-
Notifications
You must be signed in to change notification settings - Fork 9
Commit
This commit does not belong to any branch on this repository, and may belong to a fork outside of the repository.
Update documentation according to internal requirements (#66)
* Update CONTRIBUTING.md * Update SECURITY.md * Update README.md * Update README.md * Update LICENSE.txt * Update README.md
- Loading branch information
1 parent
9b6a5d2
commit 1ecbcd0
Showing
4 changed files
with
95 additions
and
48 deletions.
There are no files selected for viewing
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| Original file line number | Diff line number | Diff line change |
|---|---|---|
| @@ -1,40 +1,56 @@ | ||
| # Contributing to OLCUT | ||
| # Contributing to this repository | ||
|
|
||
| We welcome your contributions! There are several directions that OLCUT could | ||
| be extended in. New config file formats could be added, more classes can be | ||
| added for the `@Config` annotation, more classes can be supported by the | ||
| `CommandInterpreter`'s `@Command` methods. Have an idea? Talk to us and | ||
| let's make it happen. Just file an Issue to get in touch. | ||
| We welcome your contributions! There are multiple ways to contribute. | ||
|
|
||
| ## Questions, Bugs, and Features | ||
| ## Opening issues | ||
|
|
||
| If you hit a bug or have an enhancement request please file a [GitHub issue](https://github.com/oracle/olcut/issues). | ||
| This is also a great way to ask us questions. When filing a bug remember that | ||
| the better written the bug is, the more likely it is to be fixed. Please include: | ||
| For bugs or enhancement requests, please file a GitHub issue unless it's | ||
| security related. When filing a bug remember that the better written the bug is, | ||
| the more likely it is to be fixed. If you think you've found a security | ||
| vulnerability, do not raise a GitHub issue and follow the instructions in our | ||
| [security policy](./SECURITY.md). | ||
|
|
||
| 1. Version of OLCUT | ||
| 1. OS | ||
| 1. Java version | ||
| 1. As much code as you can provide to reproduce the bug | ||
| 1. Any relevant configuration file snippets | ||
| 1. Steps to reproduce | ||
| ## Contributing code | ||
|
|
||
| ## Code | ||
| We welcome your code contributions. Before submitting code via a pull request, | ||
| you will need to have signed the [Oracle Contributor Agreement][OCA] (OCA) and | ||
| your commits need to include the following line using the name and e-mail | ||
| address you used to sign the OCA: | ||
|
|
||
| We welcome code contributions, but we need the contributor to sign the | ||
| [Oracle Contributor Agreement (OCA)](https://www.oracle.com/technetwork/community/oca-486395.html) | ||
| first. | ||
| ```text | ||
| Signed-off-by: Your Name <[email protected]> | ||
| ``` | ||
|
|
||
| The process: | ||
| This can be automatically added to pull requests by committing with `--sign-off` | ||
| or `-s`, e.g. | ||
|
|
||
| 1. We encourage you to file an [issue](https://github.com/oracle/olcut/issues) to discuss your idea with us before implementing anything. | ||
| 1. Sign the [OCA](https://www.oracle.com/technetwork/community/oca-486395.html) | ||
| 1. Fork the repository and work your magic | ||
| 1. Create a Pull Request | ||
| 1. We will review your PR and merge as appropriate. | ||
| ```text | ||
| git commit --signoff | ||
| ``` | ||
|
|
||
| ## Code of Conduct | ||
| Only pull requests from committers that can be verified as having signed the OCA | ||
| can be accepted. | ||
|
|
||
| ## Pull request process | ||
|
|
||
| 1. Ensure there is an issue created to track and discuss the fix or enhancement | ||
| you intend to submit. | ||
| 1. Fork this repository. | ||
| 1. Create a branch in your fork to implement the changes. We recommend using | ||
| the issue number as part of your branch name, e.g. `1234-fixes`. | ||
| 1. Ensure that any documentation is updated with the changes that are required | ||
| by your change. | ||
| 1. Ensure that any samples are updated if the base image has been changed. | ||
| 1. Submit the pull request. *Do not leave the pull request blank*. Explain exactly | ||
| what your changes are meant to do and provide simple steps on how to validate. | ||
| your changes. Ensure that you reference the issue you created as well. | ||
| 1. We will assign the pull request to 2-3 people for review before it is merged. | ||
|
|
||
| ## Code of conduct | ||
|
|
||
| Follow the [Golden Rule](https://en.wikipedia.org/wiki/Golden_Rule). If you'd | ||
