UNPKG

html-assets-hash

Version:

Adds content-based hashes to HTML asset URLs to prevent browsers from loading outdated cached files.

github.com/senotrusov/html-assets-hash

senotrusov/html-assets-hash

100 lines (64 loc) 5.39 kB
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
<!-- Copyright 2024-2025 Stanislav Senotrusov Licensed under the Apache License, Version 2.0 (the "License"); you may not use this file except in compliance with the License. You may obtain a copy of the License at http://www.apache.org/licenses/LICENSE-2.0 Unless required by applicable law or agreed to in writing, software distributed under the License is distributed on an "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the License for the specific language governing permissions and limitations under the License. --> # Contribution guidelines ## Code signing Contributors are encouraged to sign their work, such as Git commits and tags. This practice verifies authenticity and protects the project's integrity. GPG keys are the recommended signing method, and signatures using SSH keys or other methods are also accepted. **Further reading:** * [Managing commit signature verification](https://docs.github.com/en/authentication/managing-commit-signature-verification/about-commit-signature-verification) (docs.github.com) * [Signing your work](https://git-scm.com/book/ms/v2/Git-Tools-Signing-Your-Work) (git-scm.com/book) ## Contributor recognition Contributors are warmly invited to add their names to the [CONTRIBUTORS.md](CONTRIBUTORS.md) file, whether contributing through code, documentation, testing, or community support. ## Identity Policy This project respects a contributor's right to choose the identity under which they make contributions. Contributors are not required to use their legal name, birth name, or a name from an official identification document. However, the chosen identity — whether a username, pseudonym, or real name — must be used consistently within the community to represent the contributor. To maintain the integrity and trust of the project, the following principles apply: - **No anonymity or misrepresentation:** While a chosen identity may be used, truly anonymous contributions are not permitted. A contributor's identity must not be false, misleading, or intended to misrepresent authorship. - **Authorship continuity:** A contributor's identity should allow the community to recognize and attribute their contributions. Maintaining consistent authorship upholds trust, accountability, and the long-term integrity of the project. - **Intellectual property and legal compliance:** Contributors must not use their chosen identity to conceal unlawful actions, misappropriate intellectual property, or evade legal or contractual obligations. Any such misuse undermines the project's integrity, the rights of all contributors, and harms those who contribute in good faith under a chosen identity. - **Communication and accountability:** Each contributor must provide a valid email address and remain reachable for project-related matters. In the event of a legal dispute, contributors are expected to assist in establishing the provenance of their contribution. Non-compliance with this policy may result in removal of contributions, suspension from the project, or other actions deemed necessary by project maintainers. By submitting a contribution, the contributor affirms their understanding of and adherence to this policy. ## The use of the Developer's Certificate of Origin This project's application of the Developer's Certificate of Origin aligns with established open-source practice. A sign-off is a statement appended to the end of a commit message, certifying that a contributor is the original author of the contributed work or has the legal authority to submit it under the applicable open-source license. The process is as follows: if a contributor can make the following certification — ```plaintext Developer Certificate of Origin Version 1.1 Copyright (C) 2004, 2006 The Linux Foundation and its contributors. Everyone is permitted to copy and distribute verbatim copies of this license document, but changing it is not allowed. Developer's Certificate of Origin 1.1 By making a contribution to this project, I certify that: (a) The contribution was created in whole or in part by me and I have the right to submit it under the open source license indicated in the file; or (b) The contribution is based upon previous work that, to the best of my knowledge, is covered under an appropriate open source license and I have the right under that license to submit that work with modifications, whether created in whole or in part by me, under the same open source license (unless I am permitted to submit under a different license), as indicated in the file; or (c) The contribution was provided directly to me by some other person who certified (a), (b) or (c) and I have not modified it. (d) I understand and agree that this project and the contribution are public and that a record of the contribution (including all personal information I submit with it, including my sign-off) is maintained indefinitely and may be redistributed consistent with this project or the open source license(s) involved. ``` — then the contributor must include the following line in the commit message: ```plaintext Signed-off-by: Contributor Identity <email@example.com> ``` using a recognized identity that can be attributed to the contributor within the context of the project.