carverauto/serviceradar

Fork 0

Added various files to comply with LF requirements. #2301

Merged

marvin-hansen merged 7 commits from refs/pull/2301/head into main

2025-10-09 14:45:08 +00:00

marvin-hansen commented

2025-10-09 08:15:46 +00:00

(Migrated from github.com)

Owner

Imported from GitHub pull request.

Original GitHub pull request: #1732
Original author: @marvin-hansen
Original URL: https://github.com/carverauto/serviceradar/pull/1732
Original created: 2025-10-09T08:15:46Z
Original updated: 2025-10-09T14:45:08Z
Original head: main
Original base: main
Original merged: 2025-10-09T14:45:08Z by @mfreeman451

User description

This PR adds a number of files required by the LF:

Contributing
Code of Conduct based on the official LF template
Support
CODEOWNERS - set default to @mfreeman451
RELEASE - Plz review this one
Added lint results and checklists under docs/LF

The gaps not covered in this initial batch are documented in issue https://github.com/carverauto/serviceradar/issues/1731

PR Type

Documentation

Description

Add Linux Foundation compliance files and templates
Include GitHub issue and PR templates
Document security checklist and recommendations
Add code ownership and release guidelines

Diagram Walkthrough

flowchart LR
  A["LF Requirements"] --> B["Community Files"]
  A --> C["GitHub Templates"]
  A --> D["Documentation"]
  B --> E["CODE_OF_CONDUCT.md"]
  B --> F["CONTRIBUTING.md"]
  B --> G["SUPPORT.md"]
  B --> H["CODEOWNERS"]
  B --> I["RELEASE.md"]
  C --> J["Issue Templates"]
  C --> K["PR Template"]
  D --> L["LF Checklists"]
  D --> M["Security Assessment"]

File Walkthrough

Relevant files

Documentation

10 files

bug_report.md `Add standardized bug report template`	+41/-0
feature_request.md `Add feature request issue template`	+23/-0
pull_request.md `Add PR template with DCO requirements`	+19/-0
CODE_OF_CONDUCT.md `Add Linux Foundation based code of conduct`	+151/-0
CONTRIBUTING.md `Add comprehensive contribution guidelines`	+151/-0
RELEASE.md `Document release process and methodology`	+8/-0
SUPPORT.md `Add support and help documentation`	+58/-0
LF_Github_Recommendations.md `Document LF GitHub recommendations checklist`	+71/-0
LF_SECURITY_CHECK.md `Add security configuration assessment`	+19/-0
repo_lint.md `Include repolinter compliance report`	+166/-0

