diff --git a/.github/SECURITY.md b/.github/SECURITY.md new file mode 100644 index 0000000..5533087 --- /dev/null +++ b/.github/SECURITY.md @@ -0,0 +1,31 @@ +# Reporting security issues + +The OpenFermion-PySCF developers and community take security bugs in +OpenFermion-PySCF seriously. We appreciate your efforts to responsibly disclose +your findings, and will make every effort to acknowledge your contributions. + +Please **do not** use GitHub issues to report security vulnerabilities; GitHub +issues are public, and doing so could allow someone to exploit the information +before the problem can be addressed. Instead, please use the GitHub ["Report a +Vulnerability"](https://github.com/quantumlib/OpenFermion-PySCF/security/advisories/new) +interface from the _Security_ tab of the OpenFermion-PySCF repository. + +Please report security issues in third-party modules to the person or team +maintaining the module rather than the OpenFermion-PySCF project stewards, +unless you believe that some action needs to be taken with OpenFermion-PySCF in +order to guard against the effects of a security vulnerability in a third-party +module. + +## Responses to security reports + +The project stewards at Google Quantum AI will send a response indicating the +next steps in handling your report. After the initial reply to your report, the +project stewards will keep you informed of the progress towards a fix and full +announcement, and may ask for additional information or guidance. + +## Additional points of contact + +Please contact the project stewards at Google Quantum AI via email at +quantum-oss-maintainers@google.com if you have questions or other concerns. If +for any reason you are uncomfortable reaching out to the project stewards, +please email opensource@google.com instead. diff --git a/CODE_OF_CONDUCT.md b/CODE_OF_CONDUCT.md new file mode 100644 index 0000000..34ac21b --- /dev/null +++ b/CODE_OF_CONDUCT.md @@ -0,0 +1,91 @@ +# Code of Conduct + +## Our Pledge + +In the interest of fostering an open and welcoming environment, we as +contributors and maintainers pledge to making participation in our project and +our community a harassment-free experience for everyone, regardless of age, body +size, disability, ethnicity, gender identity and expression, level of +experience, education, socio-economic status, nationality, personal appearance, +race, religion, or sexual identity and orientation. + +## Our Standards + +Examples of behavior that contributes to creating a positive environment +include: + +* Using welcoming and inclusive language +* Being respectful of differing viewpoints and experiences +* Gracefully accepting constructive criticism +* Focusing on what is best for the community +* Showing empathy towards other community members + +Examples of unacceptable behavior by participants include: + +* The use of sexualized language or imagery and unwelcome sexual attention or + advances +* Trolling, insulting/derogatory comments, and personal or political attacks +* Public or private harassment +* Publishing others' private information, such as a physical or electronic + address, without explicit permission +* Other conduct which could reasonably be considered inappropriate in a + professional setting + +## Our Responsibilities + +Project maintainers are responsible for clarifying the standards of acceptable +behavior and are expected to take appropriate and fair corrective action in +response to any instances of unacceptable behavior. + +Project maintainers have the right and responsibility to remove, edit, or reject +comments, commits, code, wiki edits, issues, and other contributions that are +not aligned to this Code of Conduct, or to ban temporarily or permanently any +contributor for other behaviors that they deem inappropriate, threatening, +offensive, or harmful. + +## Scope + +This Code of Conduct applies both within project spaces and in public spaces +when an individual is representing the project or its community. Examples of +representing a project or community include using an official project e-mail +address, posting via an official social media account, or acting as an appointed +representative at an online or offline event. Representation of a project may be +further defined and clarified by project maintainers. + +This Code of Conduct also applies outside the project spaces when the Project +Stewards have a reasonable belief that an individual's behavior may have a +negative impact on the project or its community. + +## Conflict Resolution + +We do not believe that all conflict is bad; healthy debate and disagreement +often yield positive results. However, it is never okay to be disrespectful or +to engage in behavior that violates the project’s Code of Conduct. + +If you see someone violating the Code of Conduct, you are encouraged