docs(*): create SECURITY.md
#193
Merged
Conversation
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Contributor
There was a problem hiding this comment.
Pull Request Overview
This pull request improves repository documentation and configuration while addressing a critical code comment mistake.
- Added a comprehensive SECURITY.md outlining the security policy and vulnerability reporting.
- Updated .github/sync-client.yml to include SECURITY.md in the configuration sync.
- Corrected a code comment in src/textlint-rule-allowed-uris.js and updated the CHANGELOG.md header.
Reviewed Changes
Copilot reviewed 4 out of 4 changed files in this pull request and generated no comments.
| File | Description |
|---|---|
| SECURITY.md | New file with detailed security policy and reporting steps. |
| .github/sync-client.yml | Updated to include SECURITY.md in the sync configuration. |
| src/textlint-rule-allowed-uris.js | Corrected a critical comment regarding the filename. |
| CHANGELOG.md | Header updated for clarity regarding the changelog. |
github-actions
bot
added
🏷️ scope: *
|
Labels have been automatically applied based on the Conventional Commits specification.🏷️ |
Codecov ReportAll modified and coverable lines are covered by tests ✅
@@ Coverage Diff @@
## main #193 +/- ##
=======================================
Coverage 99.60% 99.60%
=======================================
Files 11 11
Lines 1016 1016
=======================================
Hits 1012 1012
Misses 4 4
Continue to review full report in Codecov by Sentry.
🚀 New features to boost your workflow:
|
lumirlumir
added a commit
that referenced
this pull request
Mar 18, 2025
…ch`) (#200) ## Release Information: `v1.0.9` New release of `lumirlumir/npm-textlint-rule-allowed-uris` has arrived! :tada: This PR bumps the package versions from `v1.0.8` to `v1.0.9` (`patch`). See [Actions](https://github.com/lumirlumir/npm-textlint-rule-allowed-uris/actions/runs/13927306027) for more details. | Info | Value | | ----------- | -------------------------- | | Repository | `lumirlumir/npm-textlint-rule-allowed-uris` | | SEMVER | `patch` | | Pre ID | `canary` | | Short SHA | f11ce22 | | Old Version | `v1.0.8` | | New Version | `v1.0.9` | <!-- Release notes generated using configuration in .github/release.yml at main --> ## What's Changed ### 🧰 Chores * chore(sync-server): update `dependabot.yml` by @lumirlumir in #167 * chore(*): add `provenance` to `publishConfig` in `package.json` by @lumirlumir in #169 * chore(sync-server): update `publish.yml` and `.prettierignore` by @lumirlumir in #171 * chore(sync-server): update `.editorconfig` `max_line_length` to `100000` by @lumirlumir in #181 * chore(sync-server): update `.markdownlint.json` by @lumirlumir in #186 * chore(*): install `textlint` as deps-dev and delete unnecessary files by @lumirlumir in #190 * chore(*): drop `mocha` and replace it with node built-in test runner by @lumirlumir in #192 * chore(*): create `CONTRIBUTING.md` and update ESLint config file by @lumirlumir in #194 * chore(*): add textlint configuration and integrate with lint-staged by @lumirlumir in #197 ### 🔄 Continuous Integrations * ci(sync-server): add permissions to read contents in `lint.yml` and `test.yml` workflows by @lumirlumir in #179 * ci(sync-server): add permissions to `pull-request.yml` and `sync-client.yml` by @lumirlumir in #180 * ci(*): drop `bump.yml` and create `version-multirepo.yml` by @lumirlumir in #198 * ci(*): create `release.yml` by @lumirlumir in #199 ### 📝 Documentation * docs(*): create `SECURITY.md` by @lumirlumir in #193 * docs(*): update `README.md` and `config.yml` by @lumirlumir in #195 ### ♻️ Code Refactoring * refactor(*): update module imports to use `node:` prefix for consistency by @lumirlumir in #173 * refactor(*): create `src/types.js` by @lumirlumir in #174 * refactor(*): rename `src/types.js` to `src/types/index.js` by @lumirlumir in #175 * refactor(*): restructure `theme` utilities and update usage in files by @lumirlumir in #176 * refactor(*): rename and refactor `UriTypes` class by @lumirlumir in #177 * refactor(*): restructure directories and update comments by @lumirlumir in #191 ### ⬆️ Dependency Updates * chore(deps-dev): bump eslint from 9.20.1 to 9.21.0 by @dependabot in #165 * chore(deps-dev): bump prettier from 3.5.1 to 3.5.2 by @dependabot in #166 * chore(deps): bump axios from 1.7.9 to 1.8.1 by @dependabot in #168 * chore(deps): bump undici from 6.19.7 to 6.21.1 in the npm_and_yarn group across 1 directory by @dependabot in #170 * chore(deps-dev): bump prettier from 3.5.2 to 3.5.3 by @dependabot in #172 * chore(deps-dev): bump eslint from 9.21.0 to 9.22.0 by @dependabot in #182 * chore(deps): bump axios from 1.8.1 to 1.8.2 by @dependabot in #183 * chore(deps-dev): bump @babel/core from 7.26.9 to 7.26.10 in the babel group across 1 directory by @dependabot in #184 * chore(deps-dev): bump textlint-tester from 14.4.2 to 14.5.0 by @dependabot in #185 * chore(deps-dev): bump eslint-config-bananass from 0.0.5 to 0.0.6 in the bananass group across 1 directory by @dependabot in #187 * chore(deps): bump axios from 1.8.2 to 1.8.3 by @dependabot in #188 * chore(deps-dev): bump lint-staged from 15.4.3 to 15.5.0 by @dependabot in #189 **Full Changelog**: v1.0.8...v1.0.9
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Add this suggestion to a batch that can be applied as a single commit.
This suggestion is invalid because no changes were made to the code.
Suggestions cannot be applied while the pull request is closed.
Suggestions cannot be applied while viewing a subset of changes.
Only one suggestion per line can be applied in a batch.
Add this suggestion to a batch that can be applied as a single commit.
Applying suggestions on deleted lines is not supported.
You must change the existing code in this line in order to create a valid suggestion.
Outdated suggestions cannot be applied.
This suggestion has been applied or marked resolved.
Suggestions cannot be applied from pending reviews.
Suggestions cannot be applied on multi-line comments.
Suggestions cannot be applied while the pull request is queued to merge.
Suggestion cannot be applied right now. Please check back later.
This pull request includes several changes to the repository, focusing on configuration updates, documentation improvements, and a crucial code comment correction. The most important changes include the addition of a security policy, updates to the configuration sync file, and modifications to the changelog and a critical comment in the code.
Documentation Improvements:
SECURITY.md: Added a comprehensive security policy detailing how to report vulnerabilities, the response process, best practices, and supported versions.CHANGELOG.md: Updated the header to "Change Log" and included links to releases and tags in GitHub.Configuration Updates:
.github/sync-client.yml: Added theSECURITY.mdfile to the sync configuration to ensure it is included in the repository's configurations.Code Comment Correction:
src/textlint-rule-allowed-uris.js: Corrected a critical comment to indicate that the filename must not be changed toindex.jsas it is used as a RULE ID.