Configuration changes

1 files

CODEOWNERS
Define code ownership and review assignments +20/-0

Imported from GitHub pull request. Original GitHub pull request: #1732 Original author: @marvin-hansen Original URL: https://github.com/carverauto/serviceradar/pull/1732 Original created: 2025-10-09T08:15:46Z Original updated: 2025-10-09T14:45:08Z Original head: main Original base: main Original merged: 2025-10-09T14:45:08Z by @mfreeman451 --- ### **User description** This PR adds a number of files required by the LF: * Contributing * Code of Conduct based on the official LF template * Support * CODEOWNERS - set default to @mfreeman451 * RELEASE - Plz review this one * Added lint results and checklists under docs/LF The gaps not covered in this initial batch are documented in issue https://github.com/carverauto/serviceradar/issues/1731 ___ ### **PR Type** Documentation ___ ### **Description** - Add Linux Foundation compliance files and templates - Include GitHub issue and PR templates - Document security checklist and recommendations - Add code ownership and release guidelines ___ ### Diagram Walkthrough ```mermaid flowchart LR A["LF Requirements"] --> B["Community Files"] A --> C["GitHub Templates"] A --> D["Documentation"] B --> E["CODE_OF_CONDUCT.md"] B --> F["CONTRIBUTING.md"] B --> G["SUPPORT.md"] B --> H["CODEOWNERS"] B --> I["RELEASE.md"] C --> J["Issue Templates"] C --> K["PR Template"] D --> L["LF Checklists"] D --> M["Security Assessment"] ``` <details> <summary><h3> File Walkthrough</h3></summary> <table><thead><tr><th></th><th align="left">Relevant files</th></tr></thead><tbody><tr><td><strong>Documentation</strong></td><td><details><summary>10 files</summary><table> <tr> <td><strong>bug_report.md</strong><dd><code>Add standardized bug report template</code>                                          </dd></td> <td><a href="https://github.com/carverauto/serviceradar/pull/1732/files#diff-185833cb26d7ac66a4d39042fd576a820c2c2c6d05ad18973bb9c7dce77267c5">+41/-0</a>    </td> </tr> <tr> <td><strong>feature_request.md</strong><dd><code>Add feature request issue template</code>                                              </dd></td> <td><a href="https://github.com/carverauto/serviceradar/pull/1732/files#diff-148870715557a13127284f8aeaa28002ed6b034268af13c5d030ab59fd078220">+23/-0</a>    </td> </tr> <tr> <td><strong>pull_request.md</strong><dd><code>Add PR template with DCO requirements</code>                                        </dd></td> <td><a href="https://github.com/carverauto/serviceradar/pull/1732/files#diff-5ba678c46edb3b49eeb3c1f2c7563dd9de4a4fd86f4b97b8791aa509bc94d2b5">+19/-0</a>    </td> </tr> <tr> <td><strong>CODE_OF_CONDUCT.md</strong><dd><code>Add Linux Foundation based code of conduct</code>                              </dd></td> <td><a href="https://github.com/carverauto/serviceradar/pull/1732/files#diff-ffdbe3a1e7ee93cacfc080b6c635ccf3a8f6b0f00f2fb884f78c6b5f9dac8fd2">+151/-0</a>  </td> </tr> <tr> <td><strong>CONTRIBUTING.md</strong><dd><code>Add comprehensive contribution guidelines</code>                                </dd></td> <td><a href="https://github.com/carverauto/serviceradar/pull/1732/files#diff-eca12c0a30e25b4b46522ebf89465a03ba72a03f540796c979137931d8f92055">+151/-0</a>  </td> </tr> <tr> <td><strong>RELEASE.md</strong><dd><code>Document release process and methodology</code>                                  </dd></td> <td><a href="https://github.com/carverauto/serviceradar/pull/1732/files#diff-2b1b69303b927a484e02c7fad9fc87d0d3ff0dc22ae1da0ecd0dc935d922a23c">+8/-0</a>      </td> </tr> <tr> <td><strong>SUPPORT.md</strong><dd><code>Add support and help documentation</code>                                              </dd></td> <td><a href="https://github.com/carverauto/serviceradar/pull/1732/files#diff-c5fe610b0215b144474106251cab954f8af55fe26cbd5d2265fd6ca19109c97b">+58/-0</a>    </td> </tr> <tr> <td><strong>LF_Github_Recommendations.md</strong><dd><code>Document LF GitHub recommendations checklist</code>                          </dd></td> <td><a href="https://github.com/carverauto/serviceradar/pull/1732/files#diff-08b05bf3c7d94f2dc9083a13e58ab990f4504cd1837679a383a856bd2c6c76d9">+71/-0</a>    </td> </tr> <tr> <td><strong>LF_SECURITY_CHECK.md</strong><dd><code>Add security configuration assessment</code>                                        </dd></td> <td><a href="https://github.com/carverauto/serviceradar/pull/1732/files#diff-a9b52b548843ee309660cf6c4a6c6f7e95cc1dae2f19f0f3943f482c64d59308">+19/-0</a>    </td> </tr> <tr> <td><strong>repo_lint.md</strong><dd><code>Include repolinter compliance report</code>                                          </dd></td> <td><a href="https://github.com/carverauto/serviceradar/pull/1732/files#diff-dfe29a772e511687dd2d217459b7017d8372833553adb5b897130db616d9ba73">+166/-0</a>  </td> </tr> </table></details></td></tr><tr><td><strong>Configuration changes</strong></td><td><details><summary>1 files</summary><table> <tr> <td><strong>CODEOWNERS</strong><dd><code>Define code ownership and review assignments</code>                          </dd></td> <td><a href="https://github.com/carverauto/serviceradar/pull/1732/files#diff-fcf14c4b7b34fe7a11916195871ae66a59be87a395f28db73e345ebdc828085b">+20/-0</a>    </td> </tr> </table></details></td></tr></tr></tbody></table> </details> ___

CLAassistant commented

2025-10-09 08:15:53 +00:00

(Migrated from github.com)

Author

Owner

Imported GitHub PR comment.

Original author: @CLAassistant
Original URL: https://github.com/carverauto/serviceradar/pull/1732#issuecomment-3384683270
Original created: 2025-10-09T08:15:53Z

All committers have signed the CLA.

