From 07ae991ba0d41e52b0147921752ac2168e6a1fe0 Mon Sep 17 00:00:00 2001
From: Isaac Milarsky <imilarsky@gmail.com>
Date: Thu, 8 May 2025 15:46:16 -0500
Subject: [PATCH] changes based on repolinter output

---
 COMMUNITY.md            |  22 ++++++---
 COMMUNITY_GUIDELINES.md |   2 +
 CONTRIBUTING.md         | 107 ++++++++++++++++++++++++++++++++++++++++
 README.md               |  26 ++++++++++
 4 files changed, 151 insertions(+), 6 deletions(-)
 create mode 100644 COMMUNITY_GUIDELINES.md
 create mode 100644 CONTRIBUTING.md

diff --git a/COMMUNITY.md b/COMMUNITY.md
index 47f7a73d..c37c0adb 100644
--- a/COMMUNITY.md
+++ b/COMMUNITY.md
@@ -92,17 +92,17 @@ Total number of contributors: <!--CONTRIBUTOR COUNT START--> 8 <!--CONTRIBUTOR C
                 </a>
             </td>
             <td align="center">
-                <a href="https://github.com/sachin-panayil">
-                    <img src="https://avatars.githubusercontent.com/u/79382140?v=4" width="100;" alt="sachin-panayil"/>
+                <a href="https://github.com/DinneK">
+                    <img src="https://avatars.githubusercontent.com/u/63877492?v=4" width="100;" alt="DinneK"/>
                     <br />
-                    <sub><b>Sachin Panayil</b></sub>
+                    <sub><b>Dinne Kopelevich</b></sub>
                 </a>
             </td>
             <td align="center">
-                <a href="https://github.com/DinneK">
-                    <img src="https://avatars.githubusercontent.com/u/63877492?v=4" width="100;" alt="DinneK"/>
+                <a href="https://github.com/sachin-panayil">
+                    <img src="https://avatars.githubusercontent.com/u/79382140?v=4" width="100;" alt="sachin-panayil"/>
                     <br />
-                    <sub><b>Dinne Kopelevich</b></sub>
+                    <sub><b>Sachin Panayil</b></sub>
                 </a>
             </td>
 		</tr>
@@ -169,3 +169,13 @@ When participating in ospo-guide open source community conversations and spaces,
 ### Acknowledgements
 
 The Community Guidelines sections were originally forked from the [United States Digital Service](https://usds.gov) [Justice40](https://thejustice40.com) open source [repository](https://github.com/usds/justice40-tool), and we would like to acknowledge and thank the community for their contributions.
+ 
+ ## Project Members 
+<!-- TODO: Who are the points of contact in your project who are responsible/accountable for the project? This can often be an engineering or design manager or leader, who may or may not be the primary maintainers of the project. 
+ Roles to include, but not limited to: Project Owner, Technical Lead, Developers/Contributors, Community Manager, Security Team, Policy Advisor, Contracting Officer's Representative, Compliance Officer, Procurement Officer --> 
+
+{{ cookiecutter.project_repo_name }} is supported by a dedicated team of individuals fulfilling various roles to ensure its success, security, and alignment with government standards and agency goals.
+
+| Role | Name | Affiliation |
+| :----- | :------ | :------------- |
+| {role} | {names} | {affiliations} |
diff --git a/COMMUNITY_GUIDELINES.md b/COMMUNITY_GUIDELINES.md
new file mode 100644
index 00000000..db619b34
--- /dev/null
+++ b/COMMUNITY_GUIDELINES.md
@@ -0,0 +1,2 @@
+# {name_of_project_here} Open Source Community Guidelines 
+This document contains principles and guidelines for participating in the {name_of_project_here} open source community. 
diff --git a/CONTRIBUTING.md b/CONTRIBUTING.md
new file mode 100644
index 00000000..38421252
--- /dev/null
+++ b/CONTRIBUTING.md
@@ -0,0 +1,107 @@
+# Contributing Guidelines 
+<!-- Basic instructions about where to send patches, check out source code, and get development support.--> 
+ 
+ We're so thankful you're considering contributing to an [open source project of the U.S. government](https://code.gov/)! If you're unsure about anything, just ask -- or submit the issue or pull request anyway. The worst that can happen is you'll be politely asked to change something. We appreciate all friendly contributions.
