Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Create Issue Templates #1152

Open
wants to merge 3 commits into
base: master
Choose a base branch
from
Open

Create Issue Templates #1152

Show file tree
Hide file tree
Changes from all commits
Commits
Show all changes
3 commits
Select commit Hold shift + click to select a range
e2621f4
Create new Harvest source.yml
MichaelHinrichs Jul 8, 2024
bdcfc46
Create Other.yml
MichaelHinrichs Jul 8, 2024
9cc7249
Change inputs to textareas
MichaelHinrichs Jul 8, 2024
File filter

Filter by extension

Filter by extension
Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
1 change: 1 addition & 0 deletions .github/ISSUE_TEMPLATE/Other.yml
View file
Open in desktop
Original file line number Diff line number Diff line change
@@ -0,0 +1 @@

52 changes: 52 additions & 0 deletions .github/ISSUE_TEMPLATE/new Harvest source.yml
View file
Open in desktop
Original file line number Diff line number Diff line change
@@ -0,0 +1,52 @@
name: New Harvest source
description: Request a new Harvest source to be added
labels: [new Harvest]
title: 'New Harvest: <repository-name>'

body:
- type: textarea
attributes:
label: Discoverability
description: How are the packages for this language discovered? Is the repository searched by the build tooling without the user having to customize their client?
validations:
required: true

body:
- type: textarea
attributes:
label: Primary Source
description: Is this the primary repository that the package is published to? Or is this repository a mirror of an existing repository? We should always harvest from primary sources.
validations:
required: true

body:
- type: textarea
attributes:
label: Reputability
description: Is this repository operated by a reputable organization? What is the purpose behind running this repository? Is there an identifiable team that can be reached in the event of any issues?
validations:
required: true

body:
- type: textarea
attributes:
label: Security
description: How secure is the repository? Is there a team that is available to handle issues in a timely manner when they arise? How fast do they respond to issues, such as when a security vulnerability is planted as a backdoor in a package?
validations:
required: true

body:
- type: textarea
attributes:
label: Automation
description: Does the repository support an API to support pulling of information? If not, is the package index organized in a schematized format that can programmatically queried using the package name and version and queried using HTTP(s). When using HTTP to mine data, ClearlyDefined should check for the existence of robots.txt or robot headers that indicate such mining is unacceptable. How much effort is it to automate the process?
validations:
required: true

body:
- type: textarea
attributes:
label: Relationship
description: Reach out to the organization that maintains the repository to indicate that ClearlyDefined wishes to harvest data from their repository, with an explanation on how harvesting is done, what the data is used for and how much additional traffic this could result in. Identify/Resolve any concerns and provide a contact from ClearlyDefined in the event they need to support in case of an issue.
validations:
required: true