Imported GitHub PR comment. Original author: @CLAassistant Original URL: https://github.com/carverauto/serviceradar/pull/1732#issuecomment-3384683270 Original created: 2025-10-09T08:15:53Z --- [![CLA assistant check](https://cla-assistant.io/pull/badge/signed)](https://cla-assistant.io/carverauto/serviceradar?pullRequest=1732) <br/>All committers have signed the CLA.

qodo-code-review[bot] commented

2025-10-09 08:16:22 +00:00

(Migrated from github.com)

Author

Owner

Imported GitHub PR comment.

Original author: @qodo-code-review[bot]
Original URL: https://github.com/carverauto/serviceradar/pull/1732#issuecomment-3384684732
Original created: 2025-10-09T08:16:22Z

PR Compliance Guide 🔍

Below is a summary of compliance checks for this PR:

Security Compliance

🟢

No security concerns identified

No security vulnerabilities detected by AI analysis. Human verification advised for critical code.

Ticket Compliance

🟡

🎫 #1731

🟢	Install the DCO app and add a DCO explainer file (WHAT_IS_DCO.md) and ensure DCO usage.
🔴	Update all files to include proper copyright and SPDX-License-Identifier headers per the provided template.
	Move the project to its own GitHub organization with LF admin access.
	Keep Apache 2.0 as the project license; investigate compatibility of all dependency licenses.
⚪	Achieve or make progress toward the OpenSSF Best Practices Badge.

Codebase Duplication Compliance

⚪

Codebase context is not defined

Follow the guide to enable codebase context checks.

Custom Compliance

⚪

No custom compliance provided

Follow the guide to enable custom compliance check.

Compliance status legend

🟢 - Fully Compliant
🟡 - Partial Compliant
🔴 - Not Compliant
⚪ - Requires Further Human Verification
🏷️ - Compliance label

Imported GitHub PR comment. Original author: @qodo-code-review[bot] Original URL: https://github.com/carverauto/serviceradar/pull/1732#issuecomment-3384684732 Original created: 2025-10-09T08:16:22Z --- ## PR Compliance Guide 🔍  Below is a summary of compliance checks for this PR:<br> <table><tbody><tr><td colspan='2'><strong>Security Compliance</strong></td></tr> <tr><td>🟢</td><td><details><summary><strong>No security concerns identified</strong></summary> No security vulnerabilities detected by AI analysis. Human verification advised for critical code. </details></td></tr> <tr><td colspan='2'><strong>Ticket Compliance</strong></td></tr> <tr><td>🟡</td> <td> <details> <summary>🎫 <a href=https://github.com/carverauto/serviceradar/issues/1731>#1731</a></summary> <table width='100%'><tbody> <tr><td rowspan=1>🟢</td> <td>Install the DCO app and add a DCO explainer file (WHAT_IS_DCO.md) and ensure DCO usage.</td></tr> <tr><td rowspan=3>🔴</td> <td>Update all files to include proper copyright and SPDX-License-Identifier headers per the <br>provided template.</td></tr> <tr><td>Move the project to its own GitHub organization with LF admin access.</td></tr> <tr><td>Keep Apache 2.0 as the project license; investigate compatibility of all dependency <br>licenses.</td></tr> <tr><td rowspan=1>⚪</td> <td>Achieve or make progress toward the OpenSSF Best Practices Badge.</td></tr> </tbody></table> </details> </td></tr> <tr><td colspan='2'><strong>Codebase Duplication Compliance</strong></td></tr> <tr><td>⚪</td><td><details><summary><strong>Codebase context is not defined </strong></summary> Follow the <a href='https://qodo-merge-docs.qodo.ai/core-abilities/rag_context_enrichment/'>guide</a> to enable codebase context checks. </details></td></tr> <tr><td colspan='2'><strong>Custom Compliance</strong></td></tr> <tr><td>⚪</td><td><details><summary><strong>No custom compliance provided</strong></summary> Follow the <a href='https://qodo-merge-docs.qodo.ai/tools/compliance/'>guide</a> to enable custom compliance check. </details></td></tr> <tr><td align="center" colspan="2">   </td></tr></tbody></table> <details><summary>Compliance status legend</summary> 🟢 - Fully Compliant<br> 🟡 - Partial Compliant<br> 🔴 - Not Compliant<br> ⚪ - Requires Further Human Verification<br> 🏷️ - Compliance label<br> </details>

qodo-code-review[bot] commented

2025-10-09 08:17:39 +00:00

(Migrated from github.com)

Author

Owner

Imported GitHub PR comment.

