From 399088f052ed114afada84eb35fcb462a94ebcde Mon Sep 17 00:00:00 2001 From: aeneasr <3372410+aeneasr@users.noreply.github.com> Date: Thu, 16 Jun 2022 19:31:28 +0000 Subject: [PATCH] chore: update repository templates [skip ci] - updated repository templates to https://github.com/ory/meta/commit/b7308052ea30fe45d46c47aae19285a2237fffb1 --- .github/ISSUE_TEMPLATE/config.yml | 4 +- .github/pull_request_template.md | 20 +-- CODE_OF_CONDUCT.md | 66 ++++------ CONTRIBUTING.md | 210 ++++++++++++------------------ SECURITY.md | 11 +- 5 files changed, 124 insertions(+), 187 deletions(-) diff --git a/.github/ISSUE_TEMPLATE/config.yml b/.github/ISSUE_TEMPLATE/config.yml index b32c206..7f3afd5 100644 --- a/.github/ISSUE_TEMPLATE/config.yml +++ b/.github/ISSUE_TEMPLATE/config.yml @@ -1,7 +1,7 @@ blank_issues_enabled: false contact_links: - - name: Ory Ory Oathkeeper Maester Forum - url: https://github.com/ory/hydra-maester/discussions + - name: Ory Ory Hydra Maester Forum + url: https://github.com/orgs/ory/discussions about: Please ask and answer questions here, show your implementations and discuss ideas. diff --git a/.github/pull_request_template.md b/.github/pull_request_template.md index 1f692e1..29d4613 100644 --- a/.github/pull_request_template.md +++ b/.github/pull_request_template.md @@ -34,20 +34,14 @@ Put an `x` in the boxes that apply. You can also fill these out after creating t them, don't hesitate to ask. We're here to help! This is simply a reminder of what we are going to look for before merging your code. --> -- [ ] I have read the [contributing guidelines](../blob/master/CONTRIBUTING.md) - and signed the CLA. -- [ ] I have referenced an issue containing the design document if my change - introduces a new feature. +- [ ] I have read the [contributing guidelines](../blob/master/CONTRIBUTING.md) and signed the CLA. +- [ ] I have referenced an issue containing the design document if my change introduces a new feature. - [ ] I have read the [security policy](../security/policy). -- [ ] I confirm that this pull request does not address a security - vulnerability. If this pull request addresses a security vulnerability, I - confirm that I got green light (please contact - [security@ory.sh](mailto:security@ory.sh)) from the maintainers to push - the changes. -- [ ] I have added tests that prove my fix is effective or that my feature - works. -- [ ] I have added necessary documentation within the code base (if - appropriate). +- [ ] I confirm that this pull request does not address a security vulnerability. If this pull request addresses a security + vulnerability, I confirm that I got green light (please contact [security@ory.sh](mailto:security@ory.sh)) from the + maintainers to push the changes. +- [ ] I have added tests that prove my fix is effective or that my feature works. +- [ ] I have added necessary documentation within the code base (if appropriate). ## Further comments diff --git a/CODE_OF_CONDUCT.md b/CODE_OF_CONDUCT.md index 2351896..f9ab1ec 100644 --- a/CODE_OF_CONDUCT.md +++ b/CODE_OF_CONDUCT.md @@ -2,17 +2,14 @@ ## Our Pledge -In the interest of fostering an open and welcoming environment, we as -contributors and maintainers pledge to making participation in our project and -our community a harassment-free experience for everyone, regardless of age, body -size, disability, ethnicity, sex characteristics, gender identity and -expression, level of experience, education, socio-economic status, nationality, -personal appearance, race, religion, or sexual identity and orientation. +In the interest of fostering an open and welcoming environment, we as contributors and maintainers pledge to making participation +in our project and our community a harassment-free experience for everyone, regardless of age, body size, disability, ethnicity, +sex characteristics, gender identity and expression, level of experience, education, socio-economic status, nationality, personal +appearance, race, religion, or sexual identity and orientation. ## Our Standards -Examples of behavior that contributes to creating a positive environment -include: +Examples of behavior that contributes to creating a positive environment include: - Using welcoming and inclusive language - Being respectful of differing viewpoints and experiences @@ -22,56 +19,43 @@ include: Examples of unacceptable behavior by participants include: -- The use of sexualized language or imagery and unwelcome sexual attention or - advances +- The use of sexualized language or imagery and unwelcome sexual attention or advances - Trolling, insulting/derogatory comments, and personal or political attacks - Public or private harassment -- Publishing others' private information, such as a physical or electronic - address, without explicit permission -- Other conduct which could reasonably be considered inappropriate in a - professional setting +- Publishing others' private