| like more specific guidelines, see the [Contributor Covenant Code of Conduct][COC]. | ||
|
|
||
| [OCA]: https://oca.opensource.oracle.com | ||
| [COC]: https://www.contributor-covenant.org/version/1/4/code-of-conduct/ | ||
|
|
||
| Follow the [Golden Rule](https://en.wikipedia.org/wiki/Golden_Rule). If | ||
| you'd like more specific guidelines see the | ||
| [Contributor Covenant Code of Conduct](https://www.contributor-covenant.org/version/1/4/code-of-conduct.html) |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| Original file line number | Diff line number | Diff line change |
|---|---|---|
| @@ -1,17 +1,38 @@ | ||
| # Reporting Security Vulnerabilities | ||
| # Reporting security vulnerabilities | ||
|
|
||
| Oracle values the independent security research community and believes that responsible disclosure of security vulnerabilities helps us ensure the security and privacy of all our users. | ||
| Oracle values the independent security research community and believes that | ||
| responsible disclosure of security vulnerabilities helps us ensure the security | ||
| and privacy of all our users. | ||
|
|
||
| Please do NOT raise a GitHub Issue to report a security vulnerability. If you believe you have found a security vulnerability, please submit a report to [secalert\_[email protected]](mailto:[email protected]) preferably with a proof of concept. We provide additional information on [how to report security vulnerabilities to Oracle](https://www.oracle.com/corporate/security-practices/assurance/vulnerability/reporting.html) which includes public encryption keys for secure email. | ||
| Please do NOT raise a GitHub Issue to report a security vulnerability. If you | ||
| believe you have found a security vulnerability, please submit a report to | ||
| [[email protected]][1] preferably with a proof of concept. Please review | ||
| some additional information on [how to report security vulnerabilities to Oracle][2]. | ||
| We encourage people who contact Oracle Security to use email encryption using | ||
| [our encryption key][3]. | ||
|
|
||
| We ask that you do not use other channels or contact project contributors directly. | ||
| We ask that you do not use other channels or contact the project maintainers | ||
| directly. | ||
|
|
||
| Non-vulnerability related security issues such as new great new ideas for security features are welcome on GitHub Issues. | ||
| Non-vulnerability related security issues including ideas for new or improved | ||
| security features are welcome on GitHub Issues. | ||
|
|
||
| ### Security Updates, Alerts and Bulletins | ||
| ## Security updates, alerts and bulletins | ||
|
|
||
| Security updates will be released on a regular cadence. Many of our projects will typically release security fixes in conjunction with the [Oracle Critical Patch Update](https://www.oracle.com/security-alerts/) program. Security updates are released on the Tuesday closest to the 17th day of January, April, July and October. A pre-release announcement will be published on the Thursday preceding each release. Additional information, including past advisories, is available on our [Security Alerts](https://www.oracle.com/security-alerts/) page. | ||
| Security updates will be released on a regular cadence. Many of our projects | ||
| will typically release security fixes in conjunction with the | ||
| Oracle Critical Patch Update program. Additional | ||
| information, including past advisories, is available on our [security alerts][4] | ||
| page. | ||
|
|
||
| ### Security-Related Information | ||
| ## Security-related information | ||
|
|
||
| We will provide security related information such as a threat model, considerations for secure use, or any known security issues in our documentation. Please note that labs and sample code are intended to demonstrate a concept and may not be sufficiently hardened for production use. | ||
| We will provide security related information such as a threat model, considerations | ||
| for secure use, or any known security issues in our documentation. Please note | ||
| that labs and sample code are intended to demonstrate a concept and may not be | ||
| sufficiently hardened for production use. | ||
|
|
||
| [1]: mailto:[email protected] | ||
| [2]: https://www.oracle.com/corporate/security-practices/assurance/vulnerability/reporting.html | ||
| [3]: https://www.oracle.com/security-alerts/encryptionkey.html | ||
| [4]: https://www.oracle.com/security-alerts/ |