Develop

.github/AUTOMATIC_RELEASES.md

@@ -0,0 +1,218 @@
+# Automatic Release System
+
+FixFX uses automated versioning and changelog generation based on commit messages. When you push to `develop` or `master`, the system automatically:
+
+1. **Analyzes commits** since the last release
+2. **Determines the next version** (semantic versioning)
+3. **Updates CHANGELOG.md**
+4. **Creates a GitHub release** with auto-generated notes
+
+No manual intervention needed!
+
+## Commit Message Format (Conventional Commits)
+
+The automation works by analyzing commit messages in this format:
+
+```
+type: description
+
+type(scope): description
+
+type!: description (with breaking change)
+```
+
+### Types
+
+- **`feat`** - New feature → Minor version bump (1.0.0 → 1.1.0)
+- **`fix`** - Bug fix → Patch version bump (1.0.0 → 1.0.1)
+- **`breaking`** or **`feat!`** - Breaking change → Major version bump (1.0.0 → 2.0.0)
+- **`chore`** - Build, deps, config changes (NOT included in release)
+- **`docs`** - Documentation only (NOT included in release)
+- **`test`** - Test changes (NOT included in release)
+
+### Examples
+
+```bash
+# Feature
+git commit -m "feat: add hosting provider directory structure"
+
+# Fix
+git commit -m "fix: correct provider validation schema reference"
+
+# With scope
+git commit -m "feat(providers): add guidelines documentation"
+
+# Breaking change (using !)
+git commit -m "feat!: reorganize provider file structure"
+
+# Breaking change (using breaking keyword)
+git commit -m "breaking: remove deprecated API endpoints"
+
+# Chore (won't trigger release)
+git commit -m "chore: update dependencies"
+git commit -m "docs: improve README"
+```
+
+## Workflow Triggers
+
+### ✅ Runs Automatically On
+
+- **Direct pushes to `develop` branch** - Analyzes commits, updates changelog, creates release
+- **Direct pushes to `master` branch** - Same as develop
+- **Merges to `develop`/`master`** - Same as direct pushes
+- **Changes to frontend files** - Only triggers when frontend code changes
+
+### ❌ Does NOT Run On
+
+- **Pull requests** - Prevents duplicate automation when merging
+- **Non-frontend changes** - Ignores changes to backend, docs, etc.
+- **Manual `chore:`, `docs:`, `test:` commits** - No version bump needed
+
+## What Gets Released
+
+The system looks at commits since the **last GitHub release tag** and:
+
+- Counts **breaking changes** → Major version bump
+- Counts **features** → Minor version bump  
+- Counts **fixes** → Patch version bump
+- Ignores **chore/docs/test** commits
+
+### Examples
+
+```
+Last Release: v1.0.0
+
+Commits since:
+  ✅ feat: add new feature
+  ✅ fix: fix a bug
+
+Next Release: v1.1.0 (minor bump for feature)
+```
+
+```
+Last Release: v1.0.0
+
+Commits since:
+  ✅ breaking: remove old API
+  ✅ feat: add new feature
+  ✅ fix: fix a bug
+
+Next Release: v2.0.0 (major bump for breaking change)
+```
+
+## Automatic Changelog Generation
+
+The changelog is automatically generated from your commit messages:
+
+```markdown
+## [1.1.0] - 2026-01-26
+
+### Breaking Changes
+- Remove deprecated authentication method
+
+### Added
+- Add hosting provider directory structure
+- Add provider guidelines documentation
+
+### Fixed
+- Correct schema validation reference
+```
+
+This appears in:
+1. **CHANGELOG.md** - Updated automatically
+2. **GitHub Release Notes** - Added automatically
+
+## Disabling Auto-Release
+
+If you need to prevent a release for a particular push:
+
+```bash
+# Use [skip-release] in commit message
+git commit -m "feat: add feature [skip-release]"
+
+# Or use non-conventional commit format (will be listed as "Other Changes")
+git commit -m "Update something random"
+```
+
+Note: Non-feature/fix/breaking commits are grouped as "Other Changes" and don't trigger version bumps.
+
+## Manual Releases
+
+For complete control, you can still create releases manually:
+
+1. Push your commits with conventional messages
+2. Manually create a release on GitHub with tag `v1.2.3`
+3. The system will recognize it as the latest version
+4. Next auto-release will calculate from this version
+
+## Troubleshooting
+
+### "No pending changes that require a release"
+
+Your commits don't include `feat:`, `fix:`, or `breaking:` prefixes.
+
+**Solution:** Use proper conventional commit format
+
+```bash
+# Wrong
+git commit -m "added new provider support"
+
+# Right
+git commit -m "feat: add new provider support"
+```
+
+### Release created but CHANGELOG not updated
+
+The CHANGELOG update happens in the workflow. Check:
+1. Workflow logs in GitHub Actions
+2. That commits use conventional format
+3. That at least one `feat:`, `fix:`, or `breaking:` commit exists
+
+### Version not incrementing correctly
+
+Check the last release tag:
+
+```bash
+git tag  # List all tags
+git describe --tags --abbrev=0  # Show latest tag
+```
+
+Make sure the tag follows `vMAJOR.MINOR.PATCH` format.
+
+## Commit Message Guidelines
+
+For the best auto-generated changelogs:
+
+### Good commit messages
+```
+feat: add provider guidelines documentation
+feat(providers): reorganize directory structure
+fix: resolve schema validation issue
+breaking: remove deprecated API endpoints
+```
+
+### Bad commit messages
+```
+update stuff
+fixed things
+WIP: feature
+various improvements
+```
+
+The commit message after the type/scope is included in the changelog, so keep them clear and descriptive!
+
+## GitHub Actions Secrets
+
+No additional secrets needed! The workflow uses the default `GITHUB_TOKEN` which has permission to:
+- Read commits and tags
+- Create releases
+- Push changes back to the repository
+
+## Next Steps
+
+1. **Start using conventional commits** in your workflow
+2. **Push to develop/master** when ready to release
+3. **Let the automation handle** changelog and release creation
+4. **Monitor GitHub Actions** to verify successful releases
+
+That's it! No more manual version tracking.