to address +the behavior directly with those involved. Many issues can be resolved quickly +and easily, and this gives people more control over the outcome of their +dispute. If you are unable to resolve the matter for any reason, or if the +behavior is threatening or harassing, report it. We are dedicated to providing +an environment where participants feel welcome and safe. + +Reports should be directed to quantumai-oss-maintainers@googlegroups.com, +the project stewards at Google Quantum AI. They will then work with a committee +consisting of representatives from the Open Source Programs Office and the +Google Open Source Strategy team. If for any reason you are uncomfortable +reaching out to the Project Stewards, please email opensource@google.com. + +We will investigate every complaint, but you may not receive a direct response. +We will use our discretion in determining when and how to follow up on reported +incidents, which may range from not taking action to permanent expulsion from +the project and project-sponsored spaces. We will notify the accused of the +report and provide them an opportunity to discuss it before any action is taken. +The identity of the reporter will be omitted from the details of the report +supplied to the accused. In potentially harmful situations, such as ongoing +harassment or threats to anyone's safety, we may take action without notice. + +## Attribution + +This Code of Conduct is adapted from the Contributor Covenant, version 1.4, +available at +https://www.contributor-covenant.org/version/1/4/code-of-conduct.html diff --git a/CONTRIBUTING.md b/CONTRIBUTING.md new file mode 100644 index 0000000..22e6eec --- /dev/null +++ b/CONTRIBUTING.md @@ -0,0 +1,151 @@ +# How to contribute + +We'd love to accept your patches and contributions to this project. We do have +some guidelines to follow, covered in this document, but don't be concerned +about getting everything right the first time! Create a pull request (discussed +below) and we'll nudge you in the right direction. + +## Before you begin + +### Sign our Contributor License Agreement + +Contributions to this project must be accompanied by a [Contributor License +Agreement](https://cla.developers.google.com/about) (CLA). You (or your +employer) retain the copyright to your contribution; the CLA simply gives us +permission to use and redistribute your contributions as part of the project. +Please visit https://cla.developers.google.com/ to see your current agreements +on file or to sign a new one. You generally only need to submit a Google CLA +once, so if you've already submitted one (even if it was for a different +project), you probably don't need to do it again. + +> [!WARNING] +> Please note carefully clauses [#5](https://cla.developers.google.com/about/google-corporate#:~:text=You%20represent%20that%20each%20of%20Your%20Contributions%20is%20Your%20original%20creation) +> and [#7](https://cla.developers.google.com/about/google-corporate#:~:text=Should%20You%20wish%20to%20submit%20work%20that%20is%20not%20Your%20original%20creation%2C%20You%20may%20submit%20it%20to%20Google%20separately) +> in the CLA. Any code that you contribute to this project must be **your** +> original creation. Code generated by artificial intelligence tools **does +> not** qualify as your original creation. + +### Review our community guidelines + +We have a [code of conduct](CODE_OF_CONDUCT.md) to make the project an open and +welcoming community environment. Please make sure to read and abide by the code +of conduct. + +## Contribution process + +All submissions, including submissions by project members, require review. We +use the tools provided by GitHub for pull requests for this purpose. The +preferred manner for submitting pull requests is to fork the, create a new +branch in this fork to do your work, and when ready, create a pull request from +this branch to the main project repository. The subsections below describe the +process in more detail. + +Pleae make sure to follow the [Google Style +Guides](https://google.github.io/styleguide/) in your code, particularly the +[style guide for Python](https://google.github.io/styleguide/pyguide.html). + +### Repository forks + +1. Fork the OpenFermion-PySCF repository (you can use the _Fork_ button in + upper right corner of the [repository + page](https://github.com/quantumlib/OpenFermion-PySCF)). Forking creates a + new GitHub repo at the location + `https://github.com/USERNAME/OpenFermion-PySCF`, where `USERNAME` is your + GitHub user name. + +1. Clone (using `git clone`) or otherwise download your forked repository to + your local computer, so that you have a local copy where you can do your + development work using your preferred editor and development tools. + +1. Check out the `main` branch and create a new [git + branch](https://git-scm.com/book/en/v2/Git-Branching-Branches-in-a-Nutshell) + from `main`: + + ```shell + git checkout main -b YOUR_BRANCH_NAME + ``` + + where `YOUR_BRANCH_NAME` is the name of your new branch. + +### Development environment installation + +Please refer to the section _Developer install_ of the [installation +instructions](docs/install.md) for information about how to set up a local copy +of the software for development. + +### Tests and test coverage + +Existing tests must continue to pass (or be updated) when changes are +introduced, and code should be covered by tests. We use +[pytest](https://docs.pytest.org) to run our tests and +[pytest-cov](https://pytest-cov.readthedocs.io) to compute coverage. We use the +scripts [`./check/pytest`](./check/pytest) and +[`./check/pytest-and-incremental-coverage`](./check/pytest-and-incremental-coverage) +to run these programs with custom configurations for this project. + +We don't require 100% coverage, but any uncovered code must be annotated with `# +pragma: no cover`. To ignore coverage of a single line, place `# pragma: no +cover` at the end of the line. To ignore coverage for an entire block, start the +block with a `# pragma: no cover` comment on its own line. + +### Lint + +Code should meet common style standards for Python and be free of error-prone +constructs. We use [Pylint](https://www.pylint.org/) to check for code lint, and +the script [`./check/pylint`](./check/pylint) to run it. When Pylint produces a +false positive, it can be silenced with annotations. For example, the annotation +`# pylint: disable=unused-import` would silence a warning about an unused +import. + +### Type annotations + +Code should have [type annotations](https://www.python.org/dev/peps/pep-0484/). +We use [mypy](http://mypy-lang.org/) to check that type annotations are correct, +and the script [`./check/mypy`](./check/mypy) to run it. When type checking +produces a false positive, it can be silenced with annotations such as `# type: +ignore`. + +### Pull requests and code reviews + +1. If your local copy has drifted out of sync with the `main` branch of the + main OpenFermion-PySCF repo, you may need to merge the latest changes into + your branch. To do this, first update your local `main` and then merge your + local `main` into your branch: + + ```shell + # Track the upstream repo (if your local repo hasn't): + git remote add upstream https://github.com/quantumlib/OpenFermion-PySCF.git + + # Update your local main. + git fetch upstream + git checkout main + git merge upstream/main + # Merge local main into your branch. + git checkout YOUR_BRANCH_NAME + git merge main + ``` + + If git reports conflicts during one or both of these merge processes, you + may need to [resolve the merge conflicts]( + https://docs.github.com/articles/about-merge-conflicts) before continuing. + +1. Finally, push your changes to your fork of the OpenFermion-PySCF repo on + GitHub: + + ```shell + git push origin YOUR_BRANCH_NAME + ``` + +1. Now when you navigate to the OpenFermion-PySCF repository on GitHub + (https://github.com/quantumlib/OpenFermion-PySCF), you should see the option + to create a new [pull + requests](https://help.github.com/articles/about-pull-requests/) from your + forked repository. Alternatively, you can create the pull request by + navigating to the "Pull requests" tab near the top of the page, and + selecting the appropriate branches. + +1. A reviewer from the OpenFermion-PySCF team will comment on your code and may + ask for changes. You can perform the necessary changes locally, commit them + to your branch as usual, and then push changes to your fork on GitHub + following the same process as above. When you do that, GitHub will update + the code in the pull request automatically. diff --git a/SUPPORT.md b/SUPPORT.md new file mode 100644 index 0000000..e4a8131 --- /dev/null +++ b/SUPPORT.md @@ -0,0 +1,21 @@ +# Support + +Thank you for your interest in this project! If you are experiencing problems +or have questions, the following are some suggestions for how to get help. + +> [!NOTE] +> Before participating in our community, please read our [code of +> conduct](CODE_OF_CONDUCT.md). By interacting with this repository, +> organization, or community, you agree to abide by its terms. + +## Report an issue or request a feature + +To report an issue or request a feature, please first search the [issue tracker +on GitHub](https://github.com/quantumlib/OpenFermion-PySCF/issues) to check if +there is already an open issue identical or similar to your bug report/feature +request. If there is none, go ahead and file a new issue in the issue tracker. + +## Contact the maintainers + +For any questions or concerns not addressed here, please email +[quantum-oss-maintainers@google.com](mailto:quantum-oss-maintainers@google.com).