Skip to content

CONTRIBUTING.md

Latest commit

 

History

History
24 lines (16 loc) · 1.01 KB

CONTRIBUTING.md

File metadata and controls

24 lines (16 loc) · 1.01 KB

Contributing to ForgeTS

We love your input! We want to make contributing to ForgeTS as easy and transparent as possible.

Secure Development Lifecycle (SDLC)

ForgeTS follows strict NIST 800-53 secure coding guidelines. All contributors must adhere to the following:

  1. Code Reviews: All changes must be submitted via Pull Request and require at least one approval from a code owner. Direct pushes to main are blocked.
  2. Linting & Testing: All PRs must pass the lint, typecheck, and test CI gates.
  3. No Secrets: Do not commit secrets, tokens, or keys. Use environment variables.
  4. Dependency Safety: Do not add dependencies with known critical vulnerabilities.

Pull Request Process

  1. Fork the repo and create your branch from main.
  2. If you've added code that should be tested, add tests.
  3. Ensure the test suite passes.
  4. Make sure your code lints.
  5. Issue that pull request!

License

By contributing, you agree that your contributions will be licensed under its MIT License.