Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Add description of new security requirements #1152

Merged
merged 1 commit into from
Feb 28, 2024
Merged
Changes from all commits
Commits
File filter

Filter by extension

Filter by extension

Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
37 changes: 30 additions & 7 deletions README.md
Original file line number Diff line number Diff line change
Expand Up @@ -6,24 +6,47 @@ This particular site is made for use with [cloud.gov Pages](https://cloud.gov/pa

See the [wiki](https://github.com/GSA/open-gsa-redesign/wiki) for more info related to this site including a product roadmap, personas, and guides.

## Running locally
## Repository access for API documentation

There are some security requirements governing your participation in editing the API documents hosted in this repository. Namely:

* All commits must have a signature
* All pull requests must be reviewed and approved by someone other than the individual who opened the pull request

### How to sign commits

Commit signing provides an additional layer of verification, ensuring that changes are made by those who are authorized to do so.

If you are making edits directly on the GitHub website, GitHub will automatically handle signing your commits. If you are pushing your change from your local system, then you will have to ensure that you are correctly signing your commits using your Git application. To get started with commit signing, [GitHub's documentation on commit signature verification](https://docs.github.com/en/authentication/managing-commit-signature-verification/about-commit-signature-verification) for instructions on how to configure your Git client and GitHub account. You may use any signing method (GPG, SSH, or S/MIME).

### How to approve pull requests

Reviews help provide additional confirmation that changes to the website are acceptable.

If you are opening a pull request to make a change, please arrange for another person on your team to review and approve your change. That reviewer will need to have the proper access to this repository. Please see the [list of API Documentation Editors](https://github.com/orgs/GSA/teams/open-gsa-gov-api-documentation-editors) to make sure the reviewer already has access to this repository. If not, please contact us to have them added. Reviewers can refer to [GitHub's documentation on approving a pull request](https://docs.github.com/en/pull-requests/collaborating-with-pull-requests/reviewing-changes-in-pull-requests/approving-a-pull-request-with-required-reviews) for instructions.

## Running a local development server

This is a statically generated site built using Jekyll.

### Before you start

You will need to have the following installed on your machine:
You will need to have Ruby version 3 following installed on your machine. See the `.ruby-version` file for the current version this project uses.

To install Bundler and then the dependencies:

* Ruby 3 (see the `.ruby-version` file for the current version this project uses)
* Bundler
```
gem install bundler
bundle install
```

### Running Jekyll

The preferred method for running Jekyll is with `bundle exec jekyll serve`.
The preferred method for running Jekyll is with `bundle exec rake serve`.

Note that this method will rebuild the entire site every time you make a change to any file. If you want faster builds, you can use `bundle exec jekyll incrementalserve`, which comes with [some caveats](https://jekyllrb.com/docs/configuration/incremental-regeneration/), notably only changed files will be rebuilt. This means if you change a data file, HTML pages that use that data file won't be updated.
Note that this method will rebuild the entire site every time you make a change to any file. If you want faster builds, you can use `bundle exec rake incrementalserve`, which comes with [some caveats](https://jekyllrb.com/docs/configuration/incremental-regeneration/), notably only changed files will be rebuilt. This means if you change a data file, HTML pages that use that data file won't be updated.

### Public domain
## License

This project is in the worldwide [public domain](LICENSE.md). As stated in [CONTRIBUTING](CONTRIBUTING.md):

Expand Down
Loading