[openssl-commits] [web] master update

Rich Salz rsalz at openssl.org
Thu Mar 16 16:59:46 UTC 2017

The branch master has been updated
       via  71dcd08ab8e43fcc4bb332657b1ea19d774dad25 (commit)
      from  33ec5069ddb48960d33053d19dbf40e598200737 (commit)

- Log -----------------------------------------------------------------
commit 71dcd08ab8e43fcc4bb332657b1ea19d774dad25
Author: Rich Salz <rsalz at akamai.com>
Date:   Thu Mar 16 12:59:41 2017 -0400

    Add final(?) draft of committer guidelines


Summary of changes:
 policies/committers.html | 145 +++++++++++++++++++++++++++++++++++++++++++++++
 1 file changed, 145 insertions(+)
 create mode 100644 policies/committers.html

diff --git a/policies/committers.html b/policies/committers.html
new file mode 100644
index 0000000..25144c5
--- /dev/null
+++ b/policies/committers.html
@@ -0,0 +1,145 @@
+<!DOCTYPE html>
+<html lang="en">
+  <!--#include virtual="/inc/head.shtml" -->
+  <body>
+    <!--#include virtual="/inc/banner.shtml" -->
+    <div id="main">
+      <div id="content">
+	<div class="blog-index">
+	  <article>
+	    <header>
+	      <h1>Guidelines for OpenSSL Committers</h1>
+	    </header>
+	    <div class="entry-content">
+              <h2>Who is a committer?</h2>
+              <p>OpenSSL committers are contributors who have commit access
+              to the
+              <a href="https://git.openssl.org">OpenSSL source code repository</a>.
+              Committers review and commit their own patches as well as
+              those of other contributors.</p>
+              <h2>How to become a committer?</h2>
+              <p>Commit access is granted by the OpenSSL Management Committee
+              (OMC) (see the
+              <a href="/policies/bylaws.html">OpenSSL bylaws</a>).
+              <p>We welcome contributors who become domain experts in some
+              part of the library (for example, low-level crypto) as well as
+              generalists who contribute to all areas of the codebase. All
+              committers share the responsibility for the overall health
+              of the project: aside from contributing quality features,
+              committers are team players who fix bugs, address open
+              issues, review community contributions, and improve tests and
+              documentation. Committers are also shepherds of the OpenSSL
+              community and its
+              <a href="/community/conduct.html">code of conduct</a>.</p>
+              <p>To become a committer, start by contributing code. Read our
+              <a href="/policies/codingstyle.html">coding style</a>, and get
+              to know our build and test system. Then, use the
+              <a href="/policies/roadmap.html">project roadmap</a>,
+              <a href="https://github.com/openssl/openssl/issues">Github issue
+                tracker</a>, and our
+              <a href="/community/mailinglists.html">maing lists</a>
+              find impactful ideas to work on. Seek feedback from multiple OMC
+              members to understand the project, and to support your
+              application. Let them know that you'd like to become a committer
+              - they'll nominate you when your code review record demonstrates
+              impact as well as understanding of the codebase and coding style
+              (usually after a few months of activity). The final decision to
+              grant commit access is taken by an OMC vote.</p>
+              <h2>How to maintain commit status?</h2>
+              <p>To maintain commit status, you should stay active in the
+              project. As stated in the project bylaws, if you remain inactive
+              for several months, your commit access will be withdrawn - but
+              you are always welcome back, just ask an OMC member to
+              re-nominate you.</p>
+              <p>In the unlikely and unfortunate event that your actions
+              conflict with the project objectives or are otherwise
+              disruptive, commit access may also be revoked by vote of the
+              OMC.</p>
+              <h2>Code reviews</h2>
+              <p>All submissions must be reviewed and approved by at least two
+              committers, one of whom must also be an OMC member. If the
+              author is also a committer then that counts as one of the
+              reviews. In other words:</p>
+              <ul>
+                <li>OMC members need one approval from any committer</li>
+                <li>Committers need one approval from a committer within the
+                OMC</li>
+                <li>Contributors without commit rights need two approvals,
+                including one from the OMC.</li>
+              </ul>
+              <p>This process may seem a little heavy, but OpenSSL is a large,
+              complicated codebase, and we think two reviews help prevent
+              security bugs, as well as disseminate knowledge to the growing
+              contributor base.</p>
+              <p>Contributors without commit rights cannot formally approve
+              patches but are nevertheless welcome to comment on submissions
+              and do technical reviews. We always value another pair of eyes,
+              and volunteering for reviews counts favourably towards becoming
+              a committer. As an author, we ask that you address all comments,
+              even if you already have the necessary approvals.</p>
+              <p>If you have trouble finding consensus on a difficult review,
+              reach out to the OMC at
+              <a href="mailto:openssl-team at openssl.org">openssl-team at openssl.org</a>
+              (private, moderated) or committers at
+              <a href="mailto:openssl-dev at openssl.org">openssl-dev at openssl.org</a>
+              (public). On GitHub, you can reach OMC members at @openssl/team,
+              and committers can be found at @openssl/dev.</p>
+              <h2>Commit workflow</h2>
+              <p>We do code reviews on GitHub. The
+              <a href="https://github.com/openssl/openssl">OpenSSL GitHub
+                repository</a>
+              is a mirror, so we do not merge on GitHub. When you become a
+              committer, we.ll send you instructions to get commit access to
+              the main repository. To have handy links to review history, we
+              record the reviewers and GitHub pull request IDs in commit
+              headers. We have some helper scripts in the
+              <a href="https://github.com/openssl/tools">tools repo</a>
+              to add these headers automatically.</p>
+              <p>We don't use merge commits.</p>
+              <p>If at any point during development or review you discover
+              a potential security issue, we ask that you report it to
+              <a href="mailto:openssl-security at openssl.org"> openssl-security at openssl.org</a>
+              and don't discuss it further in public. We review security
+              sensitive patches privately, off GitHub. We do not currently
+              have a way to open access to those reviews after the patches
+              have been released.</p>
+              <h2>A note on CLAs</h2>
+              <p>All authors, including committers, must have current CLAs on
+              file. A CLA is not required for trivial contributions (e.g. the
+              fix of a spelling mistake). If all reviewers as well as the
+              original author agree that the submission is trivial, the commit
+              can be labelled "CLA: trivial" to skip CLA checks.</p>
+	    </div>
+	    <footer>
+	      You are here: <a href="/">Home</a>
+	      : <a href="/policies"> Policies</a>
+	      : <a href="">Guidelines for Committers</a>.
+	      <br><a href="/sitemap.txt">Sitemap</a>
+	    </footer>
+	  </article>
+	</div>
+	<!--#include virtual="sidebar.shtml" -->
+      </div>
+    </div>
+    <!--#include virtual="/inc/footer.shtml" -->
+  </body>

More information about the openssl-commits mailing list