From 46a6567e62c77e792419410bed394618df51cfe4 Mon Sep 17 00:00:00 2001
From: SwingTheVine <swingthevine@gmail.com>
Date: Fri, 6 Feb 2026 17:40:06 -0500
Subject: [PATCH] Updated meta-information to better comply with OpenSSF Best
 Practices

---
 docs/CONTRIBUTING.md          |  2 ++
 docs/CONTRIBUTING_LICENSE.txt | 34 ++++++++++++++++++++++++++++++++++
 docs/README.md                |  2 +-
 docs/SECURITY.md              |  2 +-
 4 files changed, 38 insertions(+), 2 deletions(-)
 create mode 100644 docs/CONTRIBUTING_LICENSE.txt

diff --git a/docs/CONTRIBUTING.md b/docs/CONTRIBUTING.md
index ea03672..26e765d 100644
--- a/docs/CONTRIBUTING.md
+++ b/docs/CONTRIBUTING.md
@@ -112,6 +112,7 @@
 
 <h2>Guidelines</h2>
 <ul>
+  <li>The project owner has the final say over all decisions. The current project owner is: <code>SwingTheVine</code>.</li>
   <li>Always submit a <a href="https://github.com/SwingTheVine/Wplace-BlueMarble/issues/new/choose" target="_blank" rel="noopener noreferrer">feature request</a> and receive authorization to work on your contribution <i>before</i> you start working on your contribution. This will save you time if we end up rejecting the contribution. Small contributions (like fixing spelling errors) don't need a feature request.</li>
   <li>Follow the <a href="https://github.com/SwingTheVine/.github/blob/main/CODE_OF_CONDUCT.md" target="_blank" rel="noopener noreferrer">Code of Conduct</a>. This includes both your contributions and the way you interact with this community.</li>
   <li>Always write a clear message that explains the changes. "Added some things" does <i>not</i> explain what was changed.</li>
@@ -119,6 +120,7 @@
   <li>The file structure must be maintained (unless you were authorized to change it). For example, all code should go in `src/` and all code affecting the overlay should go in the Overlay class file.</li>
   <li>The naming structure must be maintained (unless you were authorized to change it). For example, the template image variable could be called "templateDataImage." Most things are named to be grouped based on what they share in common first. In the previous example, the variable is first related to a "template," then "data" which is an "image." This is because the variable stores an image that comes from the data of a template. The main reason for naming things this way is to aid you when you try to find the name of something. "I need the image of a template, so the variable probably starts with 'template'".</li>
   <li>Your code must be commented, explaining what everything does. We may reject the pull request if we can't understand what the code does.</li>
+  <li>Your code <i>should</i> follow SwingTheVine's <a href="https://github.com/SwingTheVine#code-style" target="_blank" rel="noopener noreferrer">code style</a>. It is not required, but it helps things progress faster.</li>
 </ul>
 
 <h2>Our Mission</h2>
diff --git a/docs/CONTRIBUTING_LICENSE.txt b/docs/CONTRIBUTING_LICENSE.txt
new file mode 100644
index 0000000..d950df0
--- /dev/null
+++ b/docs/CONTRIBUTING_LICENSE.txt
@@ -0,0 +1,34 @@
+Developer Certificate of Origin
+Version 1.1
+
+Copyright (C) 2004, 2006 The Linux Foundation and its contributors.
+
+Everyone is permitted to copy and distribute verbatim copies of this
+license document, but changing it is not allowed.
+
+
+Developer's Certificate of Origin 1.1
+
+By making a contribution to this project, I certify that:
+
+(a) The contribution was created in whole or in part by me and I
+    have the right to submit it under the open source license
+    indicated in the file; or
+
+(b) The contribution is based upon previous work that, to the best
+    of my knowledge, is covered under an appropriate open source
+    license and I have the right under that license to submit that
+    work with modifications, whether created in whole or in part
+    by me, under the same open source license (unless I am
+    permitted to submit under a different license), as indicated
+    in the file; or
+
+(c) The contribution was provided directly to me by some other
+    person who certified (a), (b) or (c) and I have not modified
+    it.
+
+(d) I understand and agree that this project and the contribution
+    are public and that a record of the contribution (including all
+    personal information I submit with it, including my sign-off) is
+    maintained indefinitely and may be redistributed consistent with
+    this project or the open source license(s) involved.
\ No newline at end of file
diff --git a/docs/README.md b/docs/README.md
index cbcffba..4ee784b 100644
--- a/docs/README.md
+++ b/docs/README.md
@@ -56,7 +56,7 @@
 <a href="" target="_blank" rel="noopener noreferrer"><img alt="Total Comments" src="https://img.shields.io/badge/Lines_Of_Comments-498-blue?style=flat"></a>
 <a href="" target="_blank" rel="noopener noreferrer"><img alt="Compression" src="https://img.shields.io/badge/Compression-70.19%25-blue"></a>
 <a href="" target="_blank" rel="noopener noreferrer"><img alt="Repo Size" src="https://img.shields.io/github/repo-size/SwingTheVine/Wplace-BlueMarble"></a>
-<a href="https://hits.sh/github.com/SwingTheVine/Wplace-BlueMarble/"><img alt="Views" src="https://hits.sh/github.com/SwingTheVine/Wplace-BlueMarble.svg?label=Views&extraCount=664359&color=ffffff"/></a>
+<a href="https://hits.sh/github.com/SwingTheVine/Wplace-BlueMarble/" target="_blank" rel="noopener"><img alt="Views" src="https://hits.sh/github.com/SwingTheVine/Wplace-BlueMarble.svg?label=Views&extraCount=664359&color=ffffff"/></a>
 <a href="" target="_blank" rel="noopener noreferrer"><img alt="Downloads" src="https://img.shields.io/github/downloads/SwingTheVine/Wplace-BlueMarble/total.svg"></a>
 <a href="" target="_blank" rel="noopener noreferrer"><img alt="Build" src="https://github.com/SwingTheVine/Wplace-BlueMarble/actions/workflows/build.yml/badge.svg"></a>
 <a href="" target="_blank" rel="noopener noreferrer"><img alt="Pages" src="https://github.com/SwingTheVine/Wplace-BlueMarble/actions/workflows/pages/pages-build-deployment/badge.svg?branch=wiki"></a>
diff --git a/docs/SECURITY.md b/docs/SECURITY.md
index e41f972..95c289e 100644
--- a/docs/SECURITY.md
+++ b/docs/SECURITY.md
@@ -1,5 +1,5 @@
 <h1>Reporting A Security Vulnerability</h1>
 <a href="" target="_blank" rel="noopener noreferrer"><img alt="CodeQL" src="https://github.com/SwingTheVine/Wplace-BlueMarble/actions/workflows/github-code-scanning/codeql/badge.svg"></a>
 <p>
-  Since this is a userscript, there will not be many vulnerabilities. The user is in charge of their own security, by choosing which scripts to run. Regardless, if you do find a security vulnerability in Blue Marble, please report it on the GitHub Security Advisory <a href="https://github.com/SwingTheVine/Wplace-BlueMarble/security/advisories/new">"Report a Vulnerability"</a> tab.
+  Since this is a userscript, there will not be many vulnerabilities. This userscript is expected to make an attempt to protect the user from attacks executed through the userscript (i.e. XSS attacks only possible if the userscript is run). However, the user is in charge of their own security by choosing which scripts to run. Regardless, if you do find a security vulnerability in Blue Marble, please report it on the GitHub Security Advisory <a href="https://github.com/SwingTheVine/Wplace-BlueMarble/security/advisories/new">"Report a Vulnerability"</a> tab.
 </p>