SECURITY.md (#44)

* doc : SECURITY.md added

* fix : version_check.py updated

* doc : RELEASE.md updated

* doc : SECURITY.md version fixed

* doc : badges text-decoration bug fixed

* doc : indent in README.md

* doc : CHANGELOG.md updated

* doc : minor edit in PULL_REQUEST_TEMPLATE.md

* doc : email address changed

* doc : minor edit in PULL_REQUEST_TEMPLATE.md

.github/CODE_OF_CONDUCT.md

@@ -58,7 +58,7 @@ representative at an online or offline event.
 
 Instances of abusive, harassing, or otherwise unacceptable behavior may be
 reported to the community leaders responsible for enforcement at
-info@openscilab.com.
+nava@openscilab.com.
 All complaints will be reviewed and investigated promptly and fairly.
 
 All community leaders are obligated to respect the privacy and security of the

.github/PULL_REQUEST_TEMPLATE.md

@@ -4,9 +4,9 @@
 
 #### Any other comments?
 
-## Local tests on OSs
+#### Local tests on OSs
 
-- [ ] MacOS
+- [ ] macOS
     - [ ] Sonoma
 - [ ] Windows
     - [ ] Windows 11

CHANGELOG.md

@@ -5,8 +5,11 @@ The format is based on [Keep a Changelog](http://keepachangelog.com/en/1.0.0/)
 and this project adheres to [Semantic Versioning](http://semver.org/spec/v2.0.0.html).
 
 ## [Unreleased]
+### Added
+- `SECURITY.md`
 ### Changed
 - OSs local checklist added to pull request template
+- `README.md` modified
 ## [0.5] - 2024-04-03
 ### Changed
 - `loop` parameter added to `play` function

README.md

@@ -2,21 +2,11 @@
     <img src="https://github.com/openscilab/nava/raw/main/others/logo.png" width="300" height="300">
     <h1>Nava</h1>
     <br/>
-    <a href="https://www.python.org/">
-        <img src="https://img.shields.io/badge/built%20with-Python3-green.svg" alt="built with Python3"/>
-    </a>
-    <a href="https://badge.fury.io/py/nava">
-        <img src="https://badge.fury.io/py/nava.svg" alt="PyPI version" height="18">
-    </a>
-    <a href="https://anaconda.org/openscilab/nava">
-	<img src="https://anaconda.org/openscilab/nava/badges/version.svg">
-    </a>
-    <a href="https://codecov.io/gh/openscilab/nava">
-        <img src="https://codecov.io/gh/openscilab/nava/branch/main/graph/badge.svg" alt="Codecov">
-    </a>
-    <a href="https://discord.gg/MCbPKCFBs3">
-        <img src="https://img.shields.io/discord/1064533716615049236.svg" alt="Discord Channel">
-    </a>
+    <a href="https://www.python.org/"><img src="https://img.shields.io/badge/built%20with-Python3-green.svg" alt="built with Python3"></a>
+    <a href="https://badge.fury.io/py/nava"><img src="https://badge.fury.io/py/nava.svg" alt="PyPI version" height="18"></a>
+    <a href="https://anaconda.org/openscilab/nava"><img src="https://anaconda.org/openscilab/nava/badges/version.svg"></a>
+    <a href="https://codecov.io/gh/openscilab/nava"><img src="https://codecov.io/gh/openscilab/nava/branch/main/graph/badge.svg" alt="Codecov"></a>
+    <a href="https://discord.gg/MCbPKCFBs3"><img src="https://img.shields.io/discord/1064533716615049236.svg" alt="Discord Channel"></a>
 </div>
 
 ## Overview
@@ -118,7 +108,8 @@ stop(sound_id)
 
 ### Loop mode
 
-⚠️ The `loop` parameter has a default value of `False`
+⚠️ The `loop` parameter has a default value of `False` 
+
 ⚠️ You should always set `async_mode` flag when you are using `loop`
 
 ```python
@@ -169,7 +160,7 @@ List of different platforms and the corresponding engines that are used for soun
 
 ## Issues & bug reports
 
-Just fill an issue and describe it. We'll check it ASAP! or send an email to [info@openscilab.com](mailto:info@openscilab.com "info@openscilab.com").
+Just fill an issue and describe it. We'll check it ASAP! or send an email to [nava@openscilab.com](mailto:nava@openscilab.com "nava@openscilab.com").
 
 - Please complete the issue template
 

SECURITY.md

@@ -0,0 +1,14 @@
+# Security policy
+
+## Supported versions
+
+| Version       | Supported          |
+| ------------- | ------------------ |
+| 0.5           | :white_check_mark: |
+| < 0.5         | :x:                |
+
+## Reporting a vulnerability
+
+Please report security vulnerabilities by email to [nava@openscilab.com](mailto:nava@openscilab.com "nava@openscilab.com").
+
+If the security vulnerability is accepted, a dedicated bugfix release will be issued as soon as possible (depending on the complexity of the fix).

others/RELEASE.md

@@ -1,15 +1,16 @@
 
 # Nava Release Instructions
 
-#### Last Update: 2024-02-12
+#### Last Update: 2024-04-20
 
 1. Create the `release` branch under `dev`
 2. Update all version tags
 	1. `setup.py`
 	2. `README.md`
-	3. `others/version_check.py`
-	4. `others/meta.yaml`
-	5. `nava/params.py`
+	3. `SECURITY.md`
+	4. `others/version_check.py`
+	5. `others/meta.yaml`
+	6. `nava/params.py`
 3. Update `CHANGELOG.md`
 4. Update `.github/ISSUE_TEMPLATE/bug_report.yml`
    1. Add new version tag to `Nava version` dropbox options

others/version_check.py

@@ -20,12 +20,14 @@
 PARAMS_ITEMS = ['NAVA_VERSION = "{0}"']
 META_ITEMS = ['% set version = "{0}" %']
 ISSUE_TEMPLATE_ITEMS = ["- Nava {0}"]
+SECURITY_ITEMS = ["| {0}           | :white_check_mark: |", "| < {0}         | :x:                |"]
 
 FILES = {
     os.path.join("others", "meta.yaml"): META_ITEMS,
     "setup.py": SETUP_ITEMS,
     "README.md": README_ITEMS,
     "CHANGELOG.md": CHANGELOG_ITEMS,
+    "SECURITY.md": SECURITY_ITEMS,
     os.path.join("nava", "params.py"): PARAMS_ITEMS,
     os.path.join(".github", "ISSUE_TEMPLATE", "bug_report.yml"): ISSUE_TEMPLATE_ITEMS,
 }

setup.py

@@ -36,8 +36,8 @@ def read_description():
     description='A Python library for playing sound everywhere natively and securely.',
     long_description=read_description(),
     long_description_content_type='text/markdown',
-    author='OpenSciLab Development Team',
-    author_email='info@openscilab.com',
+    author='Nava Development Team',
+    author_email='nava@openscilab.com',
     url='https://github.com/openscilab/nava',
     download_url='https://github.com/openscilab/nava/tarball/v0.5',
     keywords="sound wav music mp3 player audio",