Ceate issue templates

.github/ISSUE_TEMPLATE/1-bug-report.yml

@@ -0,0 +1,49 @@
+name: "\U0001F41B Bug Report"
+description: 'Create a report to help us improve'
+title: '[BUG]: '
+labels: ['bug']
+body:
+  - type: textarea
+    attributes:
+      label: Describe the bug
+      description: a clear and concise description of what the bug is
+    validations:
+      required: true
+  - type: textarea
+    attributes:
+      label: To Reproduce
+      description: steps to reproduce the behavior
+      placeholder: |
+        1. In this environment...
+        2. With this config...
+        3. Run '...'
+        4. See error...
+    validations:
+      required: true
+  - type: textarea
+    attributes:
+      label: Expected behavior
+      description: a clear and concise description of what you expected to happen
+    validations:
+      required: true
+  - type: input
+    attributes:
+      label: NotifyBC version
+      description: |
+        version of NotifyBC can be found in `package.json` file
+    validations:
+      required: true
+  - type: dropdown
+    attributes:
+      label: Installation method
+      description: How do you install NotifyBC?
+      options:
+        - Source code
+        - Kubernetes
+        - Docker
+    validations:
+      required: true
+  - type: textarea
+    attributes:
+      label: Additional context
+      description: add any other context about the problem here

.github/ISSUE_TEMPLATE/2-feature-request.yml

@@ -0,0 +1,25 @@
+name: "\U0001F680 Feature request"
+description: Suggest an idea for this project
+title: '[FEATURE]: '
+labels: ['enhancement']
+body:
+  - type: textarea
+    attributes:
+      label: Is your feature request related to a problem? Please describe.
+      description: A clear and concise description of what the problem is. Ex. I'm always frustrated when [...]
+    validations:
+      required: true
+  - type: textarea
+    attributes:
+      label: Describe the solution you'd like
+      description: A clear and concise description of what you want to happen.
+    validations:
+      required: true
+  - type: textarea
+    attributes:
+      label: Describe alternatives you've considered
+      description: A clear and concise description of any alternative solutions or features you've considered.
+  - type: textarea
+    attributes:
+      label: Additional context
+      description: Add any other context or screenshots about the feature request here.

.github/ISSUE_TEMPLATE/config.yml

@@ -0,0 +1,2 @@
+## To encourage contributors to use issue templates, we don't allow blank issues
+blank_issues_enabled: false

SECURITY.md

@@ -0,0 +1,5 @@
+# Security Reporting
+
+Security vulnerabilities are considered bugs. After all, they are. As such, security vulnerabilities are subject to the same screening as bugs, most important part of which being detailed reproduction steps. Just reference a vulnerability registry such as CVE is not enough unless the vulnerability is registered directly against _NotifyBC_ and contains detailed reproduction steps.
+
+To report a vulnerability privately, use [Github security advisory](https://github.com/bcgov/NotifyBC/security/advisories/new).

docs/.vuepress/config.js

@@ -165,7 +165,11 @@ export default defineUserConfig({
       },
       {
         text: 'Meta',
-        children: ['/docs/conduct/', '/docs/acknowledgments/'],
+        children: [
+          '/docs/conduct/',
+          '/docs/security-reporting/',
+          '/docs/acknowledgments/',
+        ],
       },
     ],
   }),

docs/docs/meta/security-reporting.md

@@ -0,0 +1,6 @@
+---
+permalink: /docs/security-reporting/
+editable: false
+---
+
+!!!include(../SECURITY.md)!!!