Project-Level Processes
Accepting Contributions
Project teams are required to review contributions from non-committer community members (i.e. PRs) in a timely fashion. While this does not mean that all such contributions need to be accepted, they must be reviewed conscientiously and only rejected if there are legitimate reasons to do so. Those reasons must be clearly documented in the PR at the time of rejection, and any resubmissions re-reviewed in good faith.Process
In addition to the usual code-level checks a project team may choose to perform on contributions (for code quality, roadmap alignment, etc.), it is also critically important that the legal requirements of the Foundation are met. This involves:
- Confirming that the person providing the contribution has a Contributor Licensing Agreement in place with the Foundation (though the Foundation's CLA bot will typically check this automatically - see below).
- Confirming that their change doesn't introduce new code or dependencies that are incompatible with the Apache Software License.
The Foundation's project infrastructure automatically checks for CLA compliance for pull requests only (here's an example of what this looks like). Unfortunately it's not currently possible to check for CLA compliance of commits that are directly pushed to a master branch by a committer (this is a GitHub limitation). For that reason, we strongly recommend that project teams do not add new project team members until they've verified that those contributors have a CLA in place with the Foundation. In the meantime, you can encourage contributors to fork your project and contribute via pull requests, until such time as you've confirmed their CLA status with the Foundation's legal counsel.
Confirming that contributions haven't introduced incompatibly licensed code is inherently build tool specific, and so we are unable to provide instructions that cover all possible development setups. See the Open Developer Platform docs for more information.
Process
In addition to the usual code-level checks a project team may choose to perform on contributions (for code quality, roadmap alignment, etc.), it is also critically important that the legal requirements of the Foundation are met. This involves:
- Confirming that the person providing the contribution has a Contributor Licensing Agreement in place with the Foundation (though the Foundation's CLA bot will typically check this automatically - see below).
- Confirming that their change doesn't introduce new code or dependencies that are incompatible with the Apache Software License.
The Foundation's project infrastructure automatically checks for CLA compliance for pull requests only (here's an example of what this looks like). Unfortunately it's not currently possible to check for CLA compliance of commits that are directly pushed to a master branch by a committer (this is a GitHub limitation). For that reason, we strongly recommend that project teams do not add new project team members until they've verified that those contributors have a CLA in place with the Foundation. In the meantime, you can encourage contributors to fork your project and contribute via pull requests, until such time as you've confirmed their CLA status with the Foundation's legal counsel.
Confirming that contributions haven't introduced incompatibly licensed code is inherently build tool specific, and so we are unable to provide instructions that cover all possible development setups. See the Open Developer Platform docs for more information.
Adding a New Project Team Member
Unable to render {include} The included page could not be found.
Adding a New Repository to your Project
Ensuring IP Compliance
Each Project team is at the front line of ensuring IP compliance for their Project. This primarily means two things:- Ensuring that all committers and contributors have CLAs in place with the Foundation before allowing their modifications to the code.
- Ensuring that the code itself, and all of the dependencies of it, are in compliance with the Foundation's licensing guidelines.
Maintaining a High-Quality Repository
The Foundation expects project teams to ensure their repositories are well documented and make liberal use of GitHub features, in order to make it easier for other members of the community to find, evaluate and consume your software. To assist with this, the Foundation provides an open source project blueprint repository that will ensure you have many of the basic legal and GitHub use cases covered.
Running a Standards Project
Requesting Steering from the PMC
One of the formally-defined responsibilities of the FINOS team and Board is to provide technical guidance to project teams, either:
- upon request; or
- when a project appears to be faltering
In order to support the second scenario and to assist in providing visibility to the Foundation's board, maintainers are required to report on their current status and recent operations when requested to do so by the Board.
One of the formally-defined responsibilities of the FINOS team and Board is to provide technical guidance to project teams, either:
- upon request; or
- when a project appears to be faltering
In order to support the second scenario and to assist in providing visibility to the Foundation's board, maintainers are required to report on their current status and recent operations when requested to do so by the Board.