Szvy: Central V2 Github Verified [better]

| | What GitHub Asked For | How Szvy Labs Delivered | |----------|--------------------------|------------------------------| | 1. Ownership proof | A verified email address belonging to the organization. | Updated the organization’s contact email to a corporate‑grade domain (szvylabs.io) and set up DMARC/SPF. | | 2. Code of Conduct | A clearly defined, enforceable policy. | Adopted the Contributor Covenant v2.1 and added a “Community Moderation” page that listed three volunteer moderators. | | 3. Security policy | A public security policy and a documented vulnerability disclosure process. | Created SECURITY.md , set up a private bug bounty on HackerOne, and wrote a response SLA (24‑hour acknowledgment, 72‑hour fix). | | 4. License clarity | A single, unambiguous open‑source license. | Chose the MIT License for the core, and added an LICENSE-FAIRUSE.md for the optional commercial clause, both clearly linked from the repo root. | | 5. Maintainer identity | Real‑world identities for at least two core maintainers. | Uploaded government‑issued ID photos to GitHub’s “Verified Maintainer” portal for Maya and Ravi. | | 6. CI/CD Transparency | Publicly visible build pipelines, with signed releases. | Exposed the entire GitHub Actions workflow, added GPG signing to every release asset, and published the public GPG key in README.md . | | 7. Community health | Evidence of active issue triage, PR reviews, and contribution guidelines. | Implemented a “First‑Timers‑Only” label, a “Good‑First‑Issue” bot, and a weekly “Community Call” recorded on YouTube. |

If you need the or the maintainer’s GPG fingerprint, perform a live search on GitHub for szvy/central-v2 and check the README.md → “Verification” section. szvy central v2 github verified