From 4f6cec3a2d683c82d0e88887e1536c5ff7354a31 Mon Sep 17 00:00:00 2001 From: Adeloye Adetayo Date: Mon, 1 Jun 2026 17:32:01 +0100 Subject: [PATCH] docs(repo): add contributor and support guides --- CONTRIBUTING.md | 91 +++++++++++++++++++++++++++++++++++++++++++++++++ LICENSE | 2 +- README.md | 7 ++++ SECURITY.md | 41 ++++++++++++++++++++++ SUPPORT.md | 40 ++++++++++++++++++++++ 5 files changed, 180 insertions(+), 1 deletion(-) create mode 100644 CONTRIBUTING.md create mode 100644 SECURITY.md create mode 100644 SUPPORT.md diff --git a/CONTRIBUTING.md b/CONTRIBUTING.md new file mode 100644 index 0000000..5ca5eef --- /dev/null +++ b/CONTRIBUTING.md @@ -0,0 +1,91 @@ +# Contributing to Hiverra Portal + +Hiverra Portal is a local-first file transfer CLI. Keep changes focused, practical, and easy to review. + +## How to Contribute + +### Reporting Bugs + +Before opening a bug report, check existing issues to avoid duplicates. + +A good bug report includes: + +- Portal version or commit +- operating system +- command used +- steps to reproduce +- expected behavior +- actual behavior +- relevant logs or terminal output + +### Suggesting Features + +For feature requests, explain the workflow problem first. Portal should stay local-first, predictable, and safe by default. + +Useful feature requests include: + +- why the feature is needed +- example commands or user flow +- expected behavior +- tradeoffs or security concerns + +### Code Changes + +Use a focused branch for each change. Keep PRs scoped to one issue or one clear task. + +Common Rust commands: + +```sh +cargo fmt +cargo check +cargo test +``` + +For web docs or landing page changes, work inside `apps/web` and use the package scripts there. + +## Commit Messages + +Hiverra Portal uses Conventional Commits. + +Good examples: + +```text +fix(update): handle archive layout during self-update +ci(release): replace cargo-dist workflow +chore(release): bump version to 0.11.1 +docs(web): update install instructions +build(deps): bump tar from 0.4.45 to 0.4.46 +``` + +Git-AIC is optional. This repository includes `git-aic.config.json` so contributors who use Git-AIC get Portal-specific commit guidance. + +```sh +git aic +``` + +Manual commits are fine. Keep subjects concise, use scopes when helpful, and include a short body with bullet points only when the change is complex or the reason is not obvious. + +## Pull Requests + +A good PR should: + +- have a clear title +- explain the behavior change directly +- link related issues with `Closes #123` when applicable +- mention any tests or checks run +- avoid unrelated formatting, dependency, or generated-file changes + +By contributing, you agree that your contributions are provided under this repository's license. + +## Documentation + +Update docs when behavior, commands, install flow, troubleshooting, or release process changes. + +Docs live mainly in: + +- `README.md` +- `apps/web/content/` + +## Security + +Do not report security issues in public issues. See `SECURITY.md` instead. diff --git a/LICENSE b/LICENSE index 477105c..109c929 100644 --- a/LICENSE +++ b/LICENSE @@ -1,6 +1,6 @@ MIT License -Copyright (c) 2025 Spectra +Copyright (c) 2025-2026 Adeloye Adetayo Permission is hereby granted, free of charge, to any person obtaining a copy of this software and associated documentation files (the "Software"), to deal diff --git a/README.md b/README.md index 081b9aa..52280b3 100644 --- a/README.md +++ b/README.md @@ -247,9 +247,16 @@ Docs source of truth: - Canonical docs live in `apps/web/content/*.mdx`. - Repository `docs/` markdown files were removed to avoid duplication and drift. +## Contributing and Support + +- [Contributing](CONTRIBUTING.md) +- [Support](SUPPORT.md) +- [Security Policy](SECURITY.md) + ## Author Github: [Spectra010s](https://github.com/Spectra010s) +Portfolio: [spectra010s.vercel.app](https://spectra010s.vercel.app) ## License diff --git a/SECURITY.md b/SECURITY.md new file mode 100644 index 0000000..0a98e25 --- /dev/null +++ b/SECURITY.md @@ -0,0 +1,41 @@ +# Hiverra Portal Security Policy + +Hiverra Portal is designed for local file transfer, so security issues can affect file integrity, local network safety, and user trust. + +## Reporting Security Issues + +Please report security concerns privately first. + +Use GitHub security advisories if available, or contact the maintainer directly through the repository owner profile. + +Do not open a public issue for vulnerabilities involving: + +- unauthorized file access +- path traversal +- unsafe archive extraction +- sender or receiver identity bypass +- unintended network exposure +- remote code execution +- credential or token leakage + +## What to Include + +Security reports should include: + +- affected version or commit +- operating system +- reproduction steps +- expected behavior +- actual behavior +- potential impact +- relevant logs, screenshots, or proof of concept details + +## Responsible Disclosure + +Please give the maintainer time to investigate and prepare a fix before public disclosure. + +Reports will be handled privately where possible, and public disclosure should be coordinated after a fix or mitigation is available. + +## Supported Versions + +Security fixes target the latest released version unless otherwise stated. diff --git a/SUPPORT.md b/SUPPORT.md new file mode 100644 index 0000000..85a2d62 --- /dev/null +++ b/SUPPORT.md @@ -0,0 +1,40 @@ +# Hiverra Portal Support + +Use GitHub issues for bugs, reproducible failures, and scoped feature requests. + +## Documentation + +Check these first: + +- README: https://github.com/Spectra010s/portal#readme +- Docs: https://portal.biuld.app/docs +- Troubleshooting: https://portal.biuld.app/docs/troubleshooting + +## Bugs + +Open a bug report with: + +- Portal version +- operating system +- command used +- expected behavior +- actual behavior +- relevant logs or terminal output + +## Feature Requests + +Open a feature request when the request describes a clear workflow problem. + +Include: + +- the problem you are trying to solve +- the expected command or user flow +- any local network, platform, or security constraints + +## Response Expectations + +Response time is best effort. Bugs with clear reproduction steps and security-related reports are easier to prioritize. + +## Security + +Do not report security issues in public issues. See `SECURITY.md` instead.