Standard for Public Code

Contents

  1. Requirements
  2. How to test
  3. Public policy makers: what you need to do
  4. Managers: what you need to do
  5. Developers and designers: what you need to do
  6. Further reading

Contribute on GitHub

Make contributing easy

To develop better, more reliable and feature rich software, users need to be able to fix problems, add features, and address security issues of the shared codebase.

A shared digital infrastructure makes it easier to make collaborative contributions. The less effort it takes to make contributions that are accepted by the codebase, the more likely users are to become contributors.

Requirements

  • The codebase MUST have a public issue tracker that accepts suggestions from anyone.
  • The documentation MUST link to both the public issue tracker and submitted codebase changes, for example in a README file.
  • The codebase MUST have communication channels for users and developers, for example email lists.
  • There MUST be a way to report security issues for responsible disclosure over a closed channel.
  • The documentation MUST include instructions for how to report potentially security sensitive issues.

How to test

  • Confirm that there is a public issue tracker.
  • Confirm that the codebase contains links to the public issue tracker and submitted codebase changes.
  • Confirm that it is possible to participate in a discussion with other users and developers about the software using channels described in the codebase.
  • Confirm that there is a closed channel for reporting security issues.
  • Confirm that there are instructions for privately reporting security issues.

Public policy makers: what you need to do

  • Track policy issues in the codebase, so that a relevant external policy expert can volunteer help.

Managers: what you need to do

  • Track management issues in the codebase, so that external managers with relevant experience can volunteer help.
  • Support your experienced policy makers, developers and designers to keep contributing to the codebase for as long as possible.

Developers and designers: what you need to do

  • Just like for reviews, make sure to respond to requests promptly.
  • Keep your managers informed of the time and resources you require to support other contributors.
  • Make sure that appropriate communication channels for asking maintainers and stakeholders questions are easy to locate, for instance in the README.
  • Make sure that appropriate contact details are included in the metadata, for instance in the publiccode.yml file.

Further reading