Merged PR 9161321: Update documentation based on new branch names

This PR updates the documentation to reflect new branch names, and also clarifies the external contributors policy.

BRANCHES.md

@@ -0,0 +1,52 @@
+# Branches
+This file describes the branch structure used for SymCrypt.
+
+## Branch Names
+- **main**: The latest fully validated Symcrypt library.
+- **publish**:	This branch gets published to the public GitHub repo as the main branch there. This branch should only be used for publishing, and not for anything else.
+- **user/<alias>/\***: Working branch names for each contributor.
+- **CONF-\***:	Branch names for temporarily confidential changes. One CONF-* branch per change.
+- **CONF**:	Branch that combines main and all the CONF-* branches for testing. Only exists when there are multiple confidential changes.
+
+## Work flow for normal feature work
+1. Create a user/<alias>/\* branch off main for the work
+1. Do the development work on that branch
+1. Locally build and test the private changes (use build.py or scBuild)
+1. Use a PR to merge the change into main
+
+## Work flow for confidential changes
+1. Create a CONF-* branch off main
+1. Develop the fix inside that branch (or use sub-branches for more complex changes)
+1. **DO NOT** merge this into main
+1. For testing, merge the change into the CONF branch, and build out of that branch. (If only one CONF-* branch is active, you can use that to build and test.)
+1. When the change is no longer confidential, use a PR to merge the change into main and delete the CONF-* branch.
+
+To keep the CONF-* branches current they have to be rebased to the top of main at suitable intervals.
+
+The CONF branch should be rebuilt at regular intervals to keep it in sync with main by:
+- rebase all CONF-* branches to the top of main
+- Delete the CONF branch and re-create it from the top of main
+- merge all CONF-* branches into CONF
+
+Confidential changes should be relatively rare, so much of the time we won't even 
+have a CONF branch, and multiple CONF-* branches should be very rare.
+However, this structure allows us to add new confidential 
+changes and later publish each confidential change without any restriction to order. 
+
+Note: the reason for having confidential changes is that a fix for a security 
+weakness cannot be published until the patch is available and deployed for all
+downlevel platforms. As soon as the fix is deployed, the confidential change
+must be merged into main so that it can be published.
+
+## Work flow for publishing
+The publish branch only ever takes merges from main, and never from anywhere
+else. The publishing workflow is:
+
+1. Merge main into publish 
+1. Use `PublishToGithub.cmd` to push the publish branch to Github
+
+
+
+
+
+

BranchStructure.txt

@@ -1,65 +0,0 @@
-Branch structure used for SymCrypt.
-Niels Ferguson, 20190417
-
-BRANCH NAMES:
-master	The latest fully validated Symcrypt library.
-
-publish	This branch gets published to the public GitHub repo as the master branch there.
-	This branch should only be used for publishing, and not for anything else.
-
-<alias>-* Working branch names for each contributor
-
-CONF-*	Branch names for temporarily confidential changes. One CONF-* branch per change.
-
-CONF	Branch that combines master and all the CONF-* branches for testing.
-
-
-WORK FLOW for normal feature work:
-- Create a <alias>-* branch off master for the work
-- Do the development work on that branch
-- Run scBuild out of the private branch (which runs all tests)
-- Use a PR to merge the change into master
-- Run scBuild on master to ensure that it is still consistent
-
-
-WORK FLOW for confidential changes:
-- Create a CONF-* branch off master
-- develop the fix inside that branch (or use sub-branches for more complex changes)
-- DO NOT merge this into master
-- For testing, merge the change into the CONF branch, and build out of that branch
-  (If only one CONF-* branch is active, you can use that to build and test.)
-
-- When the change is no longer confidential, use a PR to merge the change into master  
-  and delete the CONF-* branch.
-
-- To keep the CONF-* branches current they have to be rebased to the top of master 
-  at suitable intervals.
-
-- The CONF branch should be rebuilt at regular intervals to keep it in sync with 
-  master by:
-	- rebase all CONF-* branches to the top of master
-	- Delete the CONF branch and re-create it from the top of master
-	- merge all CONF-* branches into CONF
-
-Confidential changes should be relatively rare, so much of the time we won't even 
-have a CONF branch, and multiple CONF-* branches should be very rare.
-However, this structure allows us to add new confidential 
-changes and later publish each confidential change without any restriction to order. 
-
-Note: the reason for having confidential changes is that a fix for a security 
-weakness cannot be published until the patch is available and deployed for all
-downlevel platforms. As soon as the fix is deployed, the confidential change
-must be merged into master so that it can be published.
-
-
-WORK FLOW for publishing:
-The publish branch only ever takes merges from master, and never from anywhere
-else. The publishing workflow is
-- Merge master into publish 
-- Use the script to push the publish branch to Github
-
-
-
-
-
-

PublishToGithub.cmd

@@ -1 +1 @@
-git push https://github.com/Microsoft/SymCrypt.git publish:master
+git push https://github.com/Microsoft/SymCrypt.git publish:main

README.md

@@ -67,7 +67,8 @@ If you believe you have found a problem that affects the security of this code,
 or pull request, but instead email your comments to secure@microsoft.com. See [SECURITY.md](SECURITY.md) for more info.
 
 # Contribute
-We love to receive comments and suggestions. Unfortunately we cannot accept external code contributions at this time.
+We love to receive comments and suggestions. Unfortunately we cannot accept external code contributions except in
+specific circumstances from vetted partners with whom we have a pre-arranged agreement.
 Cryptographic code is considered highly sensitive by many of our large customers.
 We have some very big customers who put great value in the assurance of the crypto code used in their organization.
 By restricting the coding to a handful of employees we can greatly reduce the (perceived) risk of malicious contributions.