information, such as a physical or electronic address, without explicit permission +- Other conduct which could reasonably be considered inappropriate in a professional setting ## Our Responsibilities -Project maintainers are responsible for clarifying the standards of acceptable -behavior and are expected to take appropriate and fair corrective action in -response to any instances of unacceptable behavior. +Project maintainers are responsible for clarifying the standards of acceptable behavior and are expected to take appropriate and +fair corrective action in response to any instances of unacceptable behavior. -Project maintainers have the right and responsibility to remove, edit, or reject -comments, commits, code, wiki edits, issues, and other contributions that are -not aligned to this Code of Conduct, or to ban temporarily or permanently any -contributor for other behaviors that they deem inappropriate, threatening, -offensive, or harmful. +Project maintainers have the right and responsibility to remove, edit, or reject comments, commits, code, wiki edits, issues, and +other contributions that are not aligned to this Code of Conduct, or to ban temporarily or permanently any contributor for other +behaviors that they deem inappropriate, threatening, offensive, or harmful. ## Scope -This Code of Conduct applies both within project spaces and in public spaces -when an individual is representing the project or its community. Examples of -representing a project or community include using an official project e-mail -address, posting via an official social media account, or acting as an appointed -representative at an online or offline event. Representation of a project may be -further defined and clarified by project maintainers. +This Code of Conduct applies both within project spaces and in public spaces when an individual is representing the project or its +community. Examples of representing a project or community include using an official project e-mail address, posting via an +official social media account, or acting as an appointed representative at an online or offline event. Representation of a project +may be further defined and clarified by project maintainers. ## Enforcement -Instances of abusive, harassing, or otherwise unacceptable behavior may be -reported by contacting the project team at office@ory.sh. All complaints will be -reviewed and investigated and will result in a response that is deemed necessary -and appropriate to the circumstances. The project team is obligated to maintain -confidentiality with regard to the reporter of an incident. Further details of -specific enforcement policies may be posted separately. +Instances of abusive, harassing, or otherwise unacceptable behavior may be reported by contacting the project team at +office@ory.sh. All complaints will be reviewed and investigated and will result in a response that is deemed necessary and +appropriate to the circumstances. The project team is obligated to maintain confidentiality with regard to the reporter of an +incident. Further details of specific enforcement policies may be posted separately. -Project maintainers who do not follow or enforce the Code of Conduct in good -faith may face temporary or permanent repercussions as determined by other -members of the project's leadership. +Project maintainers who do not follow or enforce the Code of Conduct in good faith may face temporary or permanent repercussions +as determined by other members of the project's leadership. ## Attribution -This Code of Conduct is adapted from the [Contributor Covenant][homepage], -version 1.4, available at +This Code of Conduct is adapted from the [Contributor Covenant][homepage], version 1.4, available at https://www.contributor-covenant.org/version/1/4/code-of-conduct.html [homepage]: https://www.contributor-covenant.org -For answers to common questions about this code of conduct, see -https://www.contributor-covenant.org/faq +For answers to common questions about this code of conduct, see https://www.contributor-covenant.org/faq diff --git a/CONTRIBUTING.md b/CONTRIBUTING.md index 039b961..2c69417 100644 --- a/CONTRIBUTING.md +++ b/CONTRIBUTING.md @@ -8,7 +8,7 @@ https://github.com/ory/meta/blob/master/templates/repository/common/CONTRIBUTING --> -# Contributing to Ory Ory Oathkeeper Maester +# Contributing to Ory Ory Hydra Maester @@ -28,52 +28,44 @@ https://github.com/ory/meta/blob/master/templates/repository/common/CONTRIBUTING ## Introduction -There are many ways in which you can contribute, beyond writing code. The goal -of this document is to provide a high-level overview of how you can get -involved. +There are many ways in which you can contribute, beyond writing code. The goal of this document is to provide a high-level +overview of how you can get involved. -_Please note_: We take Ory Ory Oathkeeper Maester's security and our users' trust very -seriously. If you believe you have found a security issue in Ory Ory Oathkeeper Maester, -please responsibly disclose by contacting us at security@ory.sh. +_Please note_: We take Ory Ory Hydra Maester's security and our users' trust very seriously. If you believe you have found a security issue +in Ory Ory Hydra Maester, please responsibly disclose by contacting us at security@ory.sh. -First: As a potential contributor, your changes and ideas are welcome at any -hour of the day or night, weekdays, weekends, and holidays. Please do not ever -hesitate to ask a question or send a pull request. +First: As a potential contributor, your changes and ideas are welcome at any hour of the day or night, weekdays, weekends, and +holidays. Please do not ever hesitate to ask a question or send a pull request. -If you are unsure, just ask or submit the issue or pull request anyways. You -won't be yelled at for giving it your best effort. The worst that can happen is -that you'll be politely asked to change something. We appreciate any sort of -contributions, and don't want a wall of rules to get in the way of that. +If you are unsure, just ask or submit the issue or pull request anyways. You won't be yelled at for giving it your best effort. +The worst that can happen is that you'll be politely asked to change something. We appreciate any sort of contributions, and don't +want a wall of rules to get in the way of that. -That said, if you want to ensure that a pull request is likely to be merged, -talk to us! You can find out our thoughts and ensure that your contribution -won't clash or be obviated by Ory -Ory Oathkeeper Maester's normal direction. A great way to +That said, if you want to ensure that a pull request is likely to be merged, talk to us! You can find out our thoughts and ensure +that your contribution won't clash or be obviated by Ory +Ory Hydra Maester's normal direction. A great way to do this is via -[Ory Ory Oathkeeper Maester Discussions](https://github.com/orgs/ory/discussions) -or the [Ory Chat](https://www.ory.sh/chat). +[Ory Ory Hydra Maester Discussions](https://github.com/orgs/ory/discussions) or the +[Ory Chat](https://www.ory.sh/chat). ## FAQ - I am new to the community. Where can I find the [Ory Community Code of Conduct?](https://github.com/ory/hydra-maester/blob/master/CODE_OF_CONDUCT.md) -- I have a question. Where can I get - [answers to questions regarding Ory Ory Oathkeeper Maester?](#communication) +- I have a question. Where can I get [answers to questions regarding Ory Ory Hydra Maester?](#communication) -- I would like to contribute but I am not sure how. Are there - [easy ways to contribute?](#how-can-i-contribute) +- I would like to contribute but I am not sure how. Are there [easy ways to contribute?](#how-can-i-contribute) [Or good first issues?](https://github.com/search?l=&o=desc&q=label%3A%22help+wanted%22+label%3A%22good+first+issue%22+is%3Aopen+user%3Aory+user%3Aory-corp&s=updated&type=Issues) -- I want to talk to other Ory Ory Oathkeeper Maester users. - [How can I become a part of the community?](#communication) +- I want to talk to other Ory Ory Hydra Maester users. [How can I become a part of the community?](#communication) - I would like to know what I am agreeing to when I contribute to Ory - Ory Oathkeeper Maester. + Ory Hydra Maester. Does Ory have [a Contributors License Agreement?](https://cla-assistant.io/ory/hydra-maester) -- I would like updates about new versions of Ory Ory Oathkeeper Maester. +- I would like updates about new versions of Ory Ory Hydra Maester. [How are new releases announced?](https://ory.us10.list-manage.com/subscribe?u=ffb1a878e4ec6c0ed312a3480&id=f605a41b53) ## How can I contribute? @@ -81,80 +73,63 @@ or the [Ory Chat](https://www.ory.sh/chat). If you want to start contributing code right away, we have a [list of good first issues](https://github.com/ory/hydra-maester/labels/good%20first%20issue). -There are many other ways you can contribute without writing any code. Here are -a few things you can do to help out: +There are many other ways you can contribute without writing any code. Here are a few things you can do to help out: -- **Give us a star.** It may not seem like much, but it really makes a - difference. This is something that everyone can do to help out Ory Ory Oathkeeper Maester. - Github stars help the project gain visibility and stand out. +- **Give us a star.** It may not seem like much, but it really makes a difference. This is something that everyone can do to help + out Ory Ory Hydra Maester. Github stars help the project gain visibility and stand out. -- **Join the community.** Sometimes helping people can be as easy as listening - to their problems and offering a different perspective. Join our Slack, have a - look at discussions in the forum and take part in our weekly hangout. More - info on this in [Communication](#communication). +- **Join the community.