From b91bdf696bea32b7bd533756be57c4653754a138 Mon Sep 17 00:00:00 2001 From: Stephen Augustus Date: Tue, 28 May 2024 15:50:53 +0200 Subject: [PATCH] docs: Adopt OpenSSF Scorecard contributor ladder Signed-off-by: Stephen Augustus --- CONTRIBUTING.md | 6 +++-- MAINTAINERS.md | 23 ++++++++++++++++++ contributor-ladder.md | 55 +++++++++++++------------------------------ 3 files changed, 44 insertions(+), 40 deletions(-) create mode 100644 MAINTAINERS.md diff --git a/CONTRIBUTING.md b/CONTRIBUTING.md index 8f6912bb..c8883d48 100644 --- a/CONTRIBUTING.md +++ b/CONTRIBUTING.md @@ -12,9 +12,11 @@ Conduct.](https://openssf.org/community/code-of-conduct/) * When contributing large features, upate [whats-new.md](whats-new.md) * All git commits must have [DCO](https://wiki.linuxfoundation.org/dco) -## Contribitor Ladder +## Contributor Ladder -[contributor-ladder.md](contributor-ladder.md) +Allstar follows the [OpenSSF Scorecard contributor ladder](https://github.com/ossf/scorecard/blob/main/CONTRIBUTOR_LADDER.md). + +Details on the previous Allstar contributor ladder can be found [here](/contributor-ladder.md). ## Community diff --git a/MAINTAINERS.md b/MAINTAINERS.md new file mode 100644 index 00000000..9070adb5 --- /dev/null +++ b/MAINTAINERS.md @@ -0,0 +1,23 @@ +# Maintainers + +## `allstar-maintainers` + +- @jeffmendoza + +## Contributors + +- @coheigea +- @danielbankhead +- @five510 +- @justaugustus +- @markdboyd +- @naveensrinivasan +- @olivekl +- @yorinasub17 + +## Emeritus + +Former maintainers are listed here. +Thanks for your contributions to Scorecard! + +- diff --git a/contributor-ladder.md b/contributor-ladder.md index ad002284..98477cd9 100644 --- a/contributor-ladder.md +++ b/contributor-ladder.md @@ -1,48 +1,27 @@ # Contributor Ladder -| Name | Prerequisites: Indicators to look for before promotion | Expectations | Recognition, Access, Effect of access | -| - | - | - | - | -| Contributors | One of: 1. Regular PRs for code/docs. 2. Regular feedback on discussion topics in issues/slack 3. Regular meeting attendance and contribution. For a period of time: 30 days or more. | Continue pre-req. | Added as GitHub Outside Collaborator to repo with read permissions. Tests on PRs run automatically without approval | -| Maintainers | Regular PRs for code/docs of moderate to substantial impact. Participates in many high-level proposals and discussions. | Available to have PRs assigned to them for review: Will review within 3 business days, otherwise notifies team when unable to review (ooo, etc.) Responds to requests for input/discussion over issues and slack | Added as GitHub Outside Collaborator to repo with write/push access. Approves and merges PRs | -| Leaders | Consistently drives the project through code, proposals, project direction, leadership, etc. | As a group, responds and makes final decisions through consensus on all large proposals, features, architecture changes, design, documentation of project | Full access and ownership. Creates releases, and finalizes changelog updates, sends project update announcements. | - -## Promotion Process - -Please submit a PR to this file with the promotion proposed, and include -evidence of the proposed member meeting the prerequisites. The proposed member -must agree to uphold the expectations of the new level. The existing -Maintainers and Leaders will reach consensus that the prerequites are met and -merge the PR. - -### Appeals +***Allstar follows the [OpenSSF Scorecard contributor ladder](https://github.com/ossf/scorecard/blob/main/CONTRIBUTOR_LADDER.md).*** -Appeals will be discussed as a meeting agneda item in the [Securing Critical -Projects](https://github.com/ossf/wg-securing-critical-projects) Working -Group. Please see the WG page for meeting times. +Contributors to Allstar are documented in [MAINTAINERS.md](/MAINTAINERS.md). -## Current list +## Changes -### Contributors +This section briefly details key differences between the OpenSSF Scorecard contributor ladder and the legacy Allstar contributor ladder. -- @coheigea -- @danielbankhead -- @five510 -- @justaugustus -- @markdboyd -- @naveensrinivasan -- @olivekl -- @yorinasub17 +- *Active* legacy "Contributors" who are not OpenSSF GitHub organization members are now ["Community Members"](https://github.com/ossf/scorecard/blob/main/CONTRIBUTOR_LADDER.md#community-members) + - Community Members are eligible for [OpenSSF GitHub organization](https://github.com/ossf) membership. Outside collaborator access [***should never be granted***](https://github.com/ossf/tac/blob/main/policies/access.md#teams-not-individuals). +- Existing OpenSSF GitHub organization members who are actively reviewing content can be granted [Triagers access](https://github.com/ossf/scorecard/blob/main/CONTRIBUTOR_LADDER.md#triagers) +- Legacy "Maintainers" and "Leaders" are now considered equivalent [access levels][maintainers-access] +- Existing OpenSSF Scorecard maintainers may be granted [Maintainer access][maintainers-access], based on need -### Maintainers +[maintainers-access]: https://github.com/ossf/scorecard/blob/main/CONTRIBUTOR_LADDER.md#maintainers -### Leaders +## Legacy contributor ladder -- @jeffmendoza +This section exists for historical purposes to detail the legacy Allstar contributor ladder, ***which is no longer in use***. -## Notes - -- Only "outside collaborator" access is included above. We would like - to determine OpenSSF GitHub Org membership requirements and add that - at the Maintainer level. - -- Please suggest more recognition items for the Contributor level. +| Name | Prerequisites: Indicators to look for before promotion | Expectations | Recognition, Access, Effect of access | +| - | - | - | - | +| Contributors | One of: 1. Regular PRs for code/docs. 2. Regular feedback on discussion topics in issues/slack 3. Regular meeting attendance and contribution. For a period of time: 30 days or more. | Continue pre-req. | Added as GitHub Outside Collaborator to repo with read permissions. Tests on PRs run automatically without approval | +| Maintainers | Regular PRs for code/docs of moderate to substantial impact. Participates in many high-level proposals and discussions. | Available to have PRs assigned to them for review: Will review within 3 business days, otherwise notifies team when unable to review (ooo, etc.) Responds to requests for input/discussion over issues and slack | Added as GitHub Outside Collaborator to repo with write/push access. Approves and merges PRs | +| Leaders | Consistently drives the project through code, proposals, project direction, leadership, etc. | As a group, responds and makes final decisions through consensus on all large proposals, features, architecture changes, design, documentation of project | Full access and ownership. Creates releases, and finalizes changelog updates, sends project update announcements. |