chore: update README and copyright notices, add SECURITY and CONTRIBU…

…TING

.github/CODEOWNERS

@@ -1,3 +1,3 @@
-#  All contributions require review.
-#  Before a pull request can be merged, it must be reviewed by all code owners:
-*    @joshuasing
+#  All contributions, including contributions by Hypera Development Team Members, require review.
+#  Before a pull request can be merged, it must be reviewed by at least two of the following accounts:
+*       @joshuasing @LooFifteen

CONTRIBUTING.md

@@ -0,0 +1,133 @@
+# Kani Contributing Guidelines
+
+## Welcome!
+
+Welcome to the [Kani Project](https://github.com/HyperaDev/kani), first off, thank you for taking the time to consider
+contributing!
+
+All contributions to Kani are extremely helpful and will be greatly appreciated!
+We are trying our best to make this project as good as possible, but we're still improving things.
+This document contains a set of guidelines for contributing to this project.
+
+**Table of Contents**
+* [Code of Conduct](#code-of-conduct)
+* [Questions](#questions)
+* [Contributing](#contributing)
+  * [Bug reports](#bug-reports)
+    * [Security vulnerabilities](#security-vulnerabilities)
+  * [Suggesting features](#suggesting-features)
+  * [Code contributions](#code-contributions)
+    * [Testing](#testing)
+    * [Commit messages](#commit-messages)
+      * [Allowed types](#allowed-types)
+      * [Allowed scopes](#allowed-scopes)
+    * [Code review](#code-review)
+  * [Supporting the Authors](#supporting-the-authors)
+
+## Code of Conduct
+
+Please help keep this project open and inclusive for all.  
+Read and follow the [Code of Conduct](https://github.com/HyperaDev/.github/blob/main/CODE_OF_CONDUCT.md) before
+contributing to this repository.
+
+If you have encountered someone who is not following the Code of Conduct, please report them
+to [[email protected]](mailto:[email protected]).
+
+## Questions
+
+> **Please do not use GitHub issues to ask questions.** You will get a response faster if you ask on Discord!
+
+If you wish to ask a question, please contact us using Discord by joining the
+[Hypera Development Discord server](https://discord.hypera.dev/), and you will get a response as soon as someone is next
+available.
+
+## Contributing
+
+There are many ways to contribute to Kani, and they all help!  
+Here are the most common types of contributions:
+
+* [Bug reports](#bug-reports)
+    * [Security vulnerabilities](#security-vulnerabilities)
+* [Suggesting features](#suggesting-features)
+* [Code contributions](#code-contributions)
+* [Supporting the authors](#supporting-the-authors)
+
+### Bug reports
+
+If you have discovered a bug in Kani, you can help us
+by [creating an issue](https://github.com/HyperaDev/kani/issues/new?template=bug_report.yml), or if you have the time
+and required knowledge, and really want to help this project, you
+can [create a Pull Request](https://github.com/HyperaDev/kani/compare) with a fix.
+
+#### Security vulnerabilities
+
+We take the security of Kani and our users very seriously. As such, we encourage responsible disclosure of security
+vulnerabilities in Kani.
+
+If you have discovered a security vulnerability in Kani, please report it in accordance with
+our [Security Policy](SECURITY.md#reporting-a-vulnerability).  
+**Never use GitHub issues to report a security vulnerability.**
+
+### Suggesting features
+
+If you have an idea for something that could be added to Kani, you can suggest it
+by [creating an issue](https://github.com/HyperaDev/kani/issues/new?template=feature_request.yml)!  
+Before submitting a feature request, please be sure to check that it hasn't already been suggested.
+
+### Code contributions
+
+Code contributions are often the most helpful way to contribute to this project, and all code contributions will be
+greatly appreciated!
+
+You can contribute code changes that you have written for Kani
+by [creating a Pull Request](https://github.com/HyperaDev/kani/compare).
+
+#### Testing
+
+Adding test coverage is extremely helpful and highly recommended for any major changes you make.  
+Testing helps us catch problems early before they have the change to cause big issues in production.
+
+#### Commit messages
+
+Whilst not required for commits in pull requests, all commits made in the `main` branch **must**
+follow [Conventional Commits](https://www.conventionalcommits.org/en/v1.0.0/).
+This allows for the Git history to be more readable and helps us generate changelogs automatically.
+
+##### Allowed types
+
+- `fix`, when the commit fixes a bug or other issue.
+- `feat`, when adding a new feature.
+- `refactor`, when refactoring or improving existing code.
+- `build`, when modifying a build file.
+- `ci`, when modifying a GitHub Actions workflow.
+- `docs`, when changing documentation.
+- `style`, when correcting a code-style issue.
+- `perf`, when improving the performance of a feature.
+- `test`, when adding or improving tests.
+- `chore`, when doing something that does not fit into the types above.
+
+##### Allowed scopes
+
+- `deps`, when adding, updating, or removing dependencies.
+- `docker`, when modifying Dockerfiles.
+
+#### Code review
+
+We will **not** merge any pull request that does not build, pass all tests, or have style violations.
+**All** code contributions must be licensed under the [MIT License](LICENSE), and must be reviewed by
+the [code owners](https://github.com/HyperaDev/kani/blob/main/.github/CODEOWNERS) for the file(s) you are editing.
+
+All reviews will be strict to prevent problems or mistakes from being merged into the repository.  
+If you have spotted a problem or mistake in someone else's pull request, please feel free to leave a polite comment to
+make everyone else aware of the problem before it gets merged.
+
+### Supporting the Authors
+
+If you wish to support this project in another way, the authors accept donations!
+These donations go towards enabling the authors to spend more time working on this project, paying for
+infrastructure/domains, etc. All donations are extremely appreciated! :D
+
+- [Joshua (joshuasing)](https://github.com/sponsors/joshuasing)
+- [Luis (LooFifteen)](https://ko-fi.com/SLLCoding)
+
+Thank you to everyone who has donated or otherwise contributed to Kani!

