clean up security policy & contributing

This commit is contained in:
tiago
2025-11-18 17:02:04 +00:00
parent bf634679b5
commit 0f1eaade04
5 changed files with 25 additions and 37 deletions
-12
View File
@@ -1,12 +0,0 @@
## Code of Conduct
- We are committed to providing a friendly, safe and welcoming environment for all, regardless of level of experience, gender identity and expression, sexual orientation, disability, personal appearance, body size, race, ethnicity, age, religion, nationality, or other similar characteristic.
- Please avoid using overtly sexual aliases or other nicknames that might detract from a friendly, safe and welcoming environment for all.
- Please be kind and courteous. Theres no need to be mean or rude.
- Respect that people have differences of opinion and that every design or implementation choice carries a trade-off and numerous costs. There is seldom a right answer.
- Please keep unstructured critique to a minimum. If you have solid ideas you want to experiment with, make a fork and see how it works.
- We will exclude you from interaction if you insult, demean or harass anyone. That is not welcome behavior. We interpret the term “harassment” as including the definition in the [Citizen Code of Conduct](https://github.com/stumpsyn/policies/blob/master/citizen_code_of_conduct.md); if you have any lack of clarity about what might be included in that concept, please read their definition. In particular, we dont tolerate behavior that excludes people in socially marginalized groups.
- Private harassment is also unacceptable. No matter who you are, if you feel you have been or are being harassed or made uncomfortable by a community member, please contact one of the channel ops or an employee of Oven immediately. Whether youre a regular contributor or a newcomer, we care about making this community a safe place for you and weve got your back.
- Likewise any spamming, trolling, flaming, baiting or other attention-stealing behavior is not welcome.
This code of conduct is mostly stolen from the [Bun Code of Conduct](https://github.com/oven-sh/bun/blob/main/CODE_OF_CONDUCT.md).
+5 -9
View File
@@ -17,9 +17,9 @@ Thanks for your interest in contributing to Cap!
- VSCode is the recommended IDE for working on Cap.
- Put new docs in `docs/guide` and make sure to update the sidebar in `docs/.vitepress/config.mjs`, not scattered in subfolders.
- For writing docs, make sure to place them inside of `docs/guide` and make sure to update the sidebar in `docs/.vitepress/config.mjs`.
Run `bun install` in each package you want to work on.
Run `bun install` in each Bun package you want to work on to install dependencies.
## Guidelines
@@ -29,14 +29,10 @@ Run `bun install` in each package you want to work on.
- We prefer conventional commits, but they are not enforced. See [here](https://www.conventionalcommits.org/en/v1.0.0/) for reference.
- Avoid excessive duplication of code or code comments.
- No AI-generated code please. AI autocomplete is fine, but not fully AI code. If you submit AI-generated code without making it clear, it may be rejected.
- No AI-generated code please! AI autocomplete is fine, but not fully AI code. If you submit AI-generated code without making it clear, it may be rejected.
- Don't edit type files directly, they're auto-generated from JSDoc comments.
- Type files are auto-generated from JSDoc comments
- For optimizations, please always publish a benchmark of the before/after difference before submitting a PR, ideally including your device specs. RAM/CPU usage is also appreciated.
Maintainers may reject PRs at their discretion if they don't follow these guidelines or don't align with the project's goals.
Please also read our [code of conduct](CODE_OF_CONDUCT.md).
Maintainers may reject PRs at their discretion if they don't follow these guidelines or don't align with the project's goals.
+8 -4
View File
@@ -12,7 +12,11 @@ Cap is a lightweight, modern open-source CAPTCHA alternative using <a href="http
Cap is the modern, open-source alternative to traditional CAPTCHAs that uses proof-of-work instead of annoying visual puzzles.
It's built with JavaScript and Rust and has no dependencies. You can either run it on any JavaScript runtime (Bun, Node.js, Deno), or use the standalone mode with Docker.
Cap is built with JavaScript and Rust and both the widget and server helper have zero dependencies.
You can either run it on any JavaScript runtime, or use the standalone mode with Docker.
---
Cap is built into 2 main parts. The [widget](https://capjs.js.org/guide/widget.html) is a small client-side JavaScript library using custom components and WASM that renders the CAPTCHA and solves the challenge.
