Elgato_dark/python-tuf
1
0
Fork 0
mirror of https://github.com/theupdateframework/python-tuf synced 2026-05-24 10:08:28 +00:00
Code Issues Projects Releases Packages Wiki Activity Actions
python-tuf/docs/GOVERNANCE.md
Vladimir Diaz 1212594a57
More organizational changes 
Modified documentation links in README.
Added a Getting Started doc

Signed-off-by: Vladimir Diaz <vladimir.v.diaz@gmail.com>
2018-01-24 14:09:48 -05:00

50 lines
2.4 KiB
Markdown
Raw Permalink Blame History

# TUF governance
This document covers the project's governance and committer process. The
project consists of the TUF
[specification](https://github.com/theupdateframework/specification) and
[reference implementation](https://github.com/theupdateframework/tuf).
## Maintainership and Consensus Builder
The project is maintained by the people indicated in
[MAINTAINERS](MAINTAINERS.txt). A maintainer is expected to (1) submit and
review GitHub pull requests and (2) open issues or [submit vulnerability
reports](https://github.com/theupdateframework/tuf#security-issues-and-bugs).
A maintainer has the authority to approve or reject pull requests submitted by
contributors. The project's Consensus Builder (CB) is
Justin Cappos <jcappos@nyu.edu, @JustinCappos>.
## Contributions
[A contributor can submit GitHub pull
requests](CONTRIBUTORS.rst)
to the project's repositories. They must follow the project's [code of
conduct](CODE-OF-CONDUCT.md), the [developer certificate of
origin](https://developercertificate.org/), the [code style
guidelines](https://github.com/secure-systems-lab/code-style-guidelines), and
must unit test any new software feature or change. Submitted pull requests
undergo review and automated testing, including, but not limited to:
* Unit and build testing via [Travis CI](https://travis-ci.org/) and
[Tox](https://tox.readthedocs.io/en/latest/).
* Static code analysis via [Pylint](https://www.pylint.org/) and
[Bandit](https://wiki.openstack.org/wiki/Security/Projects/Bandit).
* Checks for Signed-off-by commits via [Probot: DCO](https://github.com/probot/dco).
* Review by one or more
[maintainers](MAINTAINERS.txt).
A contributor can propose changes to the specification with a [TUF Augmentation
Proposal](https://github.com/theupdateframework/taps) (TAP). It is a design
document providing information to the TUF community, or describing a new
feature for TUF or its processes or environment.
A [TAP](TAP.rst) can be approved or rejected by the CB after it has been reviewed and
discussed. Discussions take place on the project's [mailing
list](https://groups.google.com/forum/?fromgroups#!forum/theupdateframework) or
the TAPs GitHub issue tracker.
## Changes in maintainership
A contributor to the project must express interest in becoming a maintainer.
The CB has the authority to add or remove maintainers.
## Changes in governance
The CB supervises changes in governance.
Reference in a new issue View git blame Copy permalink