LICENSE

@@ -1,6 +1,6 @@
 MIT License
 
-Copyright (c) 2022 Joshua Sing.
+Copyright (c) 2022-2023 Joshua Sing <[email protected]>
 
 Permission is hereby granted, free of charge, to any person obtaining a copy
 of this software and associated documentation files (the "Software"), to deal

README.md

@@ -1,27 +1,80 @@
 # Kani
-<strong>A Traefik ForwardAuth server for Cloudflare Access</strong><br /><br />
-[![Docker Image Version (latest semver)](https://img.shields.io/docker/v/joshuasing/kani?sort=semver&color=cd7f84&style=for-the-badge)](https://hub.docker.com/r/joshuasing/kani)
+
+<strong>A fast Traefik forward-auth server for validating Cloudflare Access requests</strong><br /><br />
+[![License](https://img.shields.io/badge/License-MIT-%23cd7f84?style=for-the-badge)](LICENSE)
+![Code quality](https://img.shields.io/codefactor/grade/github/HyperaDev/kani/main?style=for-the-badge&color=cd7f84)<br />
+[![Docker Image Version (latest semver)](https://img.shields.io/docker/v/joshuasing/kani?sort=semver&color=cd7f84&style=for-the-badge&label=Latest%20Release)](https://hub.docker.com/r/joshuasing/kani)
 [![Docker Pulls](https://img.shields.io/docker/pulls/joshuasing/kani?color=cd7f84&style=for-the-badge)](https://hub.docker.com/r/joshuasing/kani)
-[![License](https://img.shields.io/badge/License-MIT-%23cd7f84?style=for-the-badge)](LICENSE)<br/>
-![Code size](https://img.shields.io/github/languages/code-size/HyperaDev/kani?color=cd7f84&style=for-the-badge)
-![Code lines](https://img.shields.io/tokei/lines/github/HyperaDev/kani?label=Lines%20of%20code&style=for-the-badge&color=cd7f84)
+
+<!-- TOC -->
+* [Kani](#kani)
+  * [What is Kani?](#what-is-kani)
+  * [Why use Kani?](#why-use-kani)
+  * [Getting started](#getting-started)
+  * [Contributing](#contributing)
+    * [Contact](#contact)
+    * [License](#license)
+  * [Acknowledgements](#acknowledgements)
+    * [Supporters](#supporters)
+<!-- TOC -->
 
