Versions Compared

Old Version 5

changes.mady.by.user Ramakrishna V

Saved on

compared with

New Version Current

changes.mady.by.user David Enyeart

Saved on

Key

  • This line was added.
  • This line was removed.
  • Formatting was changed.

...

  • Legal
  • Decentralized (Diversity)
  • Release
  • Testing
  • Documentation
  • Alignment
  • Infrastructure
  • CII
  • (We can also add badges for Security Vulnerability compliance. I think we can extract other badges from the current Project Best Practices document.)

The process of acquiring badges was also described in an HL Wiki page. It was recommended that the maintainers self-certify their projects for a given badge, after which there could be an open discussion among Hyperledger contributors and that project's maintainers. Any disagreements would come up before the TOC, which would rule on the appropriateness of the certification (i.e., allow the badge to be retained or have it revoked.) Some badges would have renewal requirements (depending on the continual compliance of the project with the badge's criteria) whereas others could be used in perpetuity.

Discussion/Recommendations

  • Augmentation of the HL project lifecycle graph: we need to incorporate review labels, criteria, and processes.
  • We need to specify a list of forward and reverse review criteria and processes.
  • Badges seem like a good idea to indicate the health of a project, but if we do use them, they ought to co-exist with the (augmented) lifecycle graph and not replace it.
  • If we do use badges, is self-certification a good idea? Or should badges be requested, and awarded (or rejected) after a TOC review? (The latter will impose a lot of overhead on the TOC)
  • We need to incorporate Hyperledger Lab projects into the lifecycle chart. The process for a Lab that seeks to become a full project is clear; it must begin at the Proposal stage. But the process for a Lab to join or merge with an existing HL project is unclear. Currently, it is left to the discretion of the maintainers (as happened with the Cactus-Weaver merger). It is also not clear whether a Lab must meet Incubation Exit Criteria before it can join a Gaduated project.
  • If we use badges, would Lab projects also qualify for them or just full HL projects?

List of deliverables or work products

OpenSSF Scorecard slides

Widget Connector
urlhttps://docs.google.com/presentation/d/18zO30diSW1jUfQwoglWza0Lx2_Q8vwuE__q-JdoC3ho/edit?usp=sharing
 
View file
nameOpenSSF Scoreboard for Hyperledger.pdf
height250





Time to complete


Leader


Initial participant list

...

https://discord.com/channels/

References

https://youtu.be/EMdGhIKWYKk Meeting 10 AUG 2023

https://youtu.be/R6ci1hlI6-g 18 AUG 2023