Skip to content
Open
Show file tree
Hide file tree
Changes from all commits
Commits
File filter

Filter by extension

Filter by extension

Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
116 changes: 116 additions & 0 deletions .github/ISSUE_TEMPLATE/bug_report.yml
Original file line number Diff line number Diff line change
@@ -0,0 +1,116 @@
name: Bug report
description: Report a reproducible bug or regression in PepeteX
title: "[Bug]: "
labels: ["bug", "triage"]
body:
- type: markdown
attributes:
value: |
Thanks for taking the time to file a bug report! Please fill out the form below so we can reproduce and fix the issue quickly.

Before submitting, please:
- Search [existing issues](../) to avoid duplicates
- Make sure you are running the latest version
- Redact any secrets, API keys, or sensitive data from logs and screenshots

- type: textarea
id: description
attributes:
label: Describe the bug
description: A clear and concise description of what the bug is.
placeholder: When I do X, Y happens instead of Z.
validations:
required: true

- type: textarea
id: reproduction
attributes:
label: Steps to reproduce
description: Minimal steps required to reproduce the issue.
placeholder: |
1. Go to '...'
2. Click on '...'
3. See error
validations:
required: true

- type: textarea
id: expected
attributes:
label: Expected behavior
description: What did you expect to happen?
validations:
required: true

- type: textarea
id: actual
attributes:
label: Actual behavior
description: What actually happened? Include error messages, stack traces, and screenshots if helpful.
validations:
required: true

- type: dropdown
id: provider
attributes:
label: AI provider in use
description: Which AI provider were you using when the bug occurred?
options:
- Gemini
- OpenAI-compatible
- CLI proxy
- Not applicable
- Other
validations:
required: true

- type: dropdown
id: deployment
attributes:
label: Deployment mode
options:
- Local dev (yarn dev)
- Docker Compose (self-hosted)
- Docker Compose (VM)
- Google Cloud Run
- Other
validations:
required: true

- type: input
id: version
attributes:
label: Version / commit
description: PepeteX version or commit SHA
placeholder: e.g. main@4ea35a5
validations:
required: true

- type: textarea
id: environment
attributes:
label: Environment
description: Node version, OS, browser, etc.
placeholder: |
- Node: 24.x
- OS: macOS 14.5
- Browser: Chrome 126
validations:
required: true

- type: textarea
id: logs
attributes:
label: Relevant logs
description: Paste any relevant log output. Will be automatically formatted as code.
render: shell

- type: checkboxes
id: terms
attributes:
label: Confirmations
options:
- label: I have searched existing issues and confirmed this is not a duplicate
required: true
- label: I have removed any secrets, credentials, or sensitive data from this report
required: true
5 changes: 5 additions & 0 deletions .github/ISSUE_TEMPLATE/config.yml
Original file line number Diff line number Diff line change
@@ -0,0 +1,5 @@
blank_issues_enabled: false
contact_links:
- name: Security vulnerability
url: https://github.com/busto-dev/pepetex/security/advisories/new
about: Please report security vulnerabilities privately via GitHub Security Advisories (see SECURITY.md).
65 changes: 65 additions & 0 deletions .github/ISSUE_TEMPLATE/feature_request.yml
Original file line number Diff line number Diff line change
@@ -0,0 +1,65 @@
name: Feature request
description: Suggest a new feature or improvement for PepeteX
title: "[Feature]: "
labels: ["enhancement", "triage"]
body:
- type: markdown
attributes:
value: |
Thanks for suggesting a new feature! Please describe the problem you are trying to solve before jumping to a specific solution — it helps us evaluate alternatives.

- type: textarea
id: problem
attributes:
label: Problem / motivation
description: What problem are you trying to solve? Who is affected?
placeholder: I'm frustrated when [...] because [...]
validations:
required: true

- type: textarea
id: solution
attributes:
label: Proposed solution
description: Describe the change you would like to see.
validations:
required: true

- type: textarea
id: alternatives
attributes:
label: Alternatives considered
description: What other approaches did you consider, and why did you discard them?

- type: dropdown
id: area
attributes:
label: Area
description: Which part of PepeteX does this affect?
options:
- AI generation / workflows
- Providers (Gemini, OpenAI, image, etc.)
- Design systems
- Export (PPTX, thumbnails)
- Admin / RBAC
- UX / UI
- i18n
- Deployment / infra
- Docs
- Other
validations:
required: true

- type: textarea
id: additional
attributes:
label: Additional context
description: Mockups, links, references, related issues, etc.

- type: checkboxes
id: terms
attributes:
label: Confirmations
options:
- label: I have searched existing issues and confirmed this is not a duplicate
required: true
41 changes: 41 additions & 0 deletions .github/PULL_REQUEST_TEMPLATE.md
Original file line number Diff line number Diff line change
@@ -0,0 +1,41 @@
## Summary

<!-- A clear, concise description of what this PR does and why. -->

## Type of change

<!-- Check all that apply. -->

- [ ] Bug fix (non-breaking change that fixes an issue)
- [ ] New feature (non-breaking change that adds functionality)
- [ ] Breaking change (fix or feature that would change existing behavior)
- [ ] Documentation update
- [ ] Refactor / code cleanup
- [ ] Tests
- [ ] CI / build / tooling

## Related issues

<!-- e.g. Closes #123, Refs #456 -->

## How was this tested?

<!-- Describe the tests you ran. Include commands, environment, and steps to reproduce. -->

- [ ] `corepack yarn lint`
- [ ] `corepack yarn typecheck`
- [ ] `corepack yarn test --run`
- [ ] Manual testing (describe below)

## Screenshots / recordings

<!-- For UI changes, attach before/after screenshots or a short clip. -->

## Checklist

- [ ] My code follows the existing TypeScript and ESLint style
- [ ] I have performed a self-review of my own code
- [ ] I have added tests that prove my fix is effective or that my feature works
- [ ] New and existing unit tests pass locally
- [ ] I have updated the documentation where needed
- [ ] No secrets or credentials are committed
39 changes: 39 additions & 0 deletions SECURITY.md
Original file line number Diff line number Diff line change
@@ -0,0 +1,39 @@
# Security Policy

## Supported versions

PepeteX is under active, AI-assisted ("vibecoded") development and is provided **as-is, with no warranty**. Only the latest `main` branch receives security fixes. Please make sure you are running the most recent version before reporting an issue.

| Version | Supported |
| ------- | ------------------ |
| `main` | :white_check_mark: |
| older | :x: |

## Reporting a vulnerability

**Please do not open a public GitHub issue for security vulnerabilities.**

Instead, report it privately so we can investigate and ship a fix before details become public:

1. Go to the repository's **Security → Advisories** tab and choose **"Report a vulnerability"** (GitHub Private Vulnerability Reporting), **or**
2. Email the maintainers at `<INSERT-SECURITY-CONTACT-EMAIL>`.

Please include as much detail as you can:

- A description of the vulnerability and its potential impact
- Steps to reproduce (proof-of-concept, affected endpoints/components)
- The version or commit you tested against
- Any suggested remediation, if you have one

## What to expect

- **Acknowledgement** within 5 business days.
- An initial assessment and severity classification shortly after.
- Regular updates on remediation progress.
- Public disclosure (and credit, if you wish) once a fix is available.

## Scope

This project is self-hosted and depends on operator-supplied configuration — AI provider keys, object storage, and database credentials. Misconfiguration of your own deployment (exposed `.env`, public object storage, weak credentials) is outside the scope of this policy, but we're happy to receive documentation improvements that help others avoid those pitfalls.

Thank you for helping keep PepeteX and its users safe.