As a maintainer I need to create base security and governance policies to help inform contributors of any contribution limitations related to the aforementioned.
Acceptance criteria
-
security policy
-
enable vulnerability reporting
-
governance policy
-
pr pre-check labeling and comments
-
pr commit linting
-
review and potentially update the contribution guidelines and main readme for "first time contributors" and any potential restrictions or security considerations
Assumptions and question
- ai-helpers - redirecting contributors towards ai-helpers is a form of contributing to the mcp
- explain why our architecture means "you probably don't need to contribute directly to the mcp codebase"
Jira Issue: PF-4128
As a maintainer I need to create base security and governance policies to help inform contributors of any contribution limitations related to the aforementioned.
Acceptance criteria
security policy
enable vulnerability reporting
governance policy
pr pre-check labeling and comments
pr commit linting
review and potentially update the contribution guidelines and main readme for "first time contributors" and any potential restrictions or security considerations
Assumptions and question
Jira Issue: PF-4128