p2pool-starter-stack · VijitSingh97 · Jun 18, 2026 · Jun 18, 2026
@@ -0,0 +1,4 @@
+# Code owners — every PR requests review from the owner(s) below.
+# https://docs.github.com/articles/about-code-owners
+
+* @VijitSingh97
@@ -0,0 +1,36 @@
+---
+name: Bug report
+about: Report something broken on the site — a rendering glitch, broken link, or display issue
+title: "[Bug] "
+labels: bug
+assignees: ''
+---
+
+## What happened?
+
+A clear description of the bug — what you expected to see, and what actually happened.
+
+## Where?
+
+- **Page / URL:** (e.g. https://p2pool-starter-stack.github.io/#roadmap)
+- **Section or element:** (hero, project card, FAQ, footer, …)
+
+## Steps to reproduce
+
+1. ...
+2. ...
+
+## Environment
+
+- **Browser & version:**
+- **OS:**
+- **Device:** (desktop / mobile / tablet)
+- **Screen size or zoom**, if relevant:
+
+## Screenshots
+
+If it's visual, a screenshot helps a lot.
+
+## Additional context
+
+Anything else — console errors, when it started, etc.
@@ -0,0 +1,8 @@
+blank_issues_enabled: true
+contact_links:
+  - name: Security vulnerability
+    url: https://github.com/p2pool-starter-stack/p2pool-starter-stack.github.io/security/advisories/new
+    about: Please report security issues privately via GitHub Security Advisories, not as a public issue.
+  - name: Question or discussion
+    url: https://github.com/p2pool-starter-stack/p2pool-starter-stack.github.io/issues
+    about: Browse existing issues before opening a new one.
@@ -0,0 +1,21 @@
+---
+name: Content fix
+about: A typo, wording, broken/outdated link, or factual correction in the site copy
+title: "[Content] "
+labels: documentation
+assignees: ''
+---
+
+## What needs fixing?
+
+Quote the current text or link, and where it appears (page + section).
+
+## Suggested change
+
+What it should say instead.
+
+## Why
+
+Briefly, why the change is correct (a typo, an outdated version, a wrong link, …).
+
+<!-- Most copy lives in data/content.yaml — small wording fixes are very welcome as PRs. -->
@@ -0,0 +1,24 @@
+---
+name: Feature request
+about: Suggest an idea or improvement for the site
+title: "[Feature] "
+labels: enhancement
+assignees: ''
+---
+
+## Problem / motivation
+
+What are you trying to do, and what's getting in the way? Describe the use case rather
+than a specific solution where you can.
+
+## Proposed solution
+
+What would you like to see happen?
+
+## Alternatives considered
+
+Any other approaches you thought about, and why this one is better.
+
+## Additional context
+
+Anything else — links, references, screenshots, related issues, etc.
@@ -0,0 +1,39 @@
+# Security Policy
+
+This repository is the source for the P2Pool Starter Stack website
+(<https://p2pool-starter-stack.github.io/>) — a static [Hugo](https://gohugo.io/) site with no
+backend and no third-party requests at runtime (system fonts only; nothing phones home). The main
+security surface is the **build and deploy pipeline** rather than the served pages, but we still
+want to hear about anything that could mislead visitors or compromise the site.
+
+## Supported versions
+
+The live site is whatever is on the latest `main` — it deploys on every push. There are no release
+branches; please check against current `main` before reporting.
+
+| Version        | Supported          |
+|----------------|--------------------|
+| latest `main`  | ✅                 |
+| anything older | ❌ (please update) |
+
+## Reporting a vulnerability
+
+**Please do not open a public issue for security problems.**
+
+Use GitHub's private vulnerability reporting instead: go to the **Security** tab and click
+**"Report a vulnerability"**. This opens a private advisory visible only to the maintainers, where
+we can triage and coordinate a fix and disclosure with you.
+
+When you report, it helps to include:
+
+- A description of the issue and its impact.
+- Steps to reproduce, and the affected area (a rendered page, the build/deploy workflow, the
+  `scripts/refresh-releases.py` release-refresh script, a third-party GitHub Action, etc.).
+- Any relevant logs or links.
+
+**In scope, for example:** a way to inject content into the built site, a compromised or unpinned
+dependency/Action in the build, leaked credentials in the repo or CI, or a weakness in the deploy
+pipeline. **Out of scope:** issues in third-party services we merely link to, and anything that
+requires an already-compromised maintainer machine.
+
+We aim to acknowledge reports promptly and will keep you posted as we work on a fix.