chore: updated the Contributing and Security guides to reflect our current practices

[M0NsTeRRR]

Description

chore: updated the Contributing and Security guides to reflect our cu…

How Has This Been Tested?

Screenshots / Logs (if applicable)

Checklist:

• I have read and followed the contribution guidelines.
• Disclosed any use of AI (see our policy)
• I have updated the documentation accordingly.
• All new and existing tests passed.
• Successful build pnpm build
• Translation keys pnpm i18n:extract
• Database migration (if required)

Summary by CodeRabbit

• Documentation
  • Refined contribution guidelines: updated Git workflow to use switch-based commands, clarified rebasing guidance, and shifted Conventional Commits enforcement to PR titles.
  • Added an AI assistance notice to security guidance: mandatory disclosure for AI-assisted contributions, examples of acceptable disclosures, and review expectations for such contributions.

[coderabbitai]

📝 Walkthrough

Walkthrough

Updates to CONTRIBUTING.md replace git checkout with git switch, shift Conventional Commits enforcement from individual commits to PR titles, and clarify rebase guidance. SECURITY.md adds an "AI Assistance Notice" section requiring disclosure and review expectations for AI-assisted contributions.

Changes

Cohort / File(s)	Summary
Git workflow & contribution guidance CONTRIBUTING.md	Replaces git checkout examples with git switch, changes Conventional Commits requirement to apply to PR titles (non-compliant PRs won't be merged), and updates rebase phrasing to "rebase your branch to the latest develop". Minor wording and example updates.
AI assistance policy addition SECURITY.md	Adds an "AI Assistance Notice" section detailing mandatory disclosure of AI-generated contributions, examples of acceptable disclosures, and review/quality expectations for maintainers and contributors.

Estimated code review effort

🎯 3 (Moderate) | ⏱️ ~20 minutes

Possibly related PRs

• ci: add semantic-pr workflow to enforce conventional commits #2472: Also modifies CONTRIBUTING.md to enforce Conventional Commits at PR-title level and adds automation to enforce PR-title checks.
• chore: update contributing guide regarding Automated AI Agent #2518: Adds/updates repository guidance on AI assistance policy similar to the new SECURITY.md notice.

Suggested reviewers

• gauthier-th
• fallenbagel
• sudo-kraken

Poem

🐰 I hopped through lines of docs with care,
Swapped checkouts for switches in the air,
I whispered of AI, "Please tell us true,"
Rebasing branches, tidy and new,
A tiny carrot for reviewers too. 🥕

🚥 Pre-merge checks | ✅ 2

✅ Passed checks (2 passed)

Check name	Status	Explanation
Description Check	✅ Passed	Check skipped - CodeRabbit’s high-level summary is enabled.
Title check	✅ Passed	The title accurately describes the main changes: updates to CONTRIBUTING.md and SECURITY.md to reflect current practices, which aligns with the actual file modifications.

_{✏️ Tip: You can configure your own custom pre-merge checks in the settings.}

---

_{Comment @coderabbitai help to get the list of available commands and usage tips.}

[coderabbitai]

Actionable comments posted: 4

Caution

Some comments are outside the diff and can’t be posted inline due to platform limitations.

⚠️ Outside diff range comments (1)

CONTRIBUTING.md (1)

45-46: ⚠️ Potential issue | 🟡 Minor

Typo: missing apostrophe in "maintainers job".

Same issue as in SECURITY.md — "maintainers" should be "maintainer's".

✏️ Proposed fix

-It isn't a maintainers job to review a PR so broken that it requires
+It isn't a maintainer's job to review a PR so broken that it requires

🤖 Prompt for AI Agents

Verify each finding against the current code and only fix it if needed.

In `@CONTRIBUTING.md` around lines 45 - 46, Replace the typo "maintainers job" in
CONTRIBUTING.md with the possessive "maintainer's job"; locate the sentence
containing "isn't a maintainers job to review a PR so broken that it requires
significant rework to be acceptable." and change it to "isn't a maintainer's job
to review a PR so broken that it requires significant rework to be acceptable."
to match the fix applied in SECURITY.md.

