From 3e3da510c476f2ada5cb14a563e420442ca1381f Mon Sep 17 00:00:00 2001 From: Claude Date: Sun, 14 Jun 2026 14:38:36 +0000 Subject: [PATCH] docs(governance): fill required-file placeholders + fix project naming Remove unfilled {{PLACEHOLDER}} tokens from governance REQUIRED_FILES and delete the rsr-template TEMPLATE INSTRUCTIONS blocks: - SECURITY.md: drop TEMPLATE INSTRUCTIONS block; replace PGP-key machinery ({{PGP_KEY_URL}}, unset fingerprint) with a no-PGP fallback pointing at GitHub Security Advisories (mirrors quandledb #50/#51); fix wrong-project naming nextgen-languages -> tangle in URLs and prose. - CODE_OF_CONDUCT.md: drop TEMPLATE INSTRUCTIONS block; fill {{CONDUCT_EMAIL}} -> 6759885+hyperpolymath@users.noreply.github.com, {{CONDUCT_TEAM}} -> conduct team, {{RESPONSE_TIME}} -> 5 working days; fix wrong-project naming. - CONTRIBUTING.md: fix wrong-project naming nextgen-languages -> tangle (clone URL, dir names, label URLs). Genuine cross-references (README.adoc ecosystem mention of Nextgen Languages) left intact. Template files (QUICKSTART-*.adoc, contractile/k9 templates) untouched. https://claude.ai/code/session_017TXizM5c1Yd9HWf7Y15YH2 --- CODE_OF_CONDUCT.md | 40 ++++++++----------------------- CONTRIBUTING.md | 18 +++++++------- SECURITY.md | 59 ++++++++++------------------------------------ 3 files changed, 32 insertions(+), 85 deletions(-) diff --git a/CODE_OF_CONDUCT.md b/CODE_OF_CONDUCT.md index 5c80c98..23b5bb1 100644 --- a/CODE_OF_CONDUCT.md +++ b/CODE_OF_CONDUCT.md @@ -4,29 +4,9 @@ Copyright (c) Jonathan D.A. Jewell --> # Code of Conduct - - ## Our Pledge -We as members, contributors, and leaders pledge to make participation in Nextgen Languages a harassment-free experience for everyone, regardless of age, body size, visible or invisible disability, ethnicity, sex characteristics, gender identity and expression, level of experience, education, socio-economic status, nationality, personal appearance, race, caste, colour, religion, or sexual identity and orientation. +We as members, contributors, and leaders pledge to make participation in tangle a harassment-free experience for everyone, regardless of age, body size, visible or invisible disability, ethnicity, sex characteristics, gender identity and expression, level of experience, education, socio-economic status, nationality, personal appearance, race, caste, colour, religion, or sexual identity and orientation. We pledge to act and interact in ways that contribute to an open, welcoming, diverse, inclusive, and healthy community. @@ -140,7 +120,7 @@ If you experience or witness unacceptable behaviour, or have any other concerns, | Method | Details | Best For | |--------|---------|----------| -| **Email** | {{CONDUCT_EMAIL}} | Detailed reports, sensitive matters | +| **Email** | 6759885+hyperpolymath@users.noreply.github.com | Detailed reports, sensitive matters | | **Private Message** | Contact any maintainer directly | Quick questions, minor issues | | **Anonymous Form** | [Link to form if available] | When you need anonymity | @@ -156,8 +136,8 @@ If you experience or witness unacceptable behaviour, or have any other concerns, **What Happens Next** -1. You will receive acknowledgment within **{{RESPONSE_TIME}}** -2. The {{CONDUCT_TEAM}} will review the report +1. You will receive acknowledgment within **5 working days** +2. The conduct team will review the report 3. We may ask for additional information 4. We will determine appropriate action 5. We will inform you of the outcome (respecting others' privacy) @@ -173,7 +153,7 @@ All reports will be handled with discretion: ### Conflicts of Interest -If a {{CONDUCT_TEAM}} member is involved in an incident: +If a conduct team member is involved in an incident: - They will recuse themselves from the process - Another maintainer or external party will handle the report @@ -183,7 +163,7 @@ If a {{CONDUCT_TEAM}} member is involved in an incident: ## Enforcement Guidelines -The {{CONDUCT_TEAM}} will follow