 ## What is Kani?
-[Kani (カニ)](https://ja.wikipedia.org/wiki/カニ) ([Pronunciation](http://ipa-reader.xyz/?text=kan%CA%B2i)) means Crab in Japanese.
-I'm not entirely sure what I decided to use this name, but here we are.
-Kani is designed to be a [Traefik](https://github.com/traefik/traefik) ForwardAuth server for validating [Cloudflare Access](https://www.cloudflare.com/products/zero-trust/access/) requests.
 
-When a request is proxied through Cloudflare Access, a signed JWT token will be sent to the backend (Traefik in this case) as an HTTP header.
-Since the JWT token is signed, we can get the public keys from Cloudflare Access to validate that it was indeed issued by Cloudflare Access.
+[Kani (カニ)](https://ja.wikipedia.org/wiki/カニ) ([Pronunciation](http://ipa-reader.xyz/?text=kan%CA%B2i)) means Crab in
+Japanese.
+I'm not entirely sure what I decided to use this name, but here we are.
+Kani is designed to be a [Traefik](https://github.com/traefik/traefik) ForwardAuth server for
+validating [Cloudflare Access](https://www.cloudflare.com/products/zero-trust/access/) requests.
 
+When a request is proxied through Cloudflare Access, a signed JWT token will be sent to the backend (Traefik in this
+case) as an HTTP header.
+Since the JWT token is signed, we can get the public keys from Cloudflare Access to validate that it was indeed issued
+by Cloudflare Access.
 
 ## Why use Kani?
-It is recommended to use Kani when you are using Cloudflare Access in-front of a service that is behind Traefik.  
-Kani allows Traefik to validate that the request actually went through Cloudflare Access and that the user was granted access, therefore preventing people from bypassing Cloudflare Access.
+
+We recommend using Kani when using Cloudflare Access to protect websites.
+Kani allows Traefik to validate that requests actually went through Cloudflare Access, preventing users from accessing
+the page without going through Cloudflare Access.
 
 ## Getting started
+
 **See examples in [examples/](examples)**.
 
+## Contributing
+
+If you would like to contribute to this project, please see [CONTRIBUTING.md](CONTRIBUTING.md).
+
+### Contact
+
+If you want to contact the Kani Project maintainers, please use one of the following methods:
+
+- [Discord server](https://discord.hypera.dev/) (Ask questions here please - best response time)
+- [Email `[email protected]`](mailto:[email protected])
+- [Email `[email protected]`](mailto:[email protected])
+- [Email `[email protected]`](mailto:[email protected]) (security-related matters only)
+
 ### License
-Kani is licensed under the terms of the MIT License.  
-See [LICENSE](LICENSE) for the full license.
+
+Kani is distributed under the terms of the MIT License.  
+For further details, please refer to the [LICENSE](LICENSE) file.
+
+## Acknowledgements
+
+We are extremely grateful to the
+[amazing individuals who have contributed to this project](https://github.com/HyperaDev/kani/graphs/contributors),
+as well as those who have supported us by providing valuable feedback and donations.
+
+We would also like to thank all the individuals and companies who have supported us in sustaining
+this project. We are grateful for their valuable contributions that have enabled us to continue to
+improve Kani.
+
+Please note that the individuals and companies listed under the "Supporters" section are
+independent of this project, and their inclusion should not be interpreted as an endorsement or
+affiliation.
+
+### Supporters
+
+We don't currently have any supporters for this project :(  
+If you would like to sponsor this project, please [contact us](#contact)!
+

