Proposal: Define clear expectations for Triager role in contributor ladder

[lelia]

Is your feature request related to a problem? Please describe.

Currently, the path for Scorecard Triagers is a bit vague and unstructured. The following excerpt from CONTRIBUTOR_LADDER.md describes the responsibilities as such:

- Read through issues and PRs
  - Answer questions when possible
  - Add relevant labels
  - Draw maintainers' attention (via `@mention`) if relevant
  - Close issue (as "completed" or "not planned") if necessary
- Help maintain project quality control via [code reviews] on PRs
  - Focus on code quality and correctness, including testing and factoring
  - May also review for more holistic issues, but not a requirement
- Be responsive to review requests
- May be assigned PRs to review if in area of expertise
- Assigned test bugs related to the project of expertise

There are a few issues with this:

1. No real guidelines or process exists for issue backlog refinement / triaging. There have been prior community efforts to triage the issues in most need of refinement, and maintainers will comment on / address issues as they're able, but this often yields inconsistent results and duplicated efforts.
2. It's difficult for triagers to know which maintainers are a) actively contributing to the codebase, b) have relevant expertise in a particular Scorecard domain, c) have direct knowledge of planned future work for Scorecard. The CODEOWNERS file references ossf/scorecard-maintainers, which corresponds to MAINTAINERS, but there's little else to go on besides using git blame or browsing PR / commit history to discern authorship.
3. The default contributor ladder path assumes that the trajectory will always be triager -> contributor -> maintainer. For non-code contributors, there is little room to grow and contribute more meaningfully to Scorecard by way of technical documentation, product or project management, etc.

Describe the solution you'd like

• An updated contributor ladder which adds more explicit clarity to the Triager responsibilities, including guidance or concrete examples for issue triaging / backlog refinement, and a better process for @mentioning specific Scorecard maintainers.
• An expanded or alternate contributor ladder path to be created in direct support of non-code contributions.

Additional context This was discussed at the Scorecard community meeting on 09/05/24.

cc: @hsutor

[github-actions[bot]]

This issue has been marked stale because it has been open for 60 days with no activity.

[hsutor]

Perhaps the triager guidance could also be more specific on which labels to add in which scenarios. We could make a section that is about the different labels in the project and what they mean. Otherwise, "- Add relevant labels" is a bit vague.

[spencerschrock]

Perhaps the triager guidance could also be more specific on which labels to add in which scenarios.

The biggest one to jump out at me from memory is the various check/Foo labels, and possibly kind/question if something is mislabelled as a bug/enhancement.