finos
diff --git a/‎.github/workflows/build.yml
+2-2 b/‎.github/workflows/build.yml
+2-2
diff --git a/‎.github/workflows/push.yml
+4-4 b/‎.github/workflows/push.yml
+4-4
diff --git a/‎.github/workflows/pylint.yaml
+3-3 b/‎.github/workflows/pylint.yaml
+3-3
diff --git a/‎.github/workflows/security.yml
+56 b/‎.github/workflows/security.yml
+56
diff --git a/‎.pylintrc
+2-1 b/‎.pylintrc
+2-1
diff --git a/‎CONTRIBUTING.md
+45-21 b/‎CONTRIBUTING.md
+45-21
@@ -2,9 +2,9 @@ name: build
 
 on:
   push:
-    branches: [ "2.0", "2.0-rc" ]
+    branches: [ "main", "2.0-rc" ]
   pull_request:
-    branches: [ "2.0", "2.0-rc" ]
+    branches: [ "main", "2.0-rc" ]
 
 jobs:
   build:
 
@@ -1,8 +1,8 @@
-name: On 2.0 push
+name: On main push
 
 on:
   push:
-    branches: [ "2.0" ]
+    branches: [ "main" ]
 
 jobs:
   security:
@@ -30,10 +30,10 @@ jobs:
         with:
           python-version: 3.8
 
-      - name: Copy 2.0 branch into gh-pages
+      - name: Copy main branch into gh-pages
         run: |
           git checkout gh-pages
-          git reset --hard 2.0
+          git reset --hard main
 
       - name: Get pip cache dir
         id: pip-cache
 
@@ -2,9 +2,9 @@ name: pylint
 
 on:
   push:
-    branches: [ "2.0" ]
+    branches: [ "main" ]
   pull_request:
-    branches: [ "2.0" ]
+    branches: [ "main" ]
 
 jobs:
   build:
@@ -43,7 +43,7 @@ jobs:
           workflow_conclusion: success
           name: .pylint.d
           path: /home/runner/.pylint.d
-          branch: "2.0"
+          branch: "main"
 
       - name: Run Pylint
         run: pylint symphony tests
 
@@ -0,0 +1,56 @@
+name: security-checks
+
+on:
+  push:
+    branches: [ "main", "2.0-rc" ]
+  pull_request:
+    branches: [ "main", "2.0-rc" ]
+
+jobs:
+  build:
+    name: security-checks
+    runs-on: ubuntu-latest
+
+    steps:
+      - name: Checkout Code
+        uses: actions/checkout@v2
+
+      - name: Set up Python 3.8
+        id: setup-python
+        uses: actions/setup-python@v2
+        with:
+          python-version: 3.8
+
+      - name: Get pip cache dir
+        id: pip-cache
+        run: |
+          echo "::set-output name=dir::$(pip cache dir)"
+
+      - name: Cache pip dependencies
+        uses: actions/cache@v2
+        with:
+          path: ${{ steps.pip-cache.outputs.dir }}
+          key: ${{ runner.os }}-pip-${{ steps.setup-python.outputs.python-version }}
+
+      - name: Install Poetry
+        run: pip install poetry
+
+      - name: Cache poetry
+        uses: actions/cache@v2
+        with:
+          path: ~/.cache/pypoetry/virtualenvs
+          key: ${{ runner.os }}-poetry-${{ steps.setup-python.outputs.python-version }}-${{ hashFiles('poetry.lock') }}
+          restore-keys: |
+            ${{ runner.os }}-poetry-${{ steps.setup-python.outputs.python-version }}-
+
+      - name: Install dependencies
+        run: poetry install
+
+      - name: Export dependencies
+        run: poetry export -o requirements.txt
+
+      - name: Run license checks
+        run: poetry run liccheck
+
+      - name: Run CVE checks
+        run: poetry run safety check
@@ -140,7 +140,8 @@ disable=print-statement,
         deprecated-sys-function,
         exception-escape,
         comprehension-escape,
-        missing-module-docstring
+        missing-module-docstring,
+        protected-access
 
 # Enable the message, report, category or checker with the given id(s). You can
 # either give multiple identifier separated by comma (,) or put this option
 
@@ -1,31 +1,55 @@
-# How to contribute
+# Symphony BDK for Python Contribution and Governance Policies
 
-If you found a bug or issue, please ensure the bug was not already reported by searching in
-[GitHub issues](https://github.com/SymphonyPlatformSolutions/symphony-api-client-python/issues).
-If you are unable to find an open issue addressing the problem, open a new one.
-Be sure to include a title and clear description, the SDK version, and a code sample demonstrating the issue.
+This document describes the contribution process and governance policies of the FINOS {project name} project. The project is also governed by the [Linux Foundation Antitrust Policy](https://www.linuxfoundation.org/antitrust-policy/), and the FINOS [IP Policy](https://github.com/finos/community/blob/master/governance/IP-Policy.pdf), [Code of Conduct](https://github.com/finos/community/blob/master/governance/Code-of-Conduct.md), [Collaborative Principles](https://github.com/finos/community/blob/master/governance/Collaborative-Principles.md), and [Meeting Procedures](https://github.com/finos/community/blob/master/governance/Meeting-Procedures.md).
 
