Merge pull request #505 from wayofdev/feat/tpl-updates

docs: changes in issue templates

Author: lotyp

.github/ISSUE_TEMPLATE/1-bug-report.yml

@@ -98,6 +98,7 @@ body:
         We highly value your contributions, so please make sure to familiarize yourself with our repository's guidelines:
         - [Code of Conduct](https://github.com/wayofdev/laravel-package-tpl/blob/master/.github/CODE_OF_CONDUCT.md)
         - [Contribution Guidelines](https://github.com/wayofdev/laravel-package-tpl/blob/master/.github/CONTRIBUTING.md)
+
         Additionally, consider joining our discussions on:
         - [WayOfDev Discord Community](https://discord.gg/CE3TcCC5vr)
 

.github/ISSUE_TEMPLATE/2-feature-request.yml

@@ -68,6 +68,7 @@ body:
         We highly value your contributions, so please make sure to familiarize yourself with our repository's guidelines:
         - [Code of Conduct](https://github.com/wayofdev/laravel-package-tpl/blob/master/.github/CODE_OF_CONDUCT.md)
         - [Contribution Guidelines](https://github.com/wayofdev/laravel-package-tpl/blob/master/.github/CONTRIBUTING.md)
+
         Additionally, consider joining our discussions on:
         - [WayOfDev Discord Community](https://discord.gg/CE3TcCC5vr)
 

.github/ISSUE_TEMPLATE/3-failing-test.yml

@@ -3,7 +3,7 @@
 name: 🧪 Failing Test
 description: Report failing tests or CI jobs.
 title: '[Test]: '
-labels: ['Type: Test']
+labels: ['type: test']
 
 assignees:
   - lotyp
@@ -56,6 +56,7 @@ body:
         We highly value your contributions, so please make sure to familiarize yourself with our repository's guidelines:
         - [Code of Conduct](https://github.com/wayofdev/laravel-package-tpl/blob/master/.github/CODE_OF_CONDUCT.md)
         - [Contribution Guidelines](https://github.com/wayofdev/laravel-package-tpl/blob/master/.github/CONTRIBUTING.md)
+
         Additionally, consider joining our discussions on:
         - [WayOfDev Discord Community](https://discord.gg/CE3TcCC5vr)
 

.github/ISSUE_TEMPLATE/4-docs-bug-report.yml

@@ -72,6 +72,7 @@ body:
         We highly value your contributions, so please make sure to familiarize yourself with our repository's guidelines:
         - [Code of Conduct](https://github.com/wayofdev/laravel-package-tpl/blob/master/.github/CODE_OF_CONDUCT.md)
         - [Contribution Guidelines](https://github.com/wayofdev/laravel-package-tpl/blob/master/.github/CONTRIBUTING.md)
+
         Additionally, consider joining our discussions on:
         - [WayOfDev Discord Community](https://discord.gg/CE3TcCC5vr)
 

.github/ISSUE_TEMPLATE/5-security-report.yml

@@ -1,7 +1,7 @@
 ---
 
 name: ⚠️ Security Report
-description: Report a security issue to help improve the project's safety.
+description: Please report security issues directly through GitHub Security Advisories to ensure privacy.
 title: '[Security]: '
 labels: ['type: bug', 'priority: high', 'type: security']
 
@@ -11,71 +11,24 @@ assignees:
 body:
   - type: markdown
     attributes:
-      value: ⚠️ **Security Report**
+      value: >
+        ⚠️ **Please DO NOT report security vulnerabilities here.** Instead, use the GitHub Security Advisories feature to report them privately and securely. This helps us address issues responsibly without exposing them publicly.
 
-  - type: textarea
-    id: security-issue-description
-    attributes:
-      label: Describe the security issue
-      description: Provide a clear and concise description of what the security issue is, without including sensitive details.
-      placeholder: Describe the security issue...
-    validations:
-      required: true
-
-  - type: textarea
-    id: steps-to-reproduce
-    attributes:
-      label: To Reproduce
-      description: |
-        Steps to reproduce the security issue:
-        1. Navigate to...
-        2. Perform action...
-        3. Observe outcome...
-      placeholder: |
-        1. Navigate to...
-        2. Perform action...
-        3. Observe outcome...
-    validations:
-      required: true
-
-  - type: textarea
-    id: expected-behaviour
-    attributes:
-      label: Expected behaviour
-      description: Describe what you expected to happen without the security flaw.
-      placeholder: What did you expect to happen?
-    validations:
-      required: true
-
-  - type: textarea
-    id: media-prove
+  - type: markdown
     attributes:
-      label: Media prove
-      description: If applicable, add screenshots or videos that help explain your issue, ensuring no sensitive data is displayed.
-      placeholder: Upload files or paste links here...
-    validations:
-      required: false
+      value: >
+        GitHub Advisories do not automatically notify maintainers, so by using the advisories, you help maintain confidentiality while ensuring the issue is documented and tracked properly.
 