Original author: @qodo-code-review[bot]
Original URL: https://github.com/carverauto/serviceradar/pull/1732#issuecomment-3384688879
Original created: 2025-10-09T08:17:39Z

PR Code Suggestions ✨

Explore these optional code suggestions:

Category	Suggestion	Impact
Security	Provide a valid security reporting email Update the security reporting email in `CONTRIBUTING.md` from the non-functional `noreply@github.com` to a valid, monitored address. This is crucial for enabling private disclosure of security vulnerabilities. CONTRIBUTING.md [84] `-> You must never report security related issues, vulnerabilities or bugs including sensitive information to the issue tracker, or elsewhere in public. Instead sensitive bugs must be sent by email to <noreply@github.com>. +> You must never report security related issues, vulnerabilities or bugs including sensitive information to the issue tracker, or elsewhere in public. Instead sensitive bugs must be sent by email to <security@serviceradar.cloud>.` Apply / Chat Suggestion importance[1-10]: 10 __ Why: This suggestion highlights a critical security issue: the email for reporting vulnerabilities is a `noreply@github.com` address, which prevents private disclosure and creates a significant security risk for the project.	High
High-level	Finalize placeholder content in documentation files The new documentation files contain placeholders, broken links, and incomplete sections from templates, such as a non-functional `noreply@github.com` email for security reports and `TODO` sections in `CONTRIBUTING.md`. This content should be replaced with project-specific information to make community governance and security reporting functional. Examples: CODE_OF_CONDUCT.md [5] `Contact: Michael Freeman <noreply@github.com>` CONTRIBUTING.md [84] `> You must never report security related issues, vulnerabilities or bugs including sensitive information to the issue tracker, or elsewhere in public. Instead sensitive bugs must be sent by email to <noreply@github.com>.` Solution Walkthrough: Before: `# In CODE_OF_CONDUCT.md Effective: October 9, 2025 Contact: Michael Freeman <noreply@github.com> ... To report incidents or to appeal reports of incidents, send email to the active maintainer as stated in the README.md. # In CONTRIBUTING.md ... sensitive bugs must be sent by email to <noreply@github.com>. ... ### Your First Code Contribution <!-- TODO include Setup of env, IDE and typical getting started instructions? -->` After: `# In CODE_OF_CONDUCT.md Effective: <current date> Contact: <project-maintainer-email@example.com> ... To report incidents or to appeal reports of incidents, send email to <project-maintainer-email@example.com>. # In CONTRIBUTING.md ... sensitive bugs must be sent by email to <security-contact@example.com>. ... ### Your First Code Contribution <Instructions on setting up the development environment...>` Suggestion importance[1-10]: 9 __ Why: The suggestion correctly identifies critical placeholder information, such as a non-functional `noreply@github.com` email for security reports and multiple `TODO` sections, which significantly undermines the purpose of the new documentation.	High
Possible issue	Use a valid contact email Replace the non-functional `noreply@github.com` contact email in `CODE_OF_CONDUCT.md` with a valid, monitored email address. This ensures that Code of Conduct reports can be properly received and handled. CODE_OF_CONDUCT.md [5] `-Contact: Michael Freeman <noreply@github.com> +Contact: Michael Freeman <conduct@serviceradar.cloud>` Apply / Chat Suggestion importance[1-10]: 9 __ Why: This suggestion correctly identifies a critical flaw where the contact email for Code of Conduct violations is a non-functional `noreply@github.com` address, rendering the reporting process unusable.	High
More

