Lingchu Bot documentation is now live — check it out!
Lingchu Bot

Project Policy

Project Policy

This page summarizes contribution, security, license, and media file requirements. The original files at the repository root are authoritative.

Contribution

Contribution workflow, PR requirements, and local check commands are documented at:

Before contributing, clarify the scope, protect existing workspace changes, and follow GitNexus impact analysis requirements.

Code of conduct

Community discussion, issues, PRs, and code reviews should follow:

Keep communication specific, respectful, and verifiable.

Security

Security issue and vulnerability reporting is documented at:

Do not publish sensitive credentials, account information, or abuse-ready details in public issues.

License

The project uses a phased open-source license stack with an automatic transition between two phases. The authoritative definition, transition trigger, and SPDX identifiers live in Repository-Policy.md. The summary below mirrors that document.

Current phase (effective from project inception)

SubjectLicenseSPDX identifier
Software codeGNU Lesser General Public License v3.0 or laterLGPL-3.0-or-later
DocumentationGNU Free Documentation License v1.3 or laterGFDL-1.3-or-later
Visual elementsCC0 1.0 Universal Public Domain DedicationCC0-1.0

Future phase (triggered automatically)

SubjectLicenseSPDX identifier
Software codeMIT License or later, or Apache License 2.0 or later (user-elected dual)MIT-or-later OR Apache-2.0-or-later
DocumentationCreative Commons Attribution-ShareAlike 4.0 International or laterCC-BY-SA-4.0-or-later
Visual elementsCreative Commons Attribution-ShareAlike 4.0 International or laterCC-BY-SA-4.0-or-later

Note: pyproject.toml uses the canonical SPDX form (MIT OR Apache-2.0, CC-BY-SA-4.0) for PEP 639 / uv build validation; the -or-later form above expresses the project's intended "or later" semantics.

The transition trigger is the earlier of (a) one year after the first public release, or (b) the first major version bump. The transition only applies to contributions submitted on or after the trigger date; contributions made before that date remain under the license that was in effect at submission time.

Full license texts are available at the repository root:

License and CLA

Submitting a contribution — a pull request, an issue patch, a translation, a visual asset, or any other material — means you accept the Contributor License Agreement (CLA.md). The Chinese mirror is at .github/note/CLA-zh.md.

The CLA is what makes the future-phase transition legally executable. It grants the Project a perpetual, worldwide, non-exclusive, no-charge, royalty-free, irrevocable copyright and patent license over your contribution, plus an explicit right to relicense your contribution as part of the Project when the transition trigger is reached. The trigger is one of:

  • One year after the first non-pre-release publication of the Project (the first 1.0.0 or later, not a 0.x or rc / alpha / beta); or
  • The first major version bump of the Project (a SemVer x.0.0 release).

The transition is one-way and applies only to contributions submitted on or after the trigger date. Earlier contributions stay under their original license. You accept the CLA by:

  • Adding a Signed-off-by: trailer (Developer Certificate of Origin format) to a commit you submit.
  • Checking the CLA acknowledgment checkbox in the pull request template.
  • Submitting a contribution through any Git-based mechanism that links your Git identity to this Agreement.

If the Project later publishes a more detailed or signed CLA form that explicitly replaces the current one, the newer form governs contributions submitted on or after its effective date. For the day-to-day contribution workflow, see the developer workflow guide.

Media redaction

Media files include images, audio, video, and similar files. Unless explicitly marked as CC0 1.0, they must be redacted before use.

Redaction should at least consider:

  • Removing or blurring personal identity information.
  • Handling faces, license plates, locations, and other identifiable content.
  • Removing sensitive metadata.
  • Confirming that derived files still comply with the original license.

Last updated on

On this page