From 444798eb3b75b36eee6417e9d7c527b91be93e0e Mon Sep 17 00:00:00 2001 From: Gleb Levitski <36483986+glevv@users.noreply.github.com> Date: Mon, 8 Jan 2024 21:18:06 +0000 Subject: [PATCH 01/10] Create SECURITY.md --- SECURITY.md | 32 ++++++++++++++++++++++++++++++++ 1 file changed, 32 insertions(+) create mode 100644 SECURITY.md diff --git a/SECURITY.md b/SECURITY.md new file mode 100644 index 0000000..33b020e --- /dev/null +++ b/SECURITY.md @@ -0,0 +1,32 @@ +# Security Policy + +Thanks for helping make this repository safe for everyone! + +We take the security of the open source code repositories seriously and follow the security guidelines and services provided by GitHub. + +## Supported Versions + +| Version | Supported | +| ------- | ------------------ | +| 0.1.x | :x: | +| 0.2.x | :white_check_mark: | + +## Reporting a Vulnerability + +If you believe you have found a security vulnerability in this repository, please report it to author through coordinated disclosure. + +Please do not report security vulnerabilities through public GitHub issues, discussions, or pull requests. + +Instead, please send an email to gleb.levitski@tutanota.com. + +Please include as much of the information listed below as you can to help us better understand and resolve the issue: + +- The type of issue (e.g., buffer overflow, etc.); +- Full paths of source file(s) related to the manifestation of the issue; +- The location of the affected source code (tag/branch/commit or direct URL); +- Any special configuration required to reproduce the issue; +- Step-by-step instructions to reproduce the issue; +- Proof-of-concept or exploit code (if possible); +- Impact of the issue, including how an attacker might exploit the issue. + +This information will help triage your report more quickly. From 5f0609bd9da22579ebc14694d7393b84d1eaa97f Mon Sep 17 00:00:00 2001 From: Gleb Levitski <36483986+glevv@users.noreply.github.com> Date: Mon, 8 Jan 2024 21:19:09 +0000 Subject: [PATCH 02/10] Update pyproject.toml --- pyproject.toml | 5 ++--- 1 file changed, 2 insertions(+), 3 deletions(-) diff --git a/pyproject.toml b/pyproject.toml index 3a87497..fe26830 100644 --- a/pyproject.toml +++ b/pyproject.toml @@ -2,7 +2,7 @@ name = "obscure_stats" version = "0.2.0" description = "Collection of lesser-known statistical functions" -authors = ["Hleb Levitski"] +authors = ["Hleb Levitski "] readme = "README.md" classifiers = [ "Development Status :: 5 - Production/Stable", @@ -27,7 +27,6 @@ python = ">=3.9,<3.13" numpy = "^1.23.5" scipy = "^1.9.1" - [tool.poetry.group.dev.dependencies] mypy = "^1.6.1" pytest = "^7.4.3" @@ -84,4 +83,4 @@ skip-magic-trailing-comma = false line-ending = "auto" [tool.ruff.lint.pydocstyle] -convention = "numpy" \ No newline at end of file +convention = "numpy" From afa1af204a7ac9f96ac55c72df5aa48bf6b9dd53 Mon Sep 17 00:00:00 2001 From: Gleb Levitski <36483986+glevv@users.noreply.github.com> Date: Mon, 8 Jan 2024 21:27:34 +0000 Subject: [PATCH 03/10] Update SECURITY.md --- SECURITY.md | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/SECURITY.md b/SECURITY.md index 33b020e..9c6c34a 100644 --- a/SECURITY.md +++ b/SECURITY.md @@ -2,7 +2,7 @@ Thanks for helping make this repository safe for everyone! -We take the security of the open source code repositories seriously and follow the security guidelines and services provided by GitHub. +Authors of `obscure_stats` library take the security of the open source code repositories seriously and