Skip to content

Latest commit

 

History

History
81 lines (51 loc) · 3.28 KB

CONTRIBUTING.md

File metadata and controls

81 lines (51 loc) · 3.28 KB
Raw

Contributing to NeoApps.AI Code Generator

Thank you for considering contributing to this project! By following the steps below, we can ensure a smooth and secure collaboration.

How to Contribute

1. Fork the Repository

To get started, fork this repository by clicking the "Fork" button at the top of the repository page.

2. Create a Branch

Create a new branch for your feature or bug fix. Use descriptive branch names like feature/add-new-feature or fix/bug-name.

git checkout -b feature/your-feature-name

3. Make Your Changes

Make your changes, test them thoroughly, and ensure everything works as expected.

4. Commit Your Changes

Ensure your commits are signed (optional, but recommended for security):

git commit -S -m "Add new feature"

5. Push Your Changes

Push your branch to your forked repository:

git push origin feature/your-feature-name

6. Submit a Pull Request (PR)

Open a pull request (PR) to the main branch of this repository. Please ensure the following:

  • The code is clean and follows project guidelines.
  • Any tests, if applicable, have been updated or added.
  • The pull request is focused on a single feature or bug fix.

Our team will review the pull request, and feedback will be provided if any changes are necessary. All pull requests require approval before being merged into the main branch.

Branch Protection Rules

For security purposes, the main branch is protected. The following rules are enforced:

  • All contributions must go through a pull request and require at least one approval.
  • Direct pushes to the main branch are not allowed.

Security Practices

We take security seriously. To ensure contributions do not introduce vulnerabilities or malicious payloads, please follow these security guidelines:

  1. Code Scanning: All pull requests will be automatically scanned for security vulnerabilities using tools like CodeQL.
  2. Signed Commits: To verify the identity of contributors, we recommend signing your commits using Git’s GPG signing feature.
  3. Review Process: Every pull request will be manually reviewed by maintainers before merging.
  4. No Binary Files: Do not upload binary files (e.g., .exe, .dll) or any precompiled code. This helps prevent potential security risks.
  5. Respect .gitignore: Ensure sensitive files like environment variables or credentials (e.g., .env files) are not committed.
  6. Dependabot Alerts: Vulnerabilities in dependencies will be automatically flagged and addressed before merging.

Reporting Vulnerabilities

If you discover any security vulnerabilities in the project, please report them privately by emailing [[email protected]]. Do not publicly disclose vulnerabilities until we have had the chance to investigate and address them.

Code of Conduct

Please note that all contributors are expected to follow our Code of Conduct to maintain a respectful and productive community.

Thank you for contributing! Your help in improving this project is greatly appreciated. If you find this project helpful, please consider ⭐️ starring it on GitHub to help others discover it.

Happy coding! 🎉