From 2e9ed3cc7ac7225ba52e0d24634c437e55afbee5 Mon Sep 17 00:00:00 2001 From: shenxianpeng Date: Thu, 28 May 2026 21:27:54 +0300 Subject: [PATCH] chore: add CONTRIBUTING.md and SECURITY.md --- CONTRIBUTING.md | 51 +++++++++++++++++++++++++++++++++++++++++++++++++ SECURITY.md | 14 ++++++++++++++ 2 files changed, 65 insertions(+) create mode 100644 CONTRIBUTING.md create mode 100644 SECURITY.md diff --git a/CONTRIBUTING.md b/CONTRIBUTING.md new file mode 100644 index 0000000..861396c --- /dev/null +++ b/CONTRIBUTING.md @@ -0,0 +1,51 @@ +# Contributing + +Thanks for your interest in contributing to `cpp-linter-hooks`! + +## Setup + +You'll need Python 3.10+ and [uv](https://docs.astral.sh/uv/). + +```bash +git clone https://github.com/cpp-linter/cpp-linter-hooks.git +cd cpp-linter-hooks +uv sync +source .venv/bin/activate +pre-commit install +``` + +## Running Tests + +```bash +# Run all tests +pytest + +# With coverage +coverage run -m pytest && coverage report +``` + +## Code Style + +We use [ruff](https://docs.astral.sh/ruff/) for linting and formatting. The +pre-commit hooks installed above will check your code automatically on commit. +You can also run them manually: + +```bash +pre-commit run --all-files +``` + +## Making Changes + +1. Create a branch from `main` +2. Make your changes and add tests +3. Run `pytest` to make sure everything passes +4. Open a pull request against `main` + +PRs should have a clear description of what changed and why. Reference any +related issues. + +## Release Process + +Releases are tagged by maintainers. Versioning follows +[setuptools-scm](https://github.com/pypa/setuptools-scm) — the version is +derived from git tags automatically. diff --git a/SECURITY.md b/SECURITY.md new file mode 100644 index 0000000..b160aa3 --- /dev/null +++ b/SECURITY.md @@ -0,0 +1,14 @@ +# Security Policy + +## Reporting a Vulnerability + +If you discover a security vulnerability, please **do not** open a public +issue. Instead, report it privately via +[GitHub's private vulnerability reporting](https://github.com/cpp-linter/cpp-linter-hooks/security/advisories/new). + +We'll respond as quickly as possible and keep you updated throughout the +process. + +## Supported Versions + +Only the latest release receives security patches.