Community Standards

Author: ElGigi

.github/ISSUE_TEMPLATE/bug_report.yml

@@ -0,0 +1,68 @@
+name: Bug Report
+description: Report a bug in the Berlioz Framework
+labels: ["bug"]
+body:
+  - type: dropdown
+    id: package
+    attributes:
+      label: Package
+      description: Which package is affected?
+      options:
+        - berlioz/core
+        - berlioz/config
+        - berlioz/service-container
+        - berlioz/event-manager
+        - berlioz/router
+        - berlioz/http-core
+        - berlioz/http-message
+        - berlioz/http-client
+        - berlioz/cli-core
+        - berlioz/mailer
+        - berlioz/form
+        - berlioz/flash-bag
+        - berlioz/html-selector
+        - berlioz/queue-manager
+        - berlioz/twig-package
+        - berlioz/hector-package
+        - berlioz/queue-manager-package
+        - Other / Not sure
+    validations:
+      required: true
+
+  - type: input
+    id: version
+    attributes:
+      label: Version
+      description: Which version of Berlioz are you using?
+      placeholder: "e.g. 3.0.0"
+    validations:
+      required: true
+
+  - type: textarea
+    id: description
+    attributes:
+      label: Description
+      description: A clear description of the bug.
+      placeholder: What happened? What did you expect to happen?
+    validations:
+      required: true
+
+  - type: textarea
+    id: reproduction
+    attributes:
+      label: Steps to reproduce
+      description: How can we reproduce this bug?
+      placeholder: |
+        1. ...
+        2. ...
+        3. ...
+    validations:
+      required: true
+
+  - type: input
+    id: php-version
+    attributes:
+      label: PHP version
+      placeholder: "e.g. 8.2.15"
+    validations:
+      required: false

.github/ISSUE_TEMPLATE/config.yml

@@ -0,0 +1,8 @@
+blank_issues_enabled: false
+contact_links:
+  - name: Security vulnerability
+    url: https://github.com/BerliozFramework/Berlioz/security/advisories/new
+    about: Please report security vulnerabilities through GitHub Security Advisories.
+  - name: Documentation
+    url: https://getberlioz.com
+    about: Check the documentation before opening an issue.

.github/ISSUE_TEMPLATE/feature_request.yml

@@ -0,0 +1,55 @@
+name: Feature Request
+description: Suggest a new feature or improvement
+labels: ["enhancement"]
+body:
+  - type: textarea
+    id: problem
+    attributes:
+      label: Problem
+      description: What problem are you trying to solve?
+      placeholder: I'm frustrated when...
+    validations:
+      required: true
+
+  - type: textarea
+    id: solution
+    attributes:
+      label: Proposed solution
+      description: How would you like this to work?
+    validations:
+      required: true
+
+  - type: textarea
+    id: alternatives
+    attributes:
+      label: Alternatives considered
+      description: Any alternative solutions or workarounds you've considered?
+    validations:
+      required: false
+
+  - type: dropdown
+    id: package
+    attributes:
+      label: Related package
+      description: Which package is this related to?
+      options:
+        - berlioz/core
+        - berlioz/config
+        - berlioz/service-container
+        - berlioz/event-manager
+        - berlioz/router
+        - berlioz/http-core
+        - berlioz/http-message
+        - berlioz/http-client
+        - berlioz/cli-core
+        - berlioz/mailer
+        - berlioz/form
+        - berlioz/flash-bag
+        - berlioz/html-selector
+        - berlioz/queue-manager
+        - berlioz/twig-package
+        - berlioz/hector-package
+        - berlioz/queue-manager-package
+        - Other / Not sure
+    validations:
+      required: false

.github/pull_request_template.md

@@ -0,0 +1,12 @@
+## Description
+
+<!-- What does this PR do? Why is it needed? -->
+
+## Related issue
+
+<!-- Link to the issue this PR addresses, e.g. Fixes #123 -->
+
+## Checklist
+
+- [ ] Tests added or updated
+- [ ] All tests pass (`vendor/bin/phpunit`)