+ 
+ We encourage you to read this project's CONTRIBUTING policy (you are here), its [LICENSE](LICENSE.md), and its [README](README.md). 
+ 
+ ## Getting Started 
+<!--- TODO: If you have 'good-first-issue' or 'easy' labels for newcomers, mention them here.--> 
+ 
+ ### Team Specific Guidelines 
+<!-- TODO: This section helps contributors understand any team structure in the project (formal or informal.) Encouraged to point towards the COMMUNITY.md file for further details.--> 
+ 
+ ### Building Dependencies 
+<!--- TODO: This step is often skipped, so don't forget to include the steps needed to install on your platform. If you project can be multi-platform, this is an excellent place for first time contributors to send patches!--> 
+ 
+ ### Building the Project 
+<!--- TODO: Be sure to include build scripts and instructions, not just the source code itself! -->
+ 
+ ### Workflow and Branching 
+<!--- TODO: Workflow Example
+We follow the [GitHub Flow Workflow](https://guides.github.com/introduction/flow/)
+1. Fork the project
+2. Check out the `main` branch
+3. Create a feature branch
+4. Write code and tests for your change
+5. From your branch, make a pull request against `{{ cookiecutter.project_org }}/{{ cookiecutter.project_repo_name }}/main`
+6. Work with repo maintainers to get your change reviewed
+7. Wait for your change to be pulled into `{{ cookiecutter.project_org }}/{{ cookiecutter.project_repo_name }}/main`
+8. Delete your feature branch
+-->
+ 
+ ### Testing Conventions 
+<!--- TODO: Discuss where tests can be found, how they are run, and what kind of tests/coverage strategy and goals the project has. --> 
+ 
+ ### Coding Style and Linters 
+<!--- TODO: HIGHLY ENCOURAGED. Specific tools will vary between different languages/frameworks (e.g. Black for python, eslint for JavaScript, etc...)
+1. Mention any style guides you adhere to (e.g. pep8, etc...)
+2. Mention any linters your project uses (e.g. flake8, jslint, etc...)
+3. Mention any naming conventions your project uses (e.g. Semantic Versioning, CamelCasing, etc...)
+4. Mention any other content guidelines the project adheres to (e.g. plainlanguage.gov, etc...)
+--> 
+ 
+ ### Writing Issues 
+<!--- TODO: Example Issue Guides
+ When creating an issue please try to adhere to the following format:
+ module-name: One line summary of the issue (less than 72 characters)
+ ### Expected behavior
+ As concisely as possible, describe the expected behavior.
+ ### Actual behavior
+ As concisely as possible, describe the observed behavior.
+ ### Steps to reproduce the behavior
+ List all relevant steps to reproduce the observed behavior.
+ see our .github/ISSUE_TEMPLATE.md for more examples.
+ -->
+ 
+ ### Writing Pull Requests 
+<!-- TODO: Make a brief statement about where to file pull/merge requests, and conventions for doing so. Link to PULL_REQUEST_TEMPLATE.md file.
+ Comments should be formatted to a width no greater than 80 columns.
+ Files should be exempt of trailing spaces.
+ We adhere to a specific format for commit messages. Please write your commit messages along these guidelines. Please keep the line width no greater than 80 columns (You can use `fmt -n -p -w 80` to accomplish this).
+ module-name: One line description of your change (less than 72 characters)
+ Problem
+ Explain the context and why you're making that change. What is the problem you're trying to solve? In some cases there is not a problem and this can be thought of being the motivation for your change.
+ Solution
+ Describe the modifications you've done.
+ Result
+ What will change as a result of your pull request? Note that sometimes this section is unnecessary because it is self-explanatory based on the solution.
+ Some important notes regarding the summary line:
+ workflows Describe what was done; not the result
+ workflows Use the active voice
+ workflows Use the present tense
+ workflows Capitalize properly
+ workflows Do not end in a period — this is a title/subject
+ workflows Prefix the subject with its scope
+ see our .github/PULL_REQUEST_TEMPLATE.md for more examples.
+ -->
+ 
+ ### Reviewing Pull Requests 
+<!--- TODO: Make a brief statement about how pull-requests are reviewed, and who is doing the reviewing. Linking to COMMUNITY.md can help.
+ Code Review Example
+ The repository on GitHub is kept in sync with an internal repository at github.cms.gov. For the most part this process should be transparent to the project users, but it does have some implications for how pull requests are merged into the codebase.