.github/CODE_OF_CONDUCT.md

@@ -0,0 +1,52 @@
+# Code of Conduct
+
+## Our Commitment
+
+We are committed to providing a welcoming, inclusive, and harassment-free environment for everyone who participates in the FixFX project. This applies to all project spaces including GitHub, Discord, and any other communication channels.
+
+## Expected Behavior
+
+All participants are expected to:
+
+- Be respectful and considerate in all interactions
+- Provide constructive feedback and accept it gracefully
+- Focus on what is best for the community and project
+- Show empathy towards other community members
+- Use inclusive language
+
+## Unacceptable Behavior
+
+The following behaviors are not tolerated:
+
+- Harassment, intimidation, or discrimination of any kind
+- Personal attacks, insults, or derogatory comments
+- Trolling or deliberately inflammatory remarks
+- Publishing others' private information without consent
+- Spam, excessive self-promotion, or off-topic content
+- Any conduct that would be considered inappropriate in a professional setting
+
+## Scope
+
+This Code of Conduct applies to all project spaces and to individuals representing the project in public spaces. This includes the GitHub repository, Discord server, social media, and any other official channels.
+
+## Enforcement
+
+Instances of unacceptable behavior may be reported to the project maintainers:
+
+- **Email**: [hey@codemeapixel.dev](mailto:hey@codemeapixel.dev)
+- **Discord**: [discord.gg/cYauqJfnNK](https://discord.gg/cYauqJfnNK)
+
+All reports will be reviewed and investigated promptly and fairly. Maintainers are obligated to respect the privacy and security of the reporter.
+
+### Consequences
+
+Project maintainers will determine appropriate action for violations, which may include:
+
+1. A private warning with clarity on the violation
+2. A public warning
+3. Temporary ban from project spaces
+4. Permanent ban from project spaces
+
+## Attribution
+
+This Code of Conduct is adapted from the [Contributor Covenant](https://www.contributor-covenant.org/), version 2.1.

