diff --git a/CONTRIBUTING.md b/CONTRIBUTING.md new file mode 100644 index 0000000..043f403 --- /dev/null +++ b/CONTRIBUTING.md @@ -0,0 +1,28 @@ +# Contributing to This Project + +Thank you for your interest in this project. Please read this document +carefully before considering any contributions. + +At this time, this guide is intended to be a living document. It still lacks +important points and details, and future versions of the language and compiler +may render some recommendations obsolete. We are eager to discuss and to receive +contributions from anyone who is aware of common or uncommon pitfalls to avoid, +or good coding practices and tools that can help building more robust software +with the Rust language. + +Thus, feel free to create pull requests to suggest recommendations or +modifications, or to submit an issue to start discussions. Specifically, please +opt for a *pull request* for small changes like: + +- complementing a paragraph, +- adding a small example in the form of code snippet, +- updating some information +- fixing typos and English mistakes, +- etc. + +and for an *issue* in case of more substantive changes: + +- suggesting a new recommendation, +- discussing controversial points, +- rewording a consistent part of the text, +- etc. diff --git a/README.md b/README.md index b8827b6..926c1cf 100644 --- a/README.md +++ b/README.md @@ -1,4 +1,17 @@ # Guide to develop secure applications with Rust +![badge_repo](https://img.shields.io/badge/ANSSI--FR-rust--guide-white) +[![category_badge_doctrinal](https://img.shields.io/badge/category-doctrinal-%23e9c7e7)](https://github.com/ANSSI-FR#types-de-projets) +[![openess_badge_A](https://img.shields.io/badge/code.gouv.fr-collaborative-blue)](https://documentation.ouvert.numerique.gouv.fr/les-parcours-de-documentation/ouvrir-un-projet-num%C3%A9rique/#niveau-ouverture) + +## French Cybersecurity Agency (ANSSI) + +ANSSI logo + +*This projet is managed by [ANSSI](https://cyber.gouv.fr/). To find out more, +you can go to the +[page](https://cyber.gouv.fr/enjeux-technologiques/open-source/) (in French) +dedicated to the ANSSI open source strategy. You can also click on the badges +above to learn more about their meaning*. ## Objectives @@ -40,29 +53,7 @@ $ mdbook serve -o ## Call for Contributions -At this time, this guide is intended to be a living document. It still lacks -important points and details, and future versions of the language and compiler -may render some recommendations obsolete. We are eager to discuss and to receive -contributions from anyone who is aware of common or uncommon pitfalls to avoid, -or good coding practices and tools that can help building more robust software -with the Rust language. - -Thus, feel free to create pull requests to suggest recommendations or -modifications, or to submit an issue to start discussions. Specifically, please -opt for a *pull request* for small changes like: - -- complementing a paragraph, -- adding a small example in the form of code snippet, -- updating some information -- fixing typos and English mistakes, -- etc. - -and for an *issue* in case of more substantive changes: - -- suggesting a new recommendation, -- discussing controversial points, -- rewording a consistent part of the text, -- etc. +See [CONTRIBUTING.md](CONTRIBUTING.md). ## Licence diff --git a/SECURITY.md b/SECURITY.md new file mode 100644 index 0000000..0849e8f --- /dev/null +++ b/SECURITY.md @@ -0,0 +1,16 @@ +# Security Policy + +## Reporting a Vulnerability + +If you discover a security vulnerability in the recommandations included in +this guide, please help us address it responsibly by following these steps: + +1. **Do not publicly disclose the vulnerability.** +2. Contact us directly at + [opensource@ssi.gouv.fr](mailto:opensource@ssi.gouv.fr) with the following + details: + - A clear description of the issue. + - Steps to reproduce the vulnerability. + - Any potential impact or exploit scenarios. + +Thank you for helping us keep this project secure!