Standard for Public Code

Make contributing easy


  • The codebase MUST have a public issue tracker that accepts suggestions from anyone.
  • The codebase MUST include instructions for how to privately report security issues for responsible disclosure.
  • The documentation MUST link to both the public issue tracker and submitted codebase changes, for example in a README file.
  • The codebase MUST have communication channels for users and developers, for example email lists.
  • The documentation SHOULD include instructions for how to report potentially security sensitive issues on a closed channel.

Why this is important

  • Enables users to fix problems and add features to the shared codebase leading to better, more reliable and feature rich software.
  • Allows collaborative uptake of shared digital infrastructure.
  • Helps users decide to use one codebase over another.

What this does not do

  • Guarantee others will reuse the codebase.

How to test

  • There’s a public issue tracker.
  • It’s possible to participate in a discussion with other users about the software.

Policy makers: what you need to do

  • Track policy issues in the codebase, so that a relevant external policy expert can volunteer help.

Management: what you need to do

  • Track management issues in the codebase, so that external managers with relevant experience can volunteer help.
  • Support your experienced policy makers, developers and designers to keep contributing to the codebase for as long as possible.

Developers and designers: what you need to do

  • Respond promptly to requests.
  • Keep your management informed of the time and resources you require to support other contributors.

Further reading