Update to Governance Model #736
Conversation
GOVERNANCE.md
Outdated
| # Project Governance (Very Minimal Governance model) | ||
|
|
||
| This open source project is managed by a Steering Committee composed of the maintainers of this project. Maintainers are | ||
| defined as individuals with full commit access to the project repositories. |
There was a problem hiding this comment.
Can we add something to "full commit access" like maintain-level permissions on a repository.
| The Steering Committee may, at its discretion, add or remove members who are not maintainers. | ||
|
|
||
| ## Voting | ||
|
|
There was a problem hiding this comment.
What are decisions that will be voted? Do we need to discuss everything publicly or can we discuss internally and publish only the final consensus?
There was a problem hiding this comment.
The committee only votes when it can't reach consensus. So yes, the steering committee can discuss amongst themselves and only go to a public vote if they don't agree.
As the project expands, the steering committee can also agree to set up sub-committees - for example a product management sub-committee to own the roadmap.
| * Steering Committee Vote: 3/4 affirmative vote of the Steering Committee to remove a member | ||
| * Unreachable Member: If a member is unresponsive for more than six months, the remaining active members of the Steering | ||
| Committee may vote to remove the member | ||
|
|
There was a problem hiding this comment.
Another question: do we specify any rules for ratio of maintainers per affiliation?
There was a problem hiding this comment.
And , are there any size limitations (max number of maintainers) in the steering committee?
There was a problem hiding this comment.
No and no. Once established, the steering committee can vote to add new members, so its in their control.
RESPONSIBILITIES.md
Outdated
|
|
||
| ### Prioritize Security | ||
|
|
||
| Security is your number one priority. Maintainer's Github keys must be password protected securely and any reported security vulnerabilities are addressed before features or bugs. |
There was a problem hiding this comment.
Security is "your" number one, to "the" number one priority or "our"
| Manage labels, review issues regularly, and triage by labelling them. | ||
|
|
||
| We use key value labels, use the `priority:`, `type:` and `status:` when triaging issues. | ||
|
|
There was a problem hiding this comment.
and recently we added effort:
RESPONSIBILITIES.md
Outdated
|
|
||
| Ensure the repo highlights features that should be elevated to the project roadmap. Be clear about the feature’s status, | ||
| priority, target version, and whether or not it should be elevated to the roadmap. Any feature that you want highlighted | ||
| on the OpenSearch Roadmap should be tagged with "roadmap". The OpenSearch [project-meta maintainers](https://github.com/opensearch-project/project-meta/blob/main/MAINTAINERS.md) |
| with these requirements. If consensus cannot be reached, the Steering Committee will make the decision by a vote. | ||
|
|
||
| The Steering Committee Chair will call a vote with reasonable notice to the Steering Committee, setting out a discussion | ||
| period and a separate voting period. Any discussion may be conducted in person or electronically by text, voice, or video. |
There was a problem hiding this comment.
Is there a time frame for discussion/voting?
There was a problem hiding this comment.
When the chair calls for a vote, then the discussion period is set. This is helpful as it puts a deadline on making a decision and avoids "analysis paralysis" The length of time depends on the complexity of the decision being made.
There was a problem hiding this comment.
Should we have a place where we record decisions? just GitHub issues? can we have like a record of decision issues? or tag them as "decision issues"
Feature or Bugfix
Detail
Relates
Security
Please answer the questions below briefly where applicable, or write
N/A. Based onOWASP 10.
fetching data from storage outside the application (e.g. a database, an S3 bucket)? N/A
evalor similar functions are used? N/ABy submitting this pull request, I confirm that my contribution is made under the terms of the Apache 2.0 license.