diff --git a/.github/FUNDING.yml b/.github/FUNDING.yml deleted file mode 100644 index 129c359b..00000000 --- a/.github/FUNDING.yml +++ /dev/null @@ -1,3 +0,0 @@ -# These are supported funding model platforms - -github: ckotzbauer diff --git a/CONTRIBUTING.md b/CONTRIBUTING.md deleted file mode 100644 index 47c8380b..00000000 --- a/CONTRIBUTING.md +++ /dev/null @@ -1,26 +0,0 @@ -Hello, - -Thank you for your interest in contributing to `sbom-operator`! -Contributions are welcome from beginners and seasoned developers alike. - -### Bugs - -If you've found a bug, create a new issue first, then submit a pull request. - -If at any point you are having trouble navigating/understanding the code base, please don't hesitate to ask for help :) - -### Feature Requests - -If you'd like to see a certain feature in sbom-operator, file an issue first with request for consideration. - -### How to submit a pull request - -1. Fork the repository. -2. Make desired changes (including tests and docs) and push. -3. Go to https://github.com/ckotzbauer/sbom-operator/compare?expand=1 - -## License - -By submitting a contribution to this project, you agree to allow the project -owners to license your work as part of this project under this project's MIT -[license](LICENSE). diff --git a/README.md b/README.md index 6ec8290c..669f7484 100644 --- a/README.md +++ b/README.md @@ -164,7 +164,7 @@ The docker-image is based on `scratch` to reduce the attack-surface and keep the with [cosign](https://github.com/sigstore/cosign) and attested with provenance-files. The release-process satisfies SLSA Level 2. All of those "metadata files" are also stored in a dedicated repository `ghcr.io/ckotzbauer/sbom-operator-metadata`. Both, SLSA and the signatures are still experimental for this project. - +When discovering security issues please refer to the [Security process](https://github.com/ckotzbauer/.github/blob/main/SECURITY.md). [Contributing](https://github.com/ckotzbauer/sbom-operator/blob/master/CONTRIBUTING.md) @@ -174,3 +174,11 @@ Both, SLSA and the signatures are still experimental for this project. [Changelog](https://github.com/ckotzbauer/sbom-operator/blob/master/CHANGELOG.md) -------- + +## Contributing + +Please refer to the [Contribution guildelines](https://github.com/ckotzbauer/.github/blob/main/CONTRIBUTING.md). + +## Code of conduct + +Please refer to the [Conduct guildelines](https://github.com/ckotzbauer/.github/blob/main/CODE_OF_CONDUCT.md).