-  - type: textarea
-    id: environment
+  - type: markdown
     attributes:
-      label: Your environment
-      description: |
-        Provide detailed information about your environment to help us replicate the issue:
-        * OS: [e.g. Ubuntu]
-        * PHP version: [e.g. 8.2.2]
-        * Package version: [e.g. 1.0.0]
-        * Any relevant environment details
-      placeholder: List your environment details here...
-    validations:
-      required: false
+      value: 'To create a new advisory, go to: [Create Security Advisory](https://github.com/wayofdev/laravel-package-tpl/security/advisories/new)'
 
   - type: textarea
-    id: additional-context
+    id: github-advisory-url
     attributes:
-      label: Additional context
-      description: Add any other context about the problem here, ensuring no sensitive data is included.
-      placeholder: Any additional information...
+      label: Your GitHub Advisory URL
+      description: Optionally, you can paste the URL of the GitHub Security Advisory you have created here for reference.
+      placeholder: Paste the GitHub Security Advisory URL here...
     validations:
       required: false
 

.github/ISSUE_TEMPLATE/config.yml

@@ -3,6 +3,14 @@
 blank_issues_enabled: true
 
 contact_links:
+  - name: Start a discussion or ask a question.
+    url: https://github.com/wayofdev/.github/discussions
+    about: Please ask and answer questions here.
+
+  - name: Join our Discord Community
+    url: https://discord.gg/CE3TcCC5vr
+    about: Join our Discord community to get help, share your ideas, and chat with other developers.
+
   - name: Send an e-mail to the developer
     url: mailto:[email protected]
     about: Please do NOT use this email to post issues or feature requests (only important business/personal contact).

.github/SECURITY.md

@@ -6,7 +6,7 @@ Thank you for helping keep `wayofdev/laravel-package-tpl` and its users safe. We
 
 ## 🙋‍♂️ Supported Versions
 
-Only certain versions of `wayofdev/laravel-package-tpl` are currently being maintained with security updates. Below is a list of supported versions that receive security updates:
+Only certain versions of `wayofdev/laravel-package-tpl` are currently being maintained with security updates. Please use or upgrade to one of these supported versions:
 
 | Version | Supported          |
 |---------|--------------------|
@@ -16,7 +16,7 @@ Please ensure that you are using one of these supported versions before reportin
 
 <br>
 
-## 🗑️ Unsupported Versions
+## 🗜️ Unsupported Versions
 
 Versions listed below are no longer supported with security updates. We recommend upgrading to a supported version as soon as possible:
 
@@ -28,12 +28,20 @@ Versions listed below are no longer supported with security updates. We recommen
 
 ## 🚨 Reporting a Vulnerability
 
-We take all security bugs in `wayofdev/laravel-package-tpl` seriously. Thank you for improving the security of this project. We appreciate your efforts and responsible disclosure and will make every effort to acknowledge your contributions.
+We take all security bugs in `wayofdev/laravel-package-tpl` seriously. Please follow the instructions below to report security vulnerabilities.
 
 ### → How to Report a Vulnerability
 
-1. **Direct Contact**: For highly sensitive information, please email us directly at `[email protected]` with the subject line "SECURITY - Vulnerability Report". This will be treated with the highest priority.
+1. **GitHub Security Advisories**: Please report security issues directly through our GitHub Security Advisories page: https://github.com/wayofdev/laravel-package-tpl/security/advisories/new. This ensures that sensitive information is handled confidentially.
 
-2. **GitHub Issues**: For vulnerabilities that do not immediately affect the security of the application or its users, such as those found in non-critical systems, please report them through our GitHub issues. Make sure to use the `⚠️ Security Report` issue template. Please do not include sensitive information in GitHub issues. Detailed instructions about how to fill this report are included within the issue template itself.
+2. **Empty Security Issue**: After submitting through GitHub Security Advisories, please also create an empty security issue to alert us, as GitHub Advisories do not send automatic notifications. This can be done here: https://github.com/wayofdev/laravel-package-tpl/issues/new?assignees=&labels=type%3A+bug%2Cpriority%3A+high%2Ctype%3A+security&projects=&template=5-security-report.yml&title=%5BSecurity%5D%3A+
+
+3. **Direct Contact**: For highly sensitive information, in addition to the GitHub Security Advisories, please email us directly at `[email protected]` with the subject line "SECURITY - Vulnerability Report". This will be treated with the highest priority.
+
+Please do not discuss potential security issues in public forums or through our public GitHub issues tracker.
+
+## ❌ Third-Party Bug Bounty Platforms
+
+At this moment, we DO NOT accept reports from third-party bug bounty platforms to minimize risk. All vulnerability reports should come through the specified channels above.
 
 <br>