docs: add CONTRIBUTING.md and SECURITY.md

chore: add copyright headers to all source files
2026-04-13 10:50:32 +00:00 · 2026-01-31 12:39:41 +00:00 · 2026-01-31 12:39:31 +00:00 · 2026-01-31 12:39:31 +00:00
5 changed files with 152 additions and 84 deletions
--- a/CHANGELOG.md
+++ b/CHANGELOG.md
@@ -4,6 +4,53 @@ All notable changes to NORA will be documented in this file.
 ---
 ## [0.2.18] - 2026-01-31
 ### Changed
 - Logo styling refinements
 ---
 ## [0.2.17] - 2026-01-31
 ### Added
 - Copyright headers to all source files (Volkov Pavel | DevITWay)
 - SPDX-License-Identifier: MIT in all .rs files
 ---
 ## [0.2.16] - 2026-01-31
 ### Changed
 - N○RA branding: stylized O logo across dashboard
 - Fixed O letter alignment in logo
 ---
 ## [0.2.15] - 2026-01-31
 ### Fixed
 - Code formatting (cargo fmt)
 ---
 ## [0.2.14] - 2026-01-31
 ### Fixed
 - Docker dashboard now shows actual image size from manifest layers (config + layers sum)
 - Previously showed only manifest file size (~500 B instead of actual image size)
 ---
 ## [0.2.13] - 2026-01-31
 ### Fixed
 - npm dashboard now shows correct version count and package sizes
 - Parses metadata.json for versions, dist.unpackedSize, and time.modified
 - Previously showed 0 versions / 0 B for all packages
 ---
 ## [0.2.12] - 2026-01-30
 ### Added
--- a/CONTRIBUTING.md
+++ b/CONTRIBUTING.md
@@ -1,100 +1,68 @@
 # Contributing to NORA
-Thanks for your interest in contributing to NORA!
+Thank you for your interest in contributing to NORA!
 ## Getting Started
-1. **Fork** the repository
+1. Fork the repository
-2. **Clone** your fork:
+2. Clone your fork: `git clone https://github.com/YOUR_USERNAME/nora.git`
-   ```bash
+3. Create a branch: `git checkout -b feature/your-feature`
   git clone https://github.com/your-username/nora.git
   cd nora
   ```
 3. **Create a branch**:
   ```bash
   git checkout -b feature/your-feature-name
   ```
 ## Development Setup
 ### Prerequisites
 - Rust 1.75+ (`rustup update`)
 - Docker (for testing)
 - Git
 ### Build
 ```bash
 # Install Rust (if needed)
 curl --proto '=https' --tlsv1.2 -sSf https://sh.rustup.rs | sh
 # Build
 cargo build
 ```
-### Run
+# Run tests
 ```bash
 cargo run --bin nora
 ```
 ### Test
 ```bash
 cargo test
-cargo clippy
+
-cargo fmt --check
+# Run locally
 cargo run --bin nora -- serve
 ```
 ## Making Changes
 1. **Write code** following Rust conventions
 2. **Add tests** for new features
 3. **Update docs** if needed
 4. **Run checks**:
   ```bash
   cargo fmt
   cargo clippy -- -D warnings
   cargo test
   ```
 ## Commit Messages
 Follow [Conventional Commits](https://www.conventionalcommits.org/):
 - `feat:` - New feature
 - `fix:` - Bug fix
 - `docs:` - Documentation
 - `test:` - Tests
 - `refactor:` - Code refactoring
 - `chore:` - Maintenance
 Example:
 ```bash
 git commit -m "feat: add S3 storage migration"
 ```
 ## Pull Request Process
 1. **Push** to your fork:
   ```bash
   git push origin feature/your-feature-name
   ```
 2. **Open a Pull Request** on GitHub
 3. **Wait for review** - maintainers will review your PR
 ## Code Style
- Follow Rust conventions
+- Run `cargo fmt` before committing
- Use `cargo fmt` for formatting
+- Run `cargo clippy` and fix warnings
- Pass `cargo clippy` with no warnings
+- Follow Rust naming conventions
 - Write meaningful commit messages
-## Questions?
+## Pull Request Process
- Open an [Issue](https://github.com/getnora-io/nora/issues)
+1. Update documentation if needed
- Ask in [Discussions](https://github.com/getnora-io/nora/discussions)
+2. Add tests for new features
- Reach out on [Telegram](https://t.me/DevITWay)
+3. Ensure all tests pass: `cargo test`
 4. Ensure code is formatted: `cargo fmt --check`
 5. Ensure no clippy warnings: `cargo clippy`
---
+## Commit Messages
-Built with love by the NORA community
+Use conventional commits:
 - `feat:` - new feature
 - `fix:` - bug fix
 - `docs:` - documentation
 - `style:` - formatting
 - `refactor:` - code refactoring
 - `test:` - adding tests
 - `chore:` - maintenance
 Example: `feat: add OAuth2 authentication`
 ## Reporting Issues
 - Use GitHub Issues
 - Include steps to reproduce
 - Include NORA version and OS
 ## License
 By contributing, you agree that your contributions will be licensed under the MIT License.