** Sometimes helping people can be as easy as listening to their problems and offering a different + perspective. Join our Slack, have a look at discussions in the forum and take part in our weekly hangout. More info on this in + [Communication](#communication). -- **Helping with open issues.** We have a lot of open issues for Ory Ory Oathkeeper Maester - and some of them may lack necessary information, some are duplicates of older - issues. You can help out by guiding people through the process of filling out - the issue template, asking for clarifying information, or pointing them to - existing issues that match their description of the problem. +- **Helping with open issues.** We have a lot of open issues for Ory Ory Hydra Maester and some of them may lack necessary information, + some are duplicates of older issues. You can help out by guiding people through the process of filling out the issue template, + asking for clarifying information, or pointing them to existing issues that match their description of the problem. -- **Reviewing documentation changes.** Most documentation just needs a review - for proper spelling and grammar. If you think a document can be improved in - any way, feel free to hit the `edit` button at the top of the page. More info - on contributing to documentation [here](#documentation). +- **Reviewing documentation changes.** Most documentation just needs a review for proper spelling and grammar. If you think a + document can be improved in any way, feel free to hit the `edit` button at the top of the page. More info on contributing to + documentation [here](#documentation). -- **Help with tests.** Some pull requests may lack proper tests or test plans. - These are needed for the change to be implemented safely. +- **Help with tests.** Some pull requests may lack proper tests or test plans. These are needed for the change to be implemented + safely. ## Communication -We use [Slack](https://www.ory.sh/chat). You are welcome to drop in and ask -questions, discuss bugs and feature requests, talk to other users of Ory, etc. +We use [Slack](https://www.ory.sh/chat). You are welcome to drop in and ask questions, discuss bugs and feature requests, talk to +other users of Ory, etc. -Check out [Ory Ory Oathkeeper Maester Discussions](https://github.com/orgs/ory/discussions). This is a great place for -in-depth discussions and lots of code examples, logs and similar data. +Check out [Ory Ory Hydra Maester Discussions](https://github.com/orgs/ory/discussions). This is a great place for in-depth discussions and lots of code examples, logs +and similar data. -You can also join our community hangout, if you want to speak to the Ory team -directly or ask some questions. You can find more info on the hangouts in -[Slack](https://www.ory.sh/chat). +You can also join our community hangout, if you want to speak to the Ory team directly or ask some questions. You can find more +info on the hangouts in [Slack](https://www.ory.sh/chat). -If you want to receive regular notifications about updates to Ory Ory Oathkeeper Maester, -consider joining the mailing list. We will _only_ send you vital information on -the projects that you are interested in. +If you want to receive regular notifications about updates to Ory Ory Hydra Maester, consider joining the mailing list. We will _only_ send +you vital information on the projects that you are interested in. Also [follow us on twitter](https://twitter.com/orycorp). ## Contributing Code -Unless you are fixing a known bug, we **strongly** recommend discussing it with -the core team via a GitHub issue or [in our chat](https://www.ory.sh/chat) -before getting started to ensure your work is consistent with Ory Ory Oathkeeper Maester's -roadmap and architecture. +Unless you are fixing a known bug, we **strongly** recommend discussing it with the core team via a GitHub issue or +[in our chat](https://www.ory.sh/chat) before getting started to ensure your work is consistent with Ory Ory Hydra Maester's roadmap and +architecture. -All contributions are made via pull requests. To make a pull request, you will -need a GitHub account; if you are unclear on this process, see GitHub's -documentation on [forking](https://help.github.com/articles/fork-a-repo) and -[pull requests](https://help.github.com/articles/using-pull-requests). Pull -requests should be targeted at the `master` branch. Before creating a pull -request, go through this checklist: +All contributions are made via pull requests. To make a pull request, you will need a GitHub account; if you are unclear on this +process, see GitHub's documentation on [forking](https://help.github.com/articles/fork-a-repo) and +[pull requests](https://help.github.com/articles/using-pull-requests). Pull requests should be targeted at the `master` branch. +Before creating a pull request, go through this checklist: 1. Create a feature branch off of `master` so that changes do not get mixed up. -1. [Rebase](http://git-scm.com/book/en/Git-Branching-Rebasing) your local - changes against the `master` branch. -1. Run the full project test suite with the `go test -tags sqlite ./...