Add CONTRIBUTING.md and SECURITY.md; update LICENSE and README.md for clarity#333
Merged
Add CONTRIBUTING.md and SECURITY.md; update LICENSE and README.md for clarity#333
Conversation
shibayan
added
documentation
Contributor
There was a problem hiding this comment.
Pull request overview
This PR enhances the Sharprompt project's documentation, licensing, and package metadata. It introduces community contribution and security vulnerability reporting guidelines, updates the copyright information, and adds SourceLink support for better debugging and traceability of NuGet packages.
Changes:
- Added
CONTRIBUTING.md(development setup, PR checklist matching CI) andSECURITY.md(vulnerability reporting via email), with links fromREADME.md. - Updated
LICENSEcopyright to include the full name and date range (2019-2026). - Added
Microsoft.SourceLink.GitHub,PublishRepositoryUrl,EmbedUntrackedSources, andPackageProjectUrlto both.csprojfiles for improved NuGet package traceability and debugging support.
Reviewed changes
Copilot reviewed 6 out of 6 changed files in this pull request and generated no comments.
Show a summary per file
| File | Description |
|---|---|
| CONTRIBUTING.md | New file with development environment, setup commands, PR checklist, and contribution guidelines |
| SECURITY.md | New file with supported versions policy and vulnerability reporting instructions |
| README.md | Added Contributing and Security sections linking to the new markdown files |
| LICENSE | Updated copyright holder name and year range |
| Sharprompt/Sharprompt.csproj | Added PackageProjectUrl, PublishRepositoryUrl, EmbedUntrackedSources, and SourceLink package reference |
| Sharprompt.SourceGenerator/Sharprompt.SourceGenerator.csproj | Added PublishRepositoryUrl, EmbedUntrackedSources, and SourceLink package reference |
💡 Add Copilot custom instructions for smarter, more guided reviews. Learn how to get started.
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Add this suggestion to a batch that can be applied as a single commit.This suggestion is invalid because no changes were made to the code.Suggestions cannot be applied while the pull request is closed.Suggestions cannot be applied while viewing a subset of changes.Only one suggestion per line can be applied in a batch.Add this suggestion to a batch that can be applied as a single commit.Applying suggestions on deleted lines is not supported.You must change the existing code in this line in order to create a valid suggestion.Outdated suggestions cannot be applied.This suggestion has been applied or marked resolved.Suggestions cannot be applied from pending reviews.Suggestions cannot be applied on multi-line comments.Suggestions cannot be applied while the pull request is queued to merge.Suggestion cannot be applied right now. Please check back later.
This pull request introduces improvements to documentation, security policy, licensing, and package metadata for the project. The most important changes are the addition of contribution and security guidelines, updates to licensing information, and enhancements to package metadata for better traceability.
Documentation and guidelines:
CONTRIBUTING.mdfile outlining development setup, validation commands, and pull request expectations.SECURITY.mdfile describing supported versions and instructions for reporting vulnerabilities privately.README.mdto reference the new contribution and security guidelines.Licensing:
LICENSEto reflect the correct author and date range.Package metadata and traceability:
.csprojfiles (Sharprompt.csprojandSharprompt.SourceGenerator.csproj) to include repository URLs, embed untracked sources, and add SourceLink support for improved traceability. [1] [2]