search

typst-community / .github

⚙️ Organization-wide settings for GitHub
0 stars 1 forks source link

Community Health #10

Closed huwaireb closed 10 months ago

huwaireb commented 11 months ago

Community Health Guideline Doc

TODO

jcbhmr commented 11 months ago

i would recommend: dont worry about governance or security or code_of_conduct or anything until you need it. once an issue like "i have found a security issue" happens or a flame war happens or governance is questioned then draw these things up. why then and not now? you'll have clear "we need to solve this problem" instead of whiteboard-abstract "well we might have questions about who maintains which repos so lets debate and whiteboard that" 🤷‍♂️

actual advice to accomplish those tasks: i suggest enabling github's security reporting on all present and future repos. that takes care of security.md and any related stuff.

image https://github.com/organizations/typst-community/settings/security_analysis 👈

for governance, id just put a blurb in the readme saying "decisions are made by BDFL huwaireb" or something until growth happens lol

huwaireb commented 10 months ago

@jcbhmr, sounds great. I've enabled that security setting and added a default SECURITY.md that is quite generic.

GOVERNANCE.md or similar can probably go into the new org I created, should also have things like GETTING_INVOLVED and others. I'll leave this repository for github org-wide files. I dont think BDFL is appropriate, but that's up for a later discussion in org repo.