` (or - equivalent) command and confirm that it passes. -1. Run `make format` if a `Makefile` is available, `gofmt -s` if the project is - written in Go, `npm run format` if the project is written for NodeJS. -1. Ensure that each commit has a descriptive prefix. This ensures a uniform - commit history and helps structure the changelog. - Please refer to this - [list of prefixes for Ory Oathkeeper Maester](https://github.com/ory/hydra-maester/blob/master/.github/semantic.yml) - for an overview. -1. Sign-up with CircleCI so that it has access to your repository with the - branch containing your PR. Simply creating a CircleCI account is sufficient - for the CI jobs to run, you do not need to setup a CircleCI project for the - branch. +1. [Rebase](http://git-scm.com/book/en/Git-Branching-Rebasing) your local changes against the `master` branch. +1. Run the full project test suite with the `go test -tags sqlite ./...` (or equivalent) command and confirm that it passes. +1. Run `make format` if a `Makefile` is available, `gofmt -s` if the project is written in Go, `npm run format` if the project is + written for NodeJS. +1. Ensure that each commit has a descriptive prefix. This ensures a uniform commit history and helps structure the changelog. + Please refer to this [list of prefixes for Ory Hydra Maester](https://github.com/ory/hydra-maester/blob/master/.github/semantic.yml) for an + overview. +1. Sign-up with CircleCI so that it has access to your repository with the branch containing your PR. Simply creating a CircleCI + account is sufficient for the CI jobs to run, you do not need to setup a CircleCI project for the branch. If a pull request is not ready to be reviewed yet [it should be marked as a "Draft"](https://docs.github.com/en/github/collaborating-with-pull-requests/proposing-changes-to-your-work-with-pull-requests/changing-the-stage-of-a-pull-request). @@ -162,55 +137,46 @@ If a pull request is not ready to be reviewed yet Before your contributions can be reviewed you need to sign our [Contributor License Agreement](https://cla-assistant.io/ory/hydra-maester). -This agreement defines the terms under which your code is contributed to Ory. -More specifically it declares that you have the right to, and actually do, grant -us the rights to use your contribution. You can see the Apache 2.0 license under -which our projects are published -[here](https://github.com/ory/meta/blob/master/LICENSE). +This agreement defines the terms under which your code is contributed to Ory. More specifically it declares that you have the +right to, and actually do, grant us the rights to use your contribution. You can see the Apache 2.0 license under which our +projects are published [here](https://github.com/ory/meta/blob/master/LICENSE). -When pull requests fail testing, authors are expected to update their pull -requests to address the failures until the tests pass. +When pull requests fail testing, authors are expected to update their pull requests to address the failures until the tests pass. Pull requests eligible for review 1. follow the repository's code formatting conventions; -2. include tests which prove that the change works as intended and does not add - regressions; +2. include tests which prove that the change works as intended and does not add regressions; 3. document the changes in the code and/or the project's documentation; 4. pass the CI pipeline; -5. have signed our - [Contributor License Agreement](https://cla-assistant.io/ory/hydra-maester); +5. have signed our [Contributor License Agreement](https://cla-assistant.io/ory/hydra-maester); 6. include a proper git commit message following the [Conventional Commit Specification](https://www.conventionalcommits.org/en/v1.0.0/). -If all of these items are checked, the pull request is ready to be reviewed and -you should change the status to "Ready for review" and +If all of these items are checked, the pull request is ready to be reviewed and you should change the status to "Ready for review" +and [request review from a maintainer](https://docs.github.com/en/github/collaborating-with-pull-requests/proposing-changes-to-your-work-with-pull-requests/requesting-a-pull-request-review). Reviewers will approve the pull request once they are satisfied with the patch. ## Documentation -Please provide documentation when changing, removing, or adding features. -Documentation resides in the project's -[docs](https://github.com/ory/hydra-maester/tree/master/docs) folder. Generate API and -configuration reference documentation using `cd docs; npm run gen`. +Please provide documentation when changing, removing, or adding