these guidelines in determining consequences: +The conduct team will follow these guidelines in determining consequences: ### 1. Correction @@ -235,13 +215,13 @@ For contributors with elevated access (Perimeter 2 or 1): If you believe an enforcement decision was made in error: 1. **Wait 7 days** after the decision (cooling-off period) -2. **Email** {{CONDUCT_EMAIL}} with subject line "Appeal: [Original Report ID]" +2. **Email** 6759885+hyperpolymath@users.noreply.github.com with subject line "Appeal: [Original Report ID]" 3. **Explain** why you believe the decision should be reconsidered 4. **Provide** any new information not previously available **Appeals Process** -- Appeals are reviewed by a different {{CONDUCT_TEAM}} member than the original +- Appeals are reviewed by a different conduct team member than the original - You will receive a response within 14 days - The appeals decision is final - You may only appeal once per incident @@ -314,8 +294,8 @@ We thank these communities for their leadership in creating welcoming spaces. If you have questions about this Code of Conduct: -- Open a [Discussion](https://github.com/hyperpolymath/nextgen-languages/discussions) (for general questions) -- Email {{CONDUCT_EMAIL}} (for private questions) +- Open a [Discussion](https://github.com/hyperpolymath/tangle/discussions) (for general questions) +- Email 6759885+hyperpolymath@users.noreply.github.com (for private questions) - Contact any maintainer directly --- diff --git a/CONTRIBUTING.md b/CONTRIBUTING.md index 6a793f4..02b7cad 100644 --- a/CONTRIBUTING.md +++ b/CONTRIBUTING.md @@ -3,15 +3,15 @@ SPDX-License-Identifier: MPL-2.0 Copyright (c) Jonathan D.A. Jewell --> # Clone the repository -git clone https://github.com/hyperpolymath/nextgen-languages.git -cd nextgen-languages +git clone https://github.com/hyperpolymath/tangle.git +cd tangle # Using Nix (recommended for reproducibility) nix develop # Or using toolbox/distrobox -toolbox create nextgen-languages-dev -toolbox enter nextgen-languages-dev +toolbox create tangle-dev +toolbox enter tangle-dev # Install dependencies manually # Verify setup @@ -21,7 +21,7 @@ just test # Run test suite ### Repository Structure ``` -nextgen-languages/ +tangle/ ├── src/ # Source code (Perimeter 1-2) ├── lib/ # Library code (Perimeter 1-2) ├── extensions/ # Extensions (Perimeter 2) @@ -90,10 +90,10 @@ Use the [feature request template](.github/ISSUE_TEMPLATE/feature_request.md) an Look for issues labelled: -- [`good first issue`](https://github.com/hyperpolymath/nextgen-languages/labels/good%20first%20issue) — Simple Perimeter 3 tasks -- [`help wanted`](https://github.com/hyperpolymath/nextgen-languages/labels/help%20wanted) — Community help needed -- [`documentation`](https://github.com/hyperpolymath/nextgen-languages/labels/documentation) — Docs improvements -- [`perimeter-3`](https://github.com/hyperpolymath/nextgen-languages/labels/perimeter-3) — Community sandbox scope +- [`good first issue`](https://github.com/hyperpolymath/tangle/labels/good%20first%20issue) — Simple Perimeter 3 tasks +- [`help wanted`](https://github.com/hyperpolymath/tangle/labels/help%20wanted) — Community help needed +- [`documentation`](https://github.com/hyperpolymath/tangle/labels/documentation) — Docs improvements +- [`perimeter-3`](https://github.com/hyperpolymath/tangle/labels/perimeter-3) — Community sandbox scope --- diff --git a/SECURITY.md b/SECURITY.md index 92688d0..77b386a 100644 --- a/SECURITY.md +++ b/SECURITY.md @@ -4,24 +4,6 @@ Copyright (c) Jonathan D.A. Jewell --> # Security Policy - - We take security seriously. We appreciate your efforts to responsibly disclose vulnerabilities and will make every effort to acknowledge your contributions. ## Table of Contents @@ -44,7 +26,7 @@ We take security seriously. We appreciate your efforts to responsibly disclose v The preferred method for reporting security vulnerabilities is through GitHub's Security Advisory feature: -1. Navigate to [Report a