search

ossf / tac

Technical Advisory Council
https://openssf.org
Other
109 stars 58 forks source link

Resolve Status of Projects Lagging in Onboarding #371

Open presidentoor opened 3 months ago

presidentoor commented 3 months ago

OpenSSF Projects cannot lag in signing the Charter and the Contributor Agreement (CA). These items confirm their onboarding as projects of the OpenSSF. Without these documents these projects have no official claim to being a part of the OpenSSF and as such receive no benefits per the Gives and Gets exercise. We require the TACs recommendation on the approach to resolving the status of these onboarding items. Suggested pathways (a hybrid of which may be applicable) include:

  1. Automatically archiving the project after one quarter of non-responsiveness to signing the charter and CA.
  2. Require reporting from the sponsoring WGs during regular TAC updates as to the onboarding status of Projects that WGs sponsor.
  3. Reassign maintainership of the project (e.g., by forking or similar approach) if the TAC and/or WG believes the project is worth continuing as initially proposed.

Thoughts welcome on how we should handle this.

lehors commented 3 months ago

Maybe I'm missing some background and a lot has already been done to reach out to these projects and I understand this is a serious issue which requires action but option 1 and 3 seem unnecessarily aggressive as a first step by the TAC. The only acceptable option along those listed is #2.

-- Arnaud Le Hors - Senior Technical Staff Member - Open Technologies - IBM

From: Harry @.> Sent: Tuesday, July 30, 2024 10:01:01 PM To: ossf/tac @.> Cc: Subscribed @.***> Subject: [EXTERNAL] [ossf/tac] Resolve Status of Projects Lagging in Onboarding (Issue #371)

OpenSSF Projects cannot lag in signing the Charter and the Contributor Agreement (CA). These items confirm their onboarding as projects of the OpenSSF. Without these documents these projects have no official claim to being a part of the OpenSSF

OpenSSF Projects cannot lag in signing the Charter and the Contributor Agreement (CA). These items confirm their onboarding as projects of the OpenSSF. Without these documents these projects have no official claim to being a part of the OpenSSF and as such receive no benefits per the Gives and Gets exercise. We require the TACs recommendation on the approach to resolving the status of these onboarding items. Suggested pathways (a hybrid of which may be applicable) include:

  1. Automatically archiving the project after one quarter of non-responsiveness to signing the charter and CA.
  2. Require reporting from the sponsoring WGs during regular TAC updates as to the onboarding status of Projects that WGs sponsor.
  3. Reassign maintainership of the project (e.g., by forking or similar approach) if the TAC and/or WG believes the project is worth continuing as initially proposed.

Thoughts welcome on how we should handle this.

? Reply to this email directly, view it on GitHubhttps://github.com/ossf/tac/issues/371, or unsubscribehttps://github.com/notifications/unsubscribe-auth/ABRKI2TE4Y3MZ5Q7DFTRKDTZPAZM3AVCNFSM6AAAAABLXNTEYOVHI2DSMVQWIX3LMV43ASLTON2WKOZSGQZTQOJQGMZTMNI. You are receiving this because you are subscribed to this thread.Message ID: @.***>

sevansdell commented 2 weeks ago

@afmarcum Are there any outstanding charters to be signed?

afmarcum commented 2 weeks ago

Maybe I'm missing some background and a lot has already been done to reach out to these projects and I understand this is a serious issue which requires action but option 1 and 3 seem unnecessarily aggressive as a first step by the TAC. The only acceptable option along those listed is #2.

@lehors I agree that Option 2 is the best option for TAC support in addressing lagging requirement completion. Do we need to document this within the Gives & Gets document to close this issue or is it sufficiently implied with the requirement of having a TAC/WG sponsor?

@sevansdell Outstanding items are listed in https://github.com/ossf/tac/issues/340 I will address the specifics on what is outstanding / next steps there.

sevansdell commented 5 days ago

I think we should update the language in the Gives and Gets, WG responsibilities and in the TAC TI update (section for onboarding lifecycle stage for WG/Sigs in the WG). @afmarcum Are you able to propose helpful wording taking this over as Chief of Staff for TAC to approve language in PR please?

SecurityCRob commented 3 days ago

Adrianne and I will work on this Friday and get a proposal together for the group to review