-If you open a PR to fix any issue, please reference the ticket in the PR title.
-A [Symphony SDK team](https://github.com/orgs/SymphonyPlatformSolutions/teams/symphony-sdk/members) member
-will have to approve before it is merged and eventually released.
+## Contribution Process
 
-## Module and package structure
+Before making a contribution, please take the following steps:
+1. Check whether there's already an open issue related to your proposed contribution. If there is, join the discussion and propose your contribution there.
+2. If there isn't already a relevant issue, create one, describing your contribution and the problem you're trying to solve.
+3. Respond to any questions or suggestions raised in the issue by other developers.
+4. Fork the project repository and prepare your proposed contribution.
+5. Submit a pull request.
 
-Source code is divided into three main packages:
-* [sym_api_client_python](sym_api_client_python) which contains the SDK source code;
-* [tests](tests) which contains unit tests;
-* [examples](examples) which contains code samples illustrating SDK basic usage.
+NOTE: All contributors must have a contributor license agreement (CLA) on file with FINOS before their pull requests will be merged. Please review the FINOS [contribution requirements](https://finosfoundation.atlassian.net/wiki/spaces/FINOS/pages/75530375/Contribution+Compliance+Requirements) and submit (or have your employer submit) the required CLA before submitting a pull request.
 
-## Testing
+## Governance
 
-Unit tests should be added or updated each time a PR is submitted.
+### Roles
 
-## Coding guidelines
+The project community consists of Contributors and Maintainers:
+* A **Contributor** is anyone who submits a contribution to the project. (Contributions may include code, issues, comments, documentation, media, or any combination of the above.)
+* A **Maintainer** is a Contributor who, by virtue of their contribution history, has been given write access to project repositories and may merge approved contributions.
+* The **Lead Maintainer** is the project's interface with the FINOS team and Board. They are responsible for approving [quarterly project reports](https://finosfoundation.atlassian.net/wiki/spaces/FINOS/pages/93225748/Board+Reporting+and+Program+Health+Checks) and communicating on behalf of the project. The Lead Maintainer is elected by a vote of the Maintainers. 
 
-The guidelines outlined in [PEP 8](https://www.python.org/dev/peps/pep-0008/) should be followed on any code update.
+### Contribution Rules
 
-## Documentation
+Anyone is welcome to submit a contribution to the project. The rules below apply to all contributions. (The key words "MUST", "SHALL", "SHOULD", "MAY", etc. in this document are to be interpreted as described in [IETF RFC 2119](https://www.ietf.org/rfc/rfc2119.txt).)
 
-Public classes and methods should be properly documented using javadoc. Main features should be documented using
-[Markdown](https://daringfireball.net/projects/markdown/) under the [docs folder](docs)
-and exemplified with runnable code under the [examples package](examples).
+* All contributions MUST be submitted as pull requests, including contributions by Maintainers.
+* All pull requests SHOULD be reviewed by a Maintainer (other than the Contributor) before being merged.
+* Pull requests for non-trivial contributions SHOULD remain open for a review period sufficient to give all Maintainers a sufficient opportunity to review and comment on them.
+* After the review period, if no Maintainer has an objection to the pull request, any Maintainer MAY merge it.
+* If any Maintainer objects to a pull request, the Maintainers SHOULD try to come to consensus through discussion. If not consensus can be reached, any Maintainer MAY call for a vote on the contribution.
+
+### Maintainer Voting
+
+The Maintainers MAY hold votes only when they are unable to reach consensus on an issue. Any Maintainer MAY call a vote on a contested issue, after which Maintainers SHALL have 36 hours to register their votes. Votes SHALL take the form of "+1" (agree), "-1" (disagree), "+0" (abstain). Issues SHALL be decided by the majority of votes cast. If there is only one Maintainer, they SHALL decide any issue otherwise requiring a Maintainer vote. If a vote is tied, the Lead Maintainer MAY cast an additional tie-breaker vote.
+
+The Maintainers SHALL decide the following matters by consensus or, if necessary, a vote:
+* Contested pull requests
+* Election and removal of the Lead Maintainer
+* Election and removal of Maintainers
+
+All Maintainer votes MUST be carried out transparently, with all discussion and voting occurring in public, either:
+* in comments associated with the relevant issue or pull request, if applicable;
+* on the project mailing list or other official public communication channel; or
+* during a regular, minuted project meeting.
+
+### Maintainer Qualifications
+
+Any Contributor who has made a substantial contribution to the project MAY apply (or be nominated) to become a Maintainer. The existing Maintainers SHALL decide whether to approve the nomination according to the Maintainer Voting process above.
+
+### Changes to this Document
+
+This document MAY be amended by a vote of the Maintainers according to the Maintainer Voting process above.