follow the security guidelines and services provided by GitHub. ## Supported Versions @@ -17,7 +17,7 @@ If you believe you have found a security vulnerability in this repository, pleas Please do not report security vulnerabilities through public GitHub issues, discussions, or pull requests. -Instead, please send an email to gleb.levitski@tutanota.com. +Instead, please send an email to securityobscurestats@skiff.com Please include as much of the information listed below as you can to help us better understand and resolve the issue: From d470aea66a25fc92163c8c3e553ba170e482abea Mon Sep 17 00:00:00 2001 From: Gleb Levitski <36483986+glevv@users.noreply.github.com> Date: Mon, 8 Jan 2024 21:28:43 +0000 Subject: [PATCH 04/10] Update pyproject.toml --- pyproject.toml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/pyproject.toml b/pyproject.toml index fe26830..e6c5d15 100644 --- a/pyproject.toml +++ b/pyproject.toml @@ -2,7 +2,7 @@ name = "obscure_stats" version = "0.2.0" description = "Collection of lesser-known statistical functions" -authors = ["Hleb Levitski "] +authors = ["Hleb Levitski"] readme = "README.md" classifiers = [ "Development Status :: 5 - Production/Stable", From 41ad64344114ec9f7d461c2b583cdf9cb7586ff5 Mon Sep 17 00:00:00 2001 From: Gleb Levitski <36483986+glevv@users.noreply.github.com> Date: Mon, 8 Jan 2024 21:29:47 +0000 Subject: [PATCH 05/10] Update CITATION.cff --- CITATION.cff | 3 +-- 1 file changed, 1 insertion(+), 2 deletions(-) diff --git a/CITATION.cff b/CITATION.cff index 45c46a1..bc6bd96 100644 --- a/CITATION.cff +++ b/CITATION.cff @@ -10,7 +10,6 @@ type: software authors: - given-names: Hleb family-names: Levitski - email: gleb.levitski@tutanota.com identifiers: - type: doi value: 10.5281/zenodo.10206933 @@ -19,4 +18,4 @@ repository-artifact: 'https://pypi.org/project/obscure_stats' abstract: Collection of lesser-known statistical measures license: MIT version: 0.2.0 -date-released: '2023-10-21' \ No newline at end of file +date-released: '2023-10-21' From 3b85bc23c3e1d37da51f9bfcedfed6476e758b1d Mon Sep 17 00:00:00 2001 From: Gleb Levitski <36483986+glevv@users.noreply.github.com> Date: Mon, 8 Jan 2024 21:33:50 +0000 Subject: [PATCH 06/10] Update README.md --- README.md | 10 +++++++--- 1 file changed, 7 insertions(+), 3 deletions(-) diff --git a/README.md b/README.md index e3a2c6d..92d304f 100644 --- a/README.md +++ b/README.md @@ -96,14 +96,18 @@ Robust measure of central tendency = 1.09±0.42 ## Code of Conduct -This project adopts the Python Software Foundation Code of Conduct; [please read it here](https://www.python.org/psf/conduct/). +[Code of Conduct for this project can be found here](CODE_OF_CONDUCT.md). ## Contributing -If you would like to contribute, you can read a short guide [here](https://github.com/glevv/obscure_stats/blob/main/CONTRIBUTING.md). +[Contribution guidelines for this project can be found here](CONTRIBUTING.md). + +## Security Policy + +[Security Policy for this project can be found here](SECURITY.md). ## License The content of this repository is licensed under a [MIT license](https://github.com/glevv/obscure_stats/blob/main/LICENSE.txt). -This repository bundles several libraries that are compatibly licensed. A full list can be found [here](https://github.com/glevv/obscure_stats/blob/main/LICENSES_bundled.txt). \ No newline at end of file +This repository bundles several libraries that are compatibly licensed. A full list can be found [here](https://github.com/glevv/obscure_stats/blob/main/LICENSES_bundled.txt). From 49cf39b936837cbc61ada4f0837244f8e7d087bd Mon Sep 17 00:00:00 2001 From: Gleb Levitski <36483986+glevv@users.noreply.github.com> Date: Mon, 8 Jan 2024 21:34:58 +0000 Subject: [PATCH 07/10] Update CODE_OF_CONDUCT.md --- CODE_OF_CONDUCT.md | 4 +++- 1 file changed, 3 insertions(+), 1 deletion(-) diff --git a/CODE_OF_CONDUCT.md b/CODE_OF_CONDUCT.md index b1510f9..19436db 100644 --- a/CODE_OF_CONDUCT.md +++ b/CODE_OF_CONDUCT.md @@ -1 +1,3 @@ -This project adopts the Python Software Foundation Code of Conduct; [please read it here](https://www.python.org/psf/conduct/). \ No newline at end of file +# Code of Conduct + +This project adopts the Python Software Foundation Code of Conduct; [please read it here](https://www.python.org/psf/conduct/). From 28d5ad19543fa954fa02ecb8dce752dd5e8cc407 Mon Sep 17 00:00:00 2001 From: Gleb Levitski <36483986+glevv@users.noreply.github.com> Date: Mon, 8 Jan 2024 21:35:56 +0000 Subject: [PATCH 08/10] Update README.md --- README.md | 6 +++--- 1 file changed, 3 insertions(+), 3 deletions(-) diff --git a/README.md b/README.md index 92d304f..e49cc57 100644 --- a/README.md +++ b/README.md @@ -96,15 +96,15 @@ Robust measure of central tendency = 1.09±0.42 ## Code of Conduct -[Code of Conduct for this project can be found here](CODE_OF_CONDUCT.md). +Code of Conduct for this project can be found [here](CODE_OF_CONDUCT.md). ## Contributing -[Contribution guidelines for this project can be found here](CONTRIBUTING.md). +Contribution guidelines for this project can be found [here](CONTRIBUTING.md). ## Security Policy -[Security Policy for this project can be found here](SECURITY.md). +Security Policy for this project can be found [here](SECURITY.md). ## License From 7fa502efb49ca948c295bbd56f60849ed278f355 Mon Sep 17 00:00:00 2001 From: Gleb Levitski <36483986+glevv@users.noreply.github.com> Date: Mon, 8 Jan 2024 21:45:37 +0000 Subject: [PATCH 09/10] Create CODEOWNERS --- .github/CODEOWNERS | 1 + 1 file changed, 1 insertion(+) create mode 100644 .github/CODEOWNERS diff --git a/.github/CODEOWNERS b/.github/CODEOWNERS new file mode 100644 index 0000000..7d43697 --- /dev/null +++ b/.github/CODEOWNERS @@ -0,0 +1 @@ +* @glevv From e11f3b0b0264a390c6bf2e02255db19ca4d804b5 Mon Sep 17 00:00:00 2001 From: Gleb Levitski <36483986+glevv@users.noreply.github.com> Date: Mon, 8 Jan 2024 21:52:08 +0000 Subject: [PATCH 10/10] Update SECURITY.md --- SECURITY.md | 6 +++++- 1 file changed, 5 insertions(+), 1 deletion(-) diff --git a/SECURITY.md b/SECURITY.md index 9c6c34a..6f90e8b 100644 --- a/SECURITY.md +++ b/SECURITY.md @@ -21,7 +21,7 @@ Instead, please send an email to securityobscurestats@skiff.com Please include as much of the information listed below as you can to help us better understand and resolve the issue: -- The type of issue (e.g., buffer overflow, etc.); +- The type of issue (e.g. buffer overflow, SQL injection, cross-site scripting, etc.); - Full paths of source file(s) related to the manifestation of the issue; - The location of the affected source code (tag/branch/commit or direct URL); - Any special configuration required to reproduce the issue; @@ -30,3 +30,7 @@ Please include as much of the information listed below as you can to help us bet - Impact of the issue, including how an attacker might exploit the issue. This information will help triage your report more quickly. + +## Preferred Languages + +We prefer all communications to be in English.