features. Documentation resides in the project's +[docs](https://github.com/ory/hydra-maester/tree/master/docs) folder. Generate API and configuration reference documentation using +`cd docs; npm run gen`. -For further instructions please head over to -[docs/README.md](https://github.com/ory/hydra-maester/blob/master/README.md). +For further instructions please head over to [docs/README.md](https://github.com/ory/hydra-maester/blob/master/README.md). ## Disclosing vulnerabilities -Please disclose vulnerabilities exclusively to -[security@ory.sh](mailto:security@ory.sh). Do not use GitHub issues. +Please disclose vulnerabilities exclusively to [security@ory.sh](mailto:security@ory.sh). Do not use GitHub issues. ## Code Style Please follow these guidelines when formatting source code: - Go code should match the output of `gofmt -s` and pass `golangci-lint run`. -- NodeJS and JavaScript code should be prettified using `npm run format` where - appropriate. +- NodeJS and JavaScript code should be prettified using `npm run format` where appropriate. ### Working with Forks @@ -241,25 +207,19 @@ Now go to the project's GitHub Pull Request page and click "New pull request" ## Conduct -Whether you are a regular contributor or a newcomer, we care about making this -community a safe place for you and we've got your back. +Whether you are a regular contributor or a newcomer, we care about making this community a safe place for you and we've got your +back. -- We are committed to providing a friendly, safe and welcoming environment for - all, regardless of gender, sexual orientation, disability, ethnicity, - religion, or similar personal characteristic. -- Please avoid using nicknames that might detract from a friendly, safe and - welcoming environment for all. +- We are committed to providing a friendly, safe and welcoming environment for all, regardless of gender, sexual orientation, + disability, ethnicity, religion, or similar personal characteristic. +- Please avoid using nicknames that might detract from a friendly, safe and welcoming environment for all. - Be kind and courteous. There is no need to be mean or rude. -- We will exclude you from interaction if you insult, demean or harass anyone. - In particular, we do not tolerate behavior that excludes people in socially - marginalized groups. -- Private harassment is also unacceptable. No matter who you are, if you feel - you have been or are being harassed or made uncomfortable by a community - member, please contact one of the channel ops or a member of the Ory Ory Oathkeeper Maester - core team immediately. -- Likewise any spamming, trolling, flaming, baiting or other attention-stealing - behaviour is not welcome. +- We will exclude you from interaction if you insult, demean or harass anyone. In particular, we do not tolerate behavior that + excludes people in socially marginalized groups. +- Private harassment is also unacceptable. No matter who you are, if you feel you have been or are being harassed or made + uncomfortable by a community member, please contact one of the channel ops or a member of the Ory Ory Hydra Maester core team + immediately. +- Likewise any spamming, trolling, flaming, baiting or other attention-stealing behaviour is not welcome. -We welcome discussion about creating a welcoming, safe, and productive -environment for the community. If you have any questions, feedback, or concerns -[please let us know](https://www.ory.sh/chat). +We welcome discussion about creating a welcoming, safe, and productive environment for the community. If you have any questions, +feedback, or concerns [please let us know](https://www.ory.sh/chat). diff --git a/SECURITY.md b/SECURITY.md index 70f1ef4..8152c97 100644 --- a/SECURITY.md +++ b/SECURITY.md @@ -21,8 +21,8 @@ https://github.com/ory/meta/blob/master/templates/repository/SECURITY.md ## Supported Versions -We release patches for security vulnerabilities. Which versions are eligible -receiving such patches depend on the CVSS v3.0 Rating: +We release patches for security vulnerabilities. Which versions are eligible receiving such patches depend on the CVSS v3.0 +Rating: | CVSS v3.0 | Supported Versions | | --------- | ----------------------------------------- | @@ -31,7 +31,6 @@ receiving such patches depend on the CVSS v3.0 Rating: ## Reporting a Vulnerability -Please report (suspected) security vulnerabilities to -**[security@ory.sh](mailto:security@ory.sh)**. You will receive a response from -us within 48 hours. If the issue is confirmed, we will release a patch as soon -as possible depending on complexity but historically within a few days. +Please report (suspected) security vulnerabilities to **[security@ory.sh](mailto:security@ory.sh)**. You will receive a response +from us within 48 hours. If the issue is confirmed, we will release a patch as soon as possible depending on complexity but +historically within a few days.