🤖 Prompt for all review comments with AI agents

Verify each finding against the current code and only fix it if needed.

Inline comments:
In `@CONTRIBUTING.md`:
- Around line 182-185: Replace the grammatically incorrect phrase "Switch the
`develop` branch" with "Switch to the `develop` branch" in the CONTRIBUTING.md
sentence that begins with "3. Switch the `develop` branch and create the
original database..." so the instruction reads "Switch to the `develop` branch
and create the original database..." ensuring consistency with the `git switch`
wording used elsewhere.
- Around line 133-134: Replace the wording "rebase your commit" with "rebase
your branch" and update the second sentence to refer to "your branch" as well
(e.g., "It is your responsibility to keep your branch up-to-date. Your work will
not be merged unless it is rebased off the latest `develop` branch.") so both
lines in CONTRIBUTING.md consistently reference rebasing the branch rather than
a singular commit.

In `@SECURITY.md`:
- Around line 51-52: Fix the typo in SECURITY.md by changing "maintainers job"
to "maintainer's job"—locate the phrase "maintainers job" in the SECURITY.md
content and insert the missing apostrophe so it reads "maintainer's job".
- Around line 11-54: Remove the duplicated AI disclosure prose under the "AI
Assistance Notice" section in SECURITY.md (the long paragraph block after the
callout) and replace it with a single sentence cross-reference to
CONTRIBUTING.md pointing readers there for the full AI disclosure and PR
guidance; keep the existing callout block titled "AI Assistance Notice" (the
short summary/callout at the top) for awareness, and ensure the new sentence
clearly directs readers to CONTRIBUTING.md for contributor-facing AI-disclosure
rules and examples.

---

Outside diff comments:
In `@CONTRIBUTING.md`:
- Around line 45-46: Replace the typo "maintainers job" in CONTRIBUTING.md with
the possessive "maintainer's job"; locate the sentence containing "isn't a
maintainers job to review a PR so broken that it requires significant rework to
be acceptable." and change it to "isn't a maintainer's job to review a PR so
broken that it requires significant rework to be acceptable." to match the fix
applied in SECURITY.md.

---

ℹ️ Review info

Configuration used: Organization UI

Review profile: CHILL

Plan: Pro

📥 Commits

Reviewing files that changed from the base of the PR and between 55776ea and 2cbedda.

📒 Files selected for processing (2)

• CONTRIBUTING.md
• SECURITY.md

[coderabbitai]

🧹 Nitpick comments (1)

CONTRIBUTING.md (1)

133-133: Nit: prefer "onto" over "to" for idiomatic git rebase wording.

"Rebase … onto" is the standard phrasing (matching git rebase --onto and official Git documentation), whereas "rebase … to" is non-standard.

✏️ Proposed fix

-- Always rebase your branch to the latest `develop` branch.
+- Always rebase your branch onto the latest `develop` branch.

🤖 Prompt for AI Agents

Verify each finding against the current code and only fix it if needed.

In `@CONTRIBUTING.md` at line 133, Change the phrasing "Always rebase your branch
to the latest `develop` branch." to use idiomatic Git wording: "Always rebase
your branch onto the latest `develop` branch." Update the sentence in the
CONTRIBUTING guideline so it matches standard Git documentation and the `git
rebase --onto` terminology.

🤖 Prompt for all review comments with AI agents

Verify each finding against the current code and only fix it if needed.

Nitpick comments:
In `@CONTRIBUTING.md`:
- Line 133: Change the phrasing "Always rebase your branch to the latest
`develop` branch." to use idiomatic Git wording: "Always rebase your branch onto
the latest `develop` branch." Update the sentence in the CONTRIBUTING guideline
so it matches standard Git documentation and the `git rebase --onto`
terminology.

---

ℹ️ Review info

Configuration used: Organization UI

Review profile: CHILL

Plan: Pro

📥 Commits

Reviewing files that changed from the base of the PR and between 2cbedda and 5c2c871.

📒 Files selected for processing (1)

• CONTRIBUTING.md