Page History

...

• Legal - Apache 2 license

• Community support - Active and diverse contributors, plus see Community section below

• Test coverage - Automated unit and integration test suites

• Documentation - plus see Documentation section below

• Infrastructure - plus see Common Repository Structure and Community sections

• Security - plus see Security section below

• OpenSSF Best Practices Badge - https://bestpractices.coreinfrastructure.org/en

• NOTE - As the TOC comes to consensus on more best practices, we could add those to Project Incubation Exit Criteria.

Project Governance

• Use an RFC process for driving consensus and agreement on project major decisions, features, design, etc. Examples:

  • https://github.com/hyperledger/aries-rfcs

  • https://github.com/hyperledger/sawtooth-rfcs (same process in Ursa, Grid)

  • https://github.com/hyperledger/fabric-rfcs (evolution of sawtooth RFC process)

• Team structure, decision making - example https://github.com/hyperledger/sawtooth-rfcs/blob/main/text/0006-sawtooth-governance.md

...

• Mailing lists - perhaps one targeted for users and another targeted for contributors/maintainers?
  

• Discord Chat - important to strike a balance between too few and too many chat channels

• Public meetings - regular cadence

• Pull Requests - quick review turnarounds are appreciated and encourage future contributions

• Contributing docs - examples:

  • https://wiki.hyperledger.org/display/BESU/Contributing

  • https://github.com/hyperledger/cacti/blob/main/CONTRIBUTING.md

  • https://hyperledger-fabric.readthedocs.io/en/latest/CONTRIBUTING.html

  • https://wiki.hyperledger.org/display/indy/How+to+Contribute

  • https://hyperledger.github.io/firefly/contributors/

  • https://github.com/hyperledger/iroha/blob/main/CONTRIBUTING.rst

• NOTE - Perhaps common "contributing" content can be aggregated so that each project doesn't have to re-invent and re-document.

Security - see also 2022 security task force

...

• Follow an established Release taxonomy - either SemVer or CalVer

• Document release strategy, release process, branch strategy

• Document Long-term support (LTS) release strategy - example https://github.com/hyperledger/fabric-rfcs/blob/main/text/0005-lts-release-strategy.md

• Use Github actions to automate release process, e.g. publish artifacts and release notes upon drafting a GitHub release

• Release artifacts - attached to GitHub release, docker images in GitHub Packages versus Dockerhub

Continuous Integration (CI)

• GitHub Actions is the recommended platform

• Pull request checks

  • DCO

  • Unit tests

  • Integration tests

  • Scans - see Security section, more comprehensive scans can be run nightly instead

• Test coverage reporting

• See proposed Automated Pipelines task force

...