SECURITY.md

@@ -0,0 +1,45 @@
+# Kani Project Security Policy
+
+The purpose of this document is to outline how the Kani Project maintainers will handle any Security
+Vulnerabilities discovered.
+
+### Supported Versions
+
+We provide security patches for the latest release of Kani. This means that we will only
+address security vulnerabilities that affect the most recent release of this project.
+
+| Version   | Supported          |
+|-----------|--------------------|
+| `1.2.x`   | :white_check_mark: |
+| < `1.2.x` | :x:                |
+
+### Reporting a Vulnerability
+
+If you discover a security vulnerability in Kani, we encourage you to report it to us as soon
+as possible so that we can investigate and address the issue.
+
+You can report a security vulnerability in Kani by:
+- [Creating a vulnerability report on our GitHub repository](https://github.com/HyperaDev/kani/security/advisories/new).
+- Sending an email to [[email protected]](mailto:[email protected]).
+
+When reporting a security vulnerability, please provide as much detail as possible about the issue,
+including how it can be reproduced and what the potential impact of the vulnerability may be.
+
+### Responsible Disclosure and Credit
+
+We take the security of Kani very seriously. As such, we encourage responsible disclosure of
+security vulnerabilities in Kani. If you report a security vulnerability to us responsibly, we
+will credit you when we publish a Security Advisory.
+
+We define responsible disclosure as follows:
+- Disclosing the vulnerability directly to the Kani maintainers, without publicly disclosing it.
+- Allowing us a reasonable amount of time to address the vulnerability before publicly disclosing
+  it.
+- Not exploiting the vulnerability or any related vulnerabilities to gain unauthorised access to
+  systems or data.
+
+### Conclusion
+
+By following this Security Policy, we aim to maintain the security of Kani and our users.  
+If you have any questions or concerns about this policy or Kani's security practices, please do
+not hesitate to contact us at [[email protected]](mailto:[email protected]).

cmd/kani/main.go

@@ -1,6 +1,7 @@
 /*
- * Kani - Traefik forward auth server for Cloudflare Access
- * Copyright (c) 2022 Joshua Sing.
+ * This file is a part of the Kani Project, licensed under the MIT License.
+ *
+ * Copyright (c) 2022-2023 Joshua Sing <[email protected]>
  *
  * Permission is hereby granted, free of charge, to any person obtaining a copy
  * of this software and associated documentation files (the "Software"), to deal

internal/app/app.go

@@ -1,6 +1,7 @@
 /*
- * Kani - Traefik forward auth server for Cloudflare Access
- * Copyright (c) 2022 Joshua Sing.
+ * This file is a part of the Kani Project, licensed under the MIT License.
+ *
+ * Copyright (c) 2022-2023 Joshua Sing <[email protected]>
  *
  * Permission is hereby granted, free of charge, to any person obtaining a copy
  * of this software and associated documentation files (the "Software"), to deal

internal/auth/auth.go

@@ -1,6 +1,7 @@
 /*
- * Kani - Traefik forward auth server for Cloudflare Access
- * Copyright (c) 2022 Joshua Sing.
+ * This file is a part of the Kani Project, licensed under the MIT License.
+ *
+ * Copyright (c) 2022-2023 Joshua Sing <[email protected]>
  *
  * Permission is hereby granted, free of charge, to any person obtaining a copy
  * of this software and associated documentation files (the "Software"), to deal

internal/utils/env.go

@@ -1,6 +1,7 @@
 /*
- * Kani - Traefik forward auth server for Cloudflare Access
- * Copyright (c) 2022 Joshua Sing.
+ * This file is a part of the Kani Project, licensed under the MIT License.
+ *
+ * Copyright (c) 2022-2023 Joshua Sing <[email protected]>
  *
  * Permission is hereby granted, free of charge, to any person obtaining a copy
  * of this software and associated documentation files (the "Software"), to deal