+ When you submit a pull request on GitHub, it will be reviewed by the project community (both inside and outside of github.cms.gov), and once the changes are approved, your commits will be brought into github.cms.gov's internal system for additional testing. Once the changes are merged internally, they will be pushed back to GitHub with the next sync.
+ This process means that the pull request will not be merged in the usual way. Instead a member of the project team will post a message in the pull request thread when your changes have made their way back to GitHub, and the pull request will be closed.
+ The changes in the pull request will be collapsed into a single commit, but the authorship metadata will be preserved.
+ -->
+ 
+ ## Shipping Releases 
+<!-- TODO: What cadence does your project ship new releases? (e.g. one-time, ad-hoc, periodically, upon merge of new patches) Who does so? --> 
+ 
+ ## Documentation 
+<!-- TODO: Documentation Example 
+We also welcome improvements to the project documentation or to the existing docs. Please file an [issue](https://github.com/{{ cookiecutter.project_org }}/{{ cookiecutter.project_repo_name }}/issues).
+ --> 
+ 
+ ## Policies 
+ 
+ ### Open Source Policy 
+We adhere to the [CMS Open Source Policy](https://github.com/CMSGov/cms-open-source-policy). If you have any questions, just [shoot us an email](mailto:opensource@cms.hhs.gov).
+ 
+ ### Security and Responsible Disclosure Policy 
+*Submit a vulnerability:* Vulnerability reports can be submitted through [Bugcrowd](https://bugcrowd.com/cms-vdp). Reports may be submitted anonymously. If you share contact information, we will acknowledge receipt of your report within 3 business days.
+ For more information about our Security, Vulnerability, and Responsible Disclosure Policies, see [SECURITY.md](SECURITY.md).
+ 
+ ## Public Domain 
+This project is in the public domain within the United States, and copyright and related rights in the work worldwide are waived through the [CC0 1.0 Universal public domain dedication](https://creativecommons.org/publicdomain/zero/1.0/) as indicated in [LICENSE](LICENSE).
+ All contributions to this project will be released under the CC0 dedication. By submitting a pull request or issue, you are agreeing to comply with this waiver of copyright interest.
diff --git a/README.md b/README.md
index 617bcd02..7f6e404f 100644
--- a/README.md
+++ b/README.md
@@ -151,3 +151,29 @@ dedication](https://creativecommons.org/publicdomain/zero/1.0/) as indicated in
 All contributions to this project will be released under the CC0 dedication. By
 submitting a pull request or issue, you are agreeing to comply with this waiver
 of copyright interest.
+ 
+ ## About the Project 
+<!-- This should be a longer-form description of the project. It can include history, background, details, problem statements, links to design documents or other supporting materials, or any other information/context that a user or contributor might be interested in. --> 
+ 
+ ## Project Vision 
+<!-- Provide the long-term goals and aspirations for this project. --> 
+ 
+ ## Project Mission 
+<!-- Provide the core mission and objectives driving this project. --> 
+ 
+ ## Agency Mission 
+<!-- Provide the mission of the agency and how this project aligns. --> 
+ 
+ ## Team Mission 
+<!-- Provide the team's mission and how they work together. --> 
+ 
+ ## Core Team 
+An up-to-date list of core team members can be found in [COMMUNITY.md](COMMUNITY.md). At this time, the project is still building the core team and defining roles and responsibilities. We are eagerly seeking individuals who would like to join the community and help us define and fill these roles. 
+ 
+ ## Codeowners 
+ The contents of this repository are managed by {responsible organization(s)}. Those responsible for the code and documentation in this repository can be found in [COMMUNITY.md](COMMUNITY.md). 
+ 
+ ### Software Bill of Materials (SBOM) 
+A Software Bill of Materials (SBOM) is a formal record containing the details and supply chain relationships of various components used in building software.
+In the spirit of [Executive Order 14028 - Improving the Nation's Cyber Security](https://www.gsa.gov/technology/it-contract-vehicles-and-purchasing-programs/information-technology-category/it-security/executive-order-14028), a SBOM for this repository is provided here: https://github.com/{repo_org}/{repo_name}/network/dependencies.
+For more information and resources about SBOMs, visit: https://www.cisa.gov/sbom.
\ No newline at end of file