@@ -43,8 +47,8 @@ Cap is a great alternative to [reCAPTCHA](https://www.google.com/recaptcha/about
## License
Apache 2.0
This project is licensed under the Apache-2.0 License, please see the [LICENSE](LICENSE) file for details.
Copyright (c) 2025present tiago
Copyright ©2025 - present [tiago](https://tiago.zip)
[![OpenSSF Best Practices](https://www.bestpractices.dev/projects/9920/badge)](https://www.bestpractices.dev/projects/9920) [![Product Hunt: #1 of the month: User Experience](https://img.shields.io/badge/%231%20of%20the%20month-orange?logo=producthunt&logoColor=white)](https://www.producthunt.com/posts/cap-5?embed=true&utm_source=badge-top-post-topic-badge&utm_medium=badge&utm_souce=badge-cap-5)
[![OpenSSF Best Practices](https://www.bestpractices.dev/projects/9920/badge)](https://www.bestpractices.dev/projects/9920) [![Product Hunt: #1 of the month: User Experience](https://img.shields.io/badge/%231%20of%20the%20month-orange?logo=producthunt&logoColor=white)](https://www.producthunt.com/posts/cap-5?embed=true&utm_source=badge-top-post-topic-badge&utm_medium=badge&utm_souce=badge-cap-5)
+4 -8
View File
@@ -1,11 +1,7 @@
# Security Policy
# Security policy
## Supported Versions
To report security vulnerabilities, please email me at [`hello@tiago.zip`](mailto:hello@tiago.zip).
We support the latest release of each major version. Older minor versions may not be supported.
The latest version of all Cap packages is actively maintained and patched for all major and minor security vulnerabilities.
## Reporting a Vulnerability
Report any discovered vulnerabilities to the us using GitHub's [Security Advisories feature](https://github.com/tiagozip/cap/security/advisories/new). Your report will be acknowledged as soon as possible.
To the greatest extent possible, we will endeavor to keep you informed of the progress being made towards a fix and full announcement, and may ask for additional information or guidance surrounding the reported issue.
For any other versions, I can only guarantee fixes of major security vulnerabilities.
+8 -4
View File
@@ -51,7 +51,11 @@ features:
Cap is the modern, open-source alternative to traditional CAPTCHAs that uses proof-of-work instead of annoying visual puzzles.
It's built with JavaScript and Rust and has no dependencies. You can either run it on any JavaScript runtime (Bun, Node.js, Deno), or use the standalone mode with Docker.
Cap is built with JavaScript and Rust and both the widget and server helper have zero dependencies.
You can either run it on any JavaScript runtime, or use the standalone mode with Docker.
---
Cap is built into 2 main parts. The [widget](https://capjs.js.org/guide/widget.html) is a small client-side JavaScript library using custom components and WASM that renders the CAPTCHA and solves the challenge.
@@ -84,10 +88,10 @@ Cap is a great alternative to [reCAPTCHA](https://www.google.com/recaptcha/about
## License
Apache 2.0
This project is licensed under the Apache-2.0 License, please see the [LICENSE](LICENSE) file for details.
Copyright (c) 2025present tiago
Copyright ©2025 - present [tiago](https://tiago.zip)
---
[![OpenSSF Best Practices](https://www.bestpractices.dev/projects/9920/badge)](https://www.bestpractices.dev/projects/9920) [![Product Hunt: #1 of the month: User Experience](https://img.shields.io/badge/%231%20of%20the%20month-orange?logo=producthunt&logoColor=white)](https://www.producthunt.com/posts/cap-5?embed=true&utm_source=badge-top-post-topic-badge&utm_medium=badge&utm_souce=badge-cap-5)
[![OpenSSF Best Practices](https://www.bestpractices.dev/projects/9920/badge)](https://www.bestpractices.dev/projects/9920) [![Product Hunt: #1 of the month: User Experience](https://img.shields.io/badge/%231%20of%20the%20month-orange?logo=producthunt&logoColor=white)](https://www.producthunt.com/posts/cap-5?embed=true&utm_source=badge-top-post-topic-badge&utm_medium=badge&utm_souce=badge-cap-5)