 ## Contact
 - Telegram: [@DevITWay](https://t.me/DevITWay)
 - GitHub Issues: [getnora-io/nora](https://github.com/getnora-io/nora/issues)
--- a/Cargo.toml
+++ b/Cargo.toml
@@ -7,7 +7,7 @@ members = [
 ]
 [workspace.package]
-version = "0.2.12"
+version = "0.2.18"
 edition = "2021"
 license = "MIT"
 authors = ["DevITWay <devitway@gmail.com>"]
--- a/SECURITY.md
+++ b/SECURITY.md
@@ -0,0 +1,53 @@
 # Security Policy
 ## Supported Versions
 | Version | Supported          |
 | ------- | ------------------ |
 | 0.2.x   | :white_check_mark: |
 | < 0.2   | :x:                |
 ## Reporting a Vulnerability
 **Please do not report security vulnerabilities through public GitHub issues.**
 Instead, please report them via:
 1. **Email:** devitway@gmail.com
 2. **Telegram:** [@DevITWay](https://t.me/DevITWay) (private message)
 ### What to Include
 - Type of vulnerability
 - Steps to reproduce
 - Potential impact
 - Suggested fix (if any)
 ### Response Timeline
 - **Initial response:** within 48 hours
 - **Status update:** within 7 days
 - **Fix timeline:** depends on severity
 ### Severity Levels
 | Severity | Description | Response |
 |----------|-------------|----------|
 | Critical | Remote code execution, auth bypass | Immediate fix |
 | High | Data exposure, privilege escalation | Fix within 7 days |
 | Medium | Limited impact vulnerabilities | Fix in next release |
 | Low | Minor issues | Scheduled fix |
 ## Security Best Practices
 When deploying NORA:
 1. **Enable authentication** - Set `NORA_AUTH_ENABLED=true`
 2. **Use HTTPS** - Put NORA behind a reverse proxy with TLS
 3. **Limit network access** - Use firewall rules
 4. **Regular updates** - Keep NORA updated to latest version
 5. **Secure credentials** - Use strong passwords, rotate tokens
 ## Acknowledgments
 We appreciate responsible disclosure and will acknowledge security researchers who report valid vulnerabilities.
--- a/nora-registry/src/ui/components.rs
+++ b/nora-registry/src/ui/components.rs
@@ -140,7 +140,7 @@ fn sidebar_dark(active_page: Option<&str>, t: &Translations) -> String {
        <div id="sidebar" class="fixed md:static inset-y-0 left-0 z-50 w-64 bg-slate-800 text-white flex flex-col transform -translate-x-full md:translate-x-0 transition-transform duration-200 ease-in-out">
            <div class="h-16 flex items-center justify-between px-6 border-b border-slate-700">
                <div class="flex items-center">
-                    <span class="text-2xl font-bold tracking-tight">N<span class="inline-block w-4 h-5 rounded-[45%] border-[1.5px] border-current align-middle mx-0.5"></span>RA</span>
+                    <span class="text-xl font-bold tracking-tight">N<span class="inline-block w-4 h-4 rounded-full border-2 border-current align-middle mx-px"></span>RA</span>
                </div>
                <button onclick="toggleSidebar()" class="md:hidden p-1 rounded-lg hover:bg-slate-700">
                    <svg class="w-6 h-6" fill="none" stroke="currentColor" viewBox="0 0 24 24">
@@ -188,7 +188,7 @@ fn header_dark(lang: Lang) -> String {
                    </svg>
                </button>
                <div class="md:hidden flex items-center">
-                    <span class="font-bold text-slate-200 tracking-tight">N<span class="inline-block w-3 h-4 rounded-[45%] border-[1.5px] border-current align-middle mx-px"></span>RA</span>
+                    <span class="font-bold text-slate-200 tracking-tight">N<span class="inline-block w-4 h-4 rounded-full border-2 border-current align-middle mx-px"></span>RA</span>
                </div>
            </div>
            <div class="flex items-center space-x-2 md:space-x-4">
@@ -589,7 +589,7 @@ fn header() -> String {
                </button>
                <!-- Mobile logo -->
                <div class="md:hidden flex items-center">
-                    <span class="font-bold text-slate-800 tracking-tight">N<span class="inline-block w-3 h-4 rounded-[45%] border-[1.5px] border-current align-middle mx-px"></span>RA</span>
+                    <span class="font-bold text-slate-800 tracking-tight">N<span class="inline-block w-4 h-4 rounded-full border-2 border-current align-middle mx-px"></span>RA</span>
                </div>
            </div>
            <div class="flex items-center space-x-2 md:space-x-4">
Author	SHA1	Message	Date
DevITWay	f82e252e39	docs: add CONTRIBUTING.md and SECURITY.md	2026-01-31 12:39:41 +00:00
DevITWay	7763b85b94	chore: add copyright headers to all source files Copyright (c) 2026 Volkov Pavel \| DevITWay SPDX-License-Identifier: MIT	2026-01-31 12:39:31 +00:00
DevITWay	47a3690384	style: fix O alignment in NORA logo on dashboard	2026-01-31 12:39:31 +00:00