QHlCTZIAB3yvxL+eVSMb8ATN51ONins +YOXSfgZ2Ag3Ef2WfMRmXYVE+fRelz+EuvfAirxxH5Xz41zg843eXrQBIA2hfHH/O +JzzM+MXfvr96TuBQO40fIBb8Vb5AY/I+ICVSBnH4D9d43k9Hp3dyJdFabg8stEQ7 +hfVklUOf8O2ZoQZLML11OKkZWXxSMg== +=HvU0 +-----END PGP PUBLIC KEY BLOCK-----