Problem Statement
Four critical community health files missing from repository root: LICENSE (README says MIT but file doesn't exist), CONTRIBUTING.md (no contributor workflow docs), CODE_OF_CONDUCT.md (no community standards), SECURITY.md (no vulnerability disclosure policy). Project fails GitHub community standards check.
Evidence
# README.md references MIT License but:
# No `LICENSE` file exists in repository root
# No `CONTRIBUTING.md` exists
# No `CODE_OF_CONDUCT.md` exists
# No `SECURITY.md` exists
Impact
High — open-source adoption blocker. No legal clarity on licensing despite README claim. No contributor onboarding guidance. No responsible disclosure channel for security researchers — vulnerabilities may be disclosed publicly without a fix window.
Proposed Solution
Create: (1) LICENSE — MIT license text, (2) CONTRIBUTING.md — PR workflow, local setup, testing requirements, code style, (3) CODE_OF_CONDUCT.md — Contributor Covenant 2.1, (4) SECURITY.md — disclosure email, 90-day response timeline.
Acceptance Criteria
File Map
LICENSE — New file
CONTRIBUTING.md — New file
CODE_OF_CONDUCT.md — New file
SECURITY.md — New file
README.md — add references to new files
Testing Strategy
Manual review of file content and GitHub community profile completeness check.
Security Considerations
SECURITY.md enables responsible disclosure — critical for a DeFi protocol.
Definition of Done
Getting Started (New Contributors)
Recommended reading: README.md for project overview, docs/environment_variables.md for configuration.
Suggested first steps: (1) Read existing README to verify MIT claim, (2) Copy MIT license from opensource.org/licenses/MIT, (3) Create CONTRIBUTING.md following patterns in .github/ISSUE_TEMPLATE/, (4) Copy Contributor Covenant 2.1, (5) Create SECURITY.md with disclosure instructions.
Estimated time: 2 hours
Labels: open-source, documentation, good-first-issue
Priority: High
Difficulty: Beginner
Estimated Effort: 2h
Problem Statement
Four critical community health files missing from repository root:
LICENSE(README says MIT but file doesn't exist),CONTRIBUTING.md(no contributor workflow docs),CODE_OF_CONDUCT.md(no community standards),SECURITY.md(no vulnerability disclosure policy). Project fails GitHub community standards check.Evidence
Impact
High — open-source adoption blocker. No legal clarity on licensing despite README claim. No contributor onboarding guidance. No responsible disclosure channel for security researchers — vulnerabilities may be disclosed publicly without a fix window.
Proposed Solution
Create: (1)
LICENSE— MIT license text, (2)CONTRIBUTING.md— PR workflow, local setup, testing requirements, code style, (3)CODE_OF_CONDUCT.md— Contributor Covenant 2.1, (4)SECURITY.md— disclosure email, 90-day response timeline.Acceptance Criteria
LICENSEfile exists with complete MIT license text matching README claimCONTRIBUTING.mdexplains PR process, local setup (make dev), testing (poetry run pytest), code style (pylint, pre-commit)CODE_OF_CONDUCT.mdadopts Contributor Covenant 2.1 with enforcement contactSECURITY.mdprovides disclosure email and 90-day response timelineREADME.mdreferences all four new filesFile Map
LICENSE— New fileCONTRIBUTING.md— New fileCODE_OF_CONDUCT.md— New fileSECURITY.md— New fileREADME.md— add references to new filesTesting Strategy
Manual review of file content and GitHub community profile completeness check.
Security Considerations
SECURITY.mdenables responsible disclosure — critical for a DeFi protocol.Definition of Done
Getting Started (New Contributors)
Recommended reading:
README.mdfor project overview,docs/environment_variables.mdfor configuration.Suggested first steps: (1) Read existing README to verify MIT claim, (2) Copy MIT license from opensource.org/licenses/MIT, (3) Create CONTRIBUTING.md following patterns in
.github/ISSUE_TEMPLATE/, (4) Copy Contributor Covenant 2.1, (5) Create SECURITY.md with disclosure instructions.Estimated time: 2 hours
Labels: open-source, documentation, good-first-issue
Priority: High
Difficulty: Beginner
Estimated Effort: 2h