Files
siriusscan--sirius/.github/REPOSITORY_STANDARDS_ADVISORY.md
wehub-resource-sync 161ef94b4f
Check engine pin consistency / Dockerfile / CI pin consistency (push) Successful in 8s
Sirius CI/CD Pipeline / Detect Changes (push) Successful in 23s
Validate Docker Configuration / Validate Docker Compose Configuration (push) Successful in 47s
Sirius CI/CD Pipeline / Build API (${{ matrix.platform }}) (push) Has been cancelled
Sirius CI/CD Pipeline / Build UI (${{ matrix.platform }}) (push) Has been cancelled
Sirius CI/CD Pipeline / Merge Engine Manifest (push) Has been cancelled
Sirius CI/CD Pipeline / Merge API Manifest (push) Has been cancelled
Sirius CI/CD Pipeline / Merge UI Manifest (push) Has been cancelled
Sirius CI/CD Pipeline / Build Engine (${{ matrix.platform }}) (push) Has been cancelled
Sirius CI/CD Pipeline / Build Infra (${{ matrix.service }}, ${{ matrix.platform }}) (push) Has been cancelled
Sirius CI/CD Pipeline / Merge Infra Manifest (sirius-postgres) (push) Has been cancelled
Sirius CI/CD Pipeline / Merge Infra Manifest (sirius-rabbitmq) (push) Has been cancelled
Sirius CI/CD Pipeline / Merge Infra Manifest (sirius-valkey) (push) Has been cancelled
Sirius CI/CD Pipeline / Integration Test (push) Has been cancelled
Sirius CI/CD Pipeline / Public Stack Contract (push) Has been cancelled
Sirius CI/CD Pipeline / Dispatch Demo Deployment (sirius-demo branch) (push) Has been cancelled
Sirius CI/CD Pipeline / Dispatch Demo Canary (main branch) (push) Has been cancelled
Sirius CI/CD Pipeline / Guard Registry Namespace (push) Has been cancelled
chore: import upstream snapshot with attribution
2026-07-13 12:32:25 +08:00

79 lines
2.3 KiB
Markdown

# SiriusScan Repository Standards (Advisory v1)
This document defines recommended repository standards for SiriusScan projects.
The goal is consistency and professionalism without introducing blocking rules. Teams can adopt these recommendations incrementally.
## Scope
Applies to public SiriusScan repositories, starting with `Sirius` and then expanding to:
- `go-api`
- `app-scanner`
- `app-agent`
- `pingpp`
- `website`
## Recommended baseline artifacts
Each repository should include:
- `README.md`
- `CONTRIBUTING.md`
- `SECURITY.md`
- `CODE_OF_CONDUCT.md`
- `LICENSE`
- `SUPPORT.md` (recommended for active external contribution)
## Issue and PR intake standards
Recommended defaults:
- Issue templates for bug reports and feature requests
- A security-focused intake path with explicit private-report guidance
- A PR template that captures:
- problem statement
- risk and validation evidence
- docs and rollout notes
For repositories with low issue volume, start with minimal templates and expand later.
## Labels and triage hygiene
Recommended label taxonomy:
- `type:*` (for example: `type:bug`, `type:enhancement`, `type:security`)
- `status:*` (for example: `status:needs-triage`, `status:blocked`, `status:ready`)
- `sev:*` for risk level where relevant
- domain labels for components only where maintainers need them
Recommended triage SLA:
- First maintainer response within 2 business days
- Security-labeled issues reviewed as priority
## Metadata and discoverability
Each repository should have:
- A one-line description aligned with org voice
- At least 4-6 relevant topics
- A homepage URL to docs, API reference, or website
- Optional Discussions enabled where community interaction is expected
## Review and CI expectations (advisory)
Recommended defaults (not hard-gated in this phase):
- At least one maintainer review before merge
- CI should run on pull requests
- Validation evidence included in PR description
- Security-sensitive changes include rollback notes
## Adoption approach
1. Adopt standards in `Sirius` first.
2. Reuse the rollout checklist in `.github/REPO_ROLLOUT_CHECKLIST.md`.
3. Track deviations and repository-specific exceptions in the repo README or maintainer notes.
4. Revisit after adoption to decide whether any standards should become required.