Imported GitHub PR comment. Original author: @qodo-code-review[bot] Original URL: https://github.com/carverauto/serviceradar/pull/1732#issuecomment-3384688879 Original created: 2025-10-09T08:17:39Z --- ## PR Code Suggestions ✨  Explore these optional code suggestions: <table><thead><tr><td><strong>Category</strong></td><td align=left><strong>Suggestion                                                                                                                                    </strong></td><td align=center><strong>Impact</strong></td></tr><tbody><tr><td rowspan=1>Security</td> <td> <details><summary>Provide a valid security reporting email</summary> ___ **Update the security reporting email in <code>CONTRIBUTING.md</code> from the non-functional <br><code>noreply@github.com</code> to a valid, monitored address. This is crucial for enabling <br>private disclosure of security vulnerabilities.** [CONTRIBUTING.md [84]](https://github.com/carverauto/serviceradar/pull/1732/files#diff-eca12c0a30e25b4b46522ebf89465a03ba72a03f540796c979137931d8f92055R84-R84) ```diff -> You must never report security related issues, vulnerabilities or bugs including sensitive information to the issue tracker, or elsewhere in public. Instead sensitive bugs must be sent by email to <noreply@github.com>. +> You must never report security related issues, vulnerabilities or bugs including sensitive information to the issue tracker, or elsewhere in public. Instead sensitive bugs must be sent by email to <security@serviceradar.cloud>. ``` - [ ] **Apply / Chat**  <details><summary>Suggestion importance[1-10]: 10</summary> __ Why: This suggestion highlights a critical security issue: the email for reporting vulnerabilities is a `noreply@github.com` address, which prevents private disclosure and creates a significant security risk for the project. </details></details></td><td align=center>High </td></tr><tr><td rowspan=1>High-level</td> <td> <details><summary>Finalize placeholder content in documentation files</summary> ___ **The new documentation files contain placeholders, broken links, and incomplete <br>sections from templates, such as a non-functional <code>noreply@github.com</code> email for <br>security reports and <code>TODO</code> sections in <code>CONTRIBUTING.md</code>. This content should be <br>replaced with project-specific information to make community governance and <br>security reporting functional.** ### Examples: <details> <summary> <a href="https://github.com/carverauto/serviceradar/pull/1732/files#diff-ffdbe3a1e7ee93cacfc080b6c635ccf3a8f6b0f00f2fb884f78c6b5f9dac8fd2R5-R5">CODE_OF_CONDUCT.md [5]</a> </summary> ```markdown Contact: Michael Freeman <noreply@github.com> ``` </details> <details> <summary> <a href="https://github.com/carverauto/serviceradar/pull/1732/files#diff-eca12c0a30e25b4b46522ebf89465a03ba72a03f540796c979137931d8f92055R84-R84">CONTRIBUTING.md [84]</a> </summary> ```markdown > You must never report security related issues, vulnerabilities or bugs including sensitive information to the issue tracker, or elsewhere in public. Instead sensitive bugs must be sent by email to <noreply@github.com>. ``` </details> ### Solution Walkthrough: #### Before: ```markdown # In CODE_OF_CONDUCT.md Effective: October 9, 2025 Contact: Michael Freeman <noreply@github.com> ... To report incidents or to appeal reports of incidents, send email to the active maintainer as stated in the README.md. # In CONTRIBUTING.md ... sensitive bugs must be sent by email to <noreply@github.com>. ... ### Your First Code Contribution  ``` #### After: ```markdown # In CODE_OF_CONDUCT.md Effective: <current date> Contact: <project-maintainer-email@example.com> ... To report incidents or to appeal reports of incidents, send email to <project-maintainer-email@example.com>. # In CONTRIBUTING.md ... sensitive bugs must be sent by email to <security-contact@example.com>. ... ### Your First Code Contribution <Instructions on setting up the development environment...> ``` <details><summary>Suggestion importance[1-10]: 9</summary> __ Why: The suggestion correctly identifies critical placeholder information, such as a non-functional `noreply@github.com` email for security reports and multiple `TODO` sections, which significantly undermines the purpose of the new documentation. </details></details></td><td align=center>High </td></tr><tr><td rowspan=1>Possible issue</td> <td> <details><summary>Use a valid contact email</summary> ___ **Replace the non-functional <code>noreply@github.com</code> contact email in <br><code>CODE_OF_CONDUCT.md</code> with a valid, monitored email address. This ensures that Code <br>of Conduct reports can be properly received and handled.** [CODE_OF_CONDUCT.md [5]](https://github.com/carverauto/serviceradar/pull/1732/files#diff-ffdbe3a1e7ee93cacfc080b6c635ccf3a8f6b0f00f2fb884f78c6b5f9dac8fd2R5-R5) ```diff -Contact: Michael Freeman <noreply@github.com> +Contact: Michael Freeman <conduct@serviceradar.cloud> ``` - [ ] **Apply / Chat**  <details><summary>Suggestion importance[1-10]: 9</summary> __ Why: This suggestion correctly identifies a critical flaw where the contact email for Code of Conduct violations is a non-functional `noreply@github.com` address, rendering the reporting process unusable. </details></details></td><td align=center>High </td></tr> <tr><td align="center" colspan="2"> - [ ] More  </td><td></td></tr></tbody></table>