CONTRIBUTING.md

@@ -0,0 +1,124 @@
+# Contributing to Berlioz Framework
+
+First off, thank you for considering contributing to the Berlioz Framework! Every contribution helps make Berlioz
+better for everyone.
+
+## Monorepo
+
+This repository is a **monorepo** that contains all official Berlioz packages. Sub-repositories (e.g.
+`berlioz/core`, `berlioz/router`, etc.) are **read-only mirrors** that are synchronized automatically.
+
+**All contributions (bug reports, feature requests, pull requests) must be made on this repository.**
+
+## Reporting bugs
+
+Before opening a new issue, please check if a similar issue already exists.
+
+When reporting a bug, please include:
+
+- The PHP version you are using.
+- The Berlioz version (or commit hash).
+- A clear description of the expected behavior and what actually happened.
+- Steps to reproduce the issue, ideally with a minimal code example.
+
+## Suggesting features
+
+Feature requests are welcome. Open an issue with the `enhancement` label and describe:
+
+- The problem you are trying to solve.
+- How you envision the solution.
+- Any alternatives you have considered.
+
+## Pull requests
+
+### Getting started
+
+1. **Fork** the repository and clone your fork locally.
+2. Install dependencies:
+   ```bash
+   composer install
+   ```
+3. Create a **new branch** from `main`:
+   ```bash
+   git checkout -b my-feature
+   ```
+
+### Coding standards
+
+- PHP code must follow **PSR-12** coding style.
+- Use `declare(strict_types=1);` in every PHP file.
+- Indentation: 4 spaces for PHP files, 2 spaces for other files (see `.editorconfig`).
+- Maximum line length: 120 characters for PHP files.
+- Import classes with `use` statements; do not use fully qualified names in code.
+
+### Tests
+
+All changes must be covered by tests. The project uses **PHPUnit 11**.
+
+```bash
+# Run the full test suite
+vendor/bin/phpunit
+
+# Run tests for a specific package
+vendor/bin/phpunit --testsuite "Berlioz Router test suite"
+```
+
+Make sure all tests pass before submitting your pull request:
+
+```bash
+vendor/bin/phpunit --coverage-text
+```
+
+### Static analysis
+
+The project uses **Rector** for automated code quality checks:
+
+```bash
+# Check for issues (dry run)
+vendor/bin/rector --dry-run
+
+# Apply fixes
+vendor/bin/rector
+```
+
+### Commit messages
+
+- Use clear, descriptive commit messages.
+- Start with a short summary (max 72 characters).
+- Use the imperative mood ("Add feature", not "Added feature").
+- Reference related issues when applicable (e.g. `Fix #42`).
+
+### Submitting
+
+1. Make sure the test suite passes.
+2. Push your branch to your fork.
+3. Open a **pull request** against the `main` branch of this repository.
+4. Describe your changes clearly in the pull request description.
+5. Be prepared to address feedback during code review.
+
+## Development setup
+
+### Requirements
+
+- PHP >= 8.2
+- Extensions: `fileinfo`, `intl`, `mbstring`, `xml`
+- Composer v2
+
+### Optional extensions
+
+Some packages require additional extensions for their full test suite:
+
+- `yaml` -- Config YAML adapter
+- `amqp` -- Queue Manager AMQP driver
+- `redis` -- Queue Manager Redis driver
+- `curl` -- HTTP Client CURL adapter
+
+## Code of conduct
+
+Please be respectful and constructive in all interactions. We are committed to providing a welcoming and inclusive
+experience for everyone.
+
+## Questions?
+
+If you have any questions, feel free to open an issue or reach out via the project website at
+[getberlioz.com](https://getberlioz.com).

SECURITY.md

@@ -0,0 +1,69 @@
+# Security Policy
+
+## Supported versions
+
+| Version | Supported          |
+|---------|--------------------|
+| 3.x     | Yes                |
+| < 3.0   | No                 |
+
+## Reporting a vulnerability
+
+If you discover a security vulnerability within the Berlioz Framework, **please do not open a public issue**.
+
+Instead, please use GitHub's built-in vulnerability reporting:
+
+1. Go to the [**Security** tab](https://github.com/BerliozFramework/Berlioz/security) of this repository.
+2. Click **"Report a vulnerability"**.
+3. Fill in the advisory form with as much detail as possible.
+
+When reporting, please include:
+
+- A clear description of the vulnerability.
+- Steps to reproduce the issue or a proof of concept.
+- The affected package(s) and version(s).
+- The potential impact of the vulnerability.
+
+## What to expect
+
+- You will receive an acknowledgment within **48 hours**.
+- We will collaborate with you directly in the GitHub Security Advisory to understand and verify the issue.
+- A fix will be prepared and released as soon as possible, depending on the severity.
+- You will be credited in the release notes (unless you prefer to remain anonymous).
+
+## Disclosure policy
+
+We follow a **coordinated disclosure** process:
+
+1. The vulnerability is reported privately.
+2. We confirm the issue and develop a fix.
+3. A new release is published with the fix.
+4. The vulnerability is publicly disclosed after the fix is available.
+
+We ask that you **do not publicly disclose the vulnerability** until a fix has been released.
+
+## Scope
+
+This security policy covers all packages maintained in this monorepo:
+
+- `berlioz/core`
+- `berlioz/config`
+- `berlioz/service-container`
+- `berlioz/event-manager`
+- `berlioz/router`
+- `berlioz/http-core`
+- `berlioz/http-message`
+- `berlioz/http-client`
+- `berlioz/cli-core`
+- `berlioz/mailer`
+- `berlioz/form`
+- `berlioz/flash-bag`
+- `berlioz/html-selector`
+- `berlioz/queue-manager`
+- `berlioz/twig-package`
+- `berlioz/hector-package`
+- `berlioz/queue-manager-package`
+
+## Thank you
+
+We appreciate your help in keeping the Berlioz Framework and its users safe.