Problem
The repository is missing standard contributor-facing governance files:
CONTRIBUTING.md
SECURITY.md
This makes it harder for new contributors to understand how to set up the project, run tests, target the right branch, and report security issues responsibly.
Suggested scope
Add CONTRIBUTING.md covering:
- development setup
- branch and PR target expectations
- local test commands
- commit and PR guidance
Add SECURITY.md covering:
- supported versions, if applicable
- responsible disclosure process
- what information to include in a vulnerability report
- expected response process, if known
Acceptance criteria
CONTRIBUTING.md exists at the repository root.
SECURITY.md exists at the repository root.
- Contributor docs mention the expected PR base branch.
- Security policy gives a clear private reporting path.
Problem
The repository is missing standard contributor-facing governance files:
CONTRIBUTING.mdSECURITY.mdThis makes it harder for new contributors to understand how to set up the project, run tests, target the right branch, and report security issues responsibly.
Suggested scope
Add
CONTRIBUTING.mdcovering:Add
SECURITY.mdcovering:Acceptance criteria
CONTRIBUTING.mdexists at the repository root.SECURITY.mdexists at the repository root.