CONTRIBUTING.md → .github/CONTRIBUTING.md

@@ -1,10 +1,10 @@
 # Contributing to FixFX
 
-Thank you for your interest in contributing to FixFX! We welcome contributions from the community and appreciate your help in making FixFX better.
+Thank you for your interest in contributing to FixFX. We welcome contributions from the community.
 
 ## Code of Conduct
 
-Please be respectful and constructive in all interactions. We are committed to providing a welcoming and inclusive environment for all contributors.
+Please read our [Code of Conduct](CODE_OF_CONDUCT.md) before participating. We expect all contributors to be respectful and constructive.
 
 ## How to Contribute
 
@@ -283,14 +283,10 @@ When adding new features:
 
 ## Questions?
 
-- Check existing issues and discussions
-- Ask in our [Discord community](https://discord.gg/ErBmGbZfwT)
-- Create a discussion on GitHub
+- Check existing [GitHub Issues](https://github.com/CodeMeAPixel/FixFX/issues)
+- Join our [Discord](https://discord.gg/cYauqJfnNK)
+- Email: [hey@codemeapixel.dev](mailto:hey@codemeapixel.dev)
 
 ## License
 
 By contributing to FixFX, you agree that your contributions will be licensed under the AGPL 3.0 License.
-
----
-
-Thank you for contributing to FixFX! Your efforts help make FiveM development more accessible to everyone.

.github/SECURITY.md

@@ -0,0 +1,69 @@
+# Security Policy
+
+## Supported Versions
+
+We actively maintain security updates for the following versions:
+
+| Version | Supported |
+|---------|-----------|
+| Latest  | Yes       |
+| < 1.0   | No        |
+
+## Reporting a Vulnerability
+
+We take security vulnerabilities seriously. If you discover a security issue, please report it responsibly.
+
+### How to Report
+
+**Do not open a public issue for security vulnerabilities.**
+
+Instead, please use one of the following methods:
+
+1. **Email**: Send details to [hey@codemeapixel.dev](mailto:hey@codemeapixel.dev)
+2. **GitHub Security Advisories**: Use the [Security tab](https://github.com/CodeMeAPixel/FixFX/security/advisories/new) to privately report the issue
+
+### What to Include
+
+When reporting a vulnerability, please provide:
+
+- A clear description of the vulnerability
+- Steps to reproduce the issue
+- Potential impact of the vulnerability
+- Any suggested fixes or mitigations (if applicable)
+
+### Response Timeline
+
+- **Initial Response**: Within 48 hours
+- **Status Update**: Within 7 days
+- **Resolution Target**: Within 30 days for critical issues
+
+### After Reporting
+
+1. We will acknowledge receipt of your report
+2. We will investigate and validate the issue
+3. We will work on a fix and coordinate disclosure timing with you
+4. We will credit you in the security advisory (unless you prefer anonymity)
+
+## Security Best Practices
+
+When contributing to FixFX:
+
+- Keep dependencies updated
+- Never commit secrets, API keys, or credentials
+- Follow secure coding practices
+- Validate and sanitize all user inputs
+- Use environment variables for sensitive configuration
+
+## Scope
+
+This security policy applies to:
+
+- The FixFX frontend application
+- The FixFX backend API
+- Official deployment infrastructure
+
+Third-party integrations and dependencies are outside our direct control but we will work with upstream maintainers when issues are discovered.
+
+## Recognition
+
+We appreciate security researchers who help keep FixFX safe. Contributors who responsibly disclose vulnerabilities will be acknowledged in our security advisories and README.