Vulnerability](https://github.com/hyperpolymath/nextgen-languages/security/advisories/new) +1. Navigate to [Report a Vulnerability](https://github.com/hyperpolymath/tangle/security/advisories/new) 2. Click **"Report a vulnerability"** 3. Complete the form with as much detail as possible 4. Submit — we'll receive a private notification @@ -56,26 +38,12 @@ This method ensures: - Coordinated disclosure tooling - Automatic credit when the advisory is published -### Alternative: Encrypted Email - -If you cannot use GitHub Security Advisories, you may email us directly: - -| | | -|---|---| -| **Email** | 6759885+hyperpolymath@users.noreply.github.com | -| **PGP Key** | [Download Public Key]({{PGP_KEY_URL}}) | -| **Fingerprint** | `[PGP fingerprint not set]` | +### Alternative: Email -```bash -# Import our PGP key -curl -sSL {{PGP_KEY_URL}} | gpg --import - -# Verify fingerprint -gpg --fingerprint 6759885+hyperpolymath@users.noreply.github.com - -# Encrypt your report -gpg --armor --encrypt --recipient 6759885+hyperpolymath@users.noreply.github.com report.txt -``` +If you cannot use GitHub Security Advisories, email us directly at +6759885+hyperpolymath@users.noreply.github.com. No PGP key is currently +published; for an encrypted channel, request one via a GitHub Security +Advisory. > **⚠️ Important:** Do not report security vulnerabilities through public GitHub issues, pull requests, discussions, or social media. @@ -207,7 +175,7 @@ If we cannot reach agreement on disclosure timing, we default to 90 days from yo The following are within scope for security research: -- This repository (`hyperpolymath/nextgen-languages`) and all its code +- This repository (`hyperpolymath/tangle`) and all its code - Official releases and packages published from this repository - Documentation that could lead to security issues - Build and deployment configurations in this repository @@ -326,7 +294,7 @@ Recognition includes: To stay informed about security updates: - **Watch this repository**: Click "Watch" → "Custom" → Select "Security alerts" -- **GitHub Security Advisories**: Published at [Security Advisories](https://github.com/hyperpolymath/nextgen-languages/security/advisories) +- **GitHub Security Advisories**: Published at [Security Advisories](https://github.com/hyperpolymath/tangle/security/advisories) - **Release notes**: Security fixes noted in [CHANGELOG](CHANGELOG.md) ### Update Policy @@ -352,7 +320,7 @@ To stay informed about security updates: ## Security Best Practices -When using Nextgen Languages, we recommend: +When using tangle, we recommend: ### General @@ -374,8 +342,7 @@ When using Nextgen Languages, we recommend: ## Additional Resources -- [Our PGP Public Key]({{PGP_KEY_URL}}) -- [Security Advisories](https://github.com/hyperpolymath/nextgen-languages/security/advisories) +- [Security Advisories](https://github.com/hyperpolymath/tangle/security/advisories) - [Changelog](CHANGELOG.md) - [Contributing Guidelines](CONTRIBUTING.md) - [CVE Database](https://cve.mitre.org/) @@ -387,8 +354,8 @@ When using Nextgen Languages, we recommend: | Purpose | Contact | |---------|---------| -| **Security issues** | [Report via GitHub](https://github.com/hyperpolymath/nextgen-languages/security/advisories/new) or 6759885+hyperpolymath@users.noreply.github.com | -| **General questions** | [GitHub Discussions](https://github.com/hyperpolymath/nextgen-languages/discussions) | +| **Security issues** | [Report via GitHub](https://github.com/hyperpolymath/tangle/security/advisories/new) or 6759885+hyperpolymath@users.noreply.github.com | +| **General questions** | [GitHub Discussions](https://github.com/hyperpolymath/tangle/discussions) | | **Other enquiries** | See [README](README.md) for contact information | --- @@ -403,7 +370,7 @@ This security policy may be updated from time to time. Significant changes will --- -*Thank you for helping keep Nextgen Languages and its users safe.* 🛡️ +*Thank you for helping keep tangle and its users safe.* 🛡️ ---