Update repository readme files to match Oracle templates (#26)

CONTRIBUTING.md

@@ -9,13 +9,30 @@ Join us at [#helidon-users](http://slack.helidon.io) and participate in discussi
 
 ## Opening Issues
 
-If you hit a bug or have an enhancement request then file a [GitHub issue](https://github.com/helidon-io/helidon-examples/issues). When filing an issue remember that the better written the issue is, the more likely it is
-to be fixed. 
+For bugs or enhancement requests, please file a [GitHub issue](https://github.com/helidon-io/helidon/issues) unless it's
+security related. When filing a bug remember that the better written the bug is,
+the more likely it is to be fixed. If you think you've found a security
+vulnerability, do not raise a GitHub issue and follow the instructions in our
+[security policy](./SECURITY.md).
 
-## Contributing Code
+## Contributing code
 
 We welcome your code contributions. Before submitting code via a pull request,
- you will need to have signed the [Oracle Contributor Agreement][OCA] (OCA).
+you will need to have signed the [Oracle Contributor Agreement][OCA] (OCA) and
+your commits need to include the following line using the name and e-mail
+address you used to sign the OCA:
+
+```text
+Signed-off-by: Your Name <[email protected]>
+```
+
+This can be automatically added to pull requests by committing with `--sign-off`
+or `-s`, e.g.
+
+```text
+git commit --signoff
+```
+
 Only pull requests from committers that can be verified as having signed the OCA
 can be accepted.
 

NOTICE.txt

@@ -2,7 +2,7 @@
                            Project Helidon
                            ===============
 
-Copyright (c) 2017, 2023 Oracle and/or its affiliates.
+Copyright (c) 2017, 2024 Oracle and/or its affiliates.
 
 Licensed under the Apache License, Version 2.0 (the "License");
 you may not use this file except in compliance with the License.

README.md

@@ -3,9 +3,9 @@
 
 Examples for Helidon 3.
 
-[Helidon 2 Examples](https://github.com/helidon-io/helidon/tree/helidon-2.x/examples) are in the primary Helidon repository.
+[Helidon 4 Examples](https://github.com/helidon-io/helidon/tree/main/examples) and [Helidon 2 Examples](https://github.com/helidon-io/helidon/tree/helidon-2.x/examples) are in the primary Helidon repository.
 
-# To Run the Examples
+## How to Run
 
 To build and run Helidon 3 examples you need:
 
@@ -21,7 +21,7 @@ git checkout helidon-3.x
 mvn clean install
 ```
 
-# Branches
+### How Repository is Organized
 
 | Branch        | Description |
 | ------------- |-------------|
@@ -41,21 +41,33 @@ git checkout helidon-3.x
 To checkout examples for a specific release of Helidon:
 
 ```
-git checkout tags/3.6.0
+git checkout tags/3.2.5
 ```
 
+## Documentation
+
+Each example has a README that contains additional details for building and running the example.
+
+## Help
+
+* See the [Helidon FAQ](https://github.com/oracle/helidon/wiki/FAQ)
+* Ask questions on Stack Overflow using the [helidon tag](https://stackoverflow.com/tags/helidon)
+* Join us on Slack: [#helidon-users](http://slack.helidon.io)
+
 ## Contributing
 
-This project welcomes contributions from the community. Before submitting a pull
-request, please [review our contribution guide](./CONTRIBUTING.md).
+This project welcomes contributions from the community. Before submitting a pull request, please [review our contribution guide](./CONTRIBUTING.md)
+
+## Security
+
+Please consult the [security guide](./SECURITY.md) for our responsible security vulnerability disclosure process
 
 ## License
 
-Copyright (c) 2017, 2023 Oracle and/or its affiliates.
+Copyright (c) 2017, 2024 Oracle and/or its affiliates.
 
 Released under [Apache License 2.0](./LICENSE.txt).
 
 ## Third Party Attributions
 
 Developers choosing to distribute a binary implementation of this project are responsible for obtaining and providing all required licenses and copyright notices for the third-party code used in order to ensure compliance with their respective open source licenses.
-

SECURITY.md

@@ -0,0 +1,39 @@
+# Reporting security vulnerabilities
+
+Oracle values the independent security research community and believes that
+responsible disclosure of security vulnerabilities helps us ensure the security
+and privacy of all our users.
+
+Please do NOT raise a GitHub Issue to report a security vulnerability. If you
+believe you have found a security vulnerability, please submit a report to
+[[email protected]][1] preferably with a proof of concept. Please review
+some additional information on [how to report security vulnerabilities to Oracle][2].
+We encourage people who contact Oracle Security to use email encryption using
+[our encryption key][3].
+
+We ask that you do not use other channels or contact the project maintainers
+directly.
+
+Non-vulnerability related security issues including ideas for new or improved
+security features are welcome on GitHub Issues.
+
+## Security updates, alerts and bulletins
+
+Security updates will be released on a regular cadence. Many of our projects
+will typically release security fixes in conjunction with the
+Oracle Critical Patch Update program. Additional
+information, including past advisories, is available on our [security alerts][4]
+page.
+
+## Security-related information
+
+We will provide security related information such as a threat model, considerations
+for secure use, or any known security issues in our documentation. Please note
+that labs and sample code are intended to demonstrate a concept and may not be
+sufficiently hardened for production use.
+
+[1]: mailto:[email protected]
+[2]: https://www.oracle.com/corporate/security-practices/assurance/vulnerability/reporting.html
+[3]: https://www.oracle.com/security-alerts/encryptionkey.html
+[4]: https://www.oracle.com/security-alerts/
+