add in-toto governance review #740
Conversation
Signed-off-by: Bill Mulligan <[email protected]>
Co-authored-by: Josh Berkus <[email protected]> Signed-off-by: Bill Mulligan <[email protected]>
jberkus
added
wg/governance
needs-liaison-approval
Co-authored-by: Emily Fox <[email protected]> Signed-off-by: Bill Mulligan <[email protected]>
|
@TheFoxAtWork @dims @dzolotusky ready for your approval. |
Co-authored-by: Trishank Karthik Kuppusamy <[email protected]> Signed-off-by: Bill Mulligan <[email protected]>
|
Thanks, just updated! |
| The following issues have been identified that need to be resolved before [project milestone or other requirement]: | ||
|
|
||
| **Sub-projects** | ||
| Multiple subprojects are not listed on the [README](https://github.com/in-toto/community/blob/main/README.md#subprojects) in the community repo including archivista and witness. |
There was a problem hiding this comment.
@xmulligan @linsun - i dont believe we require the sub-projects to be listed in the README, rather just that they are listed.
https://github.com/cncf/toc/blob/18f6000f66f7595ba9e169876d5b227b41f7e9b1/.github/ISSUE_TEMPLATE/template-graduation-application.md?plain=1#L128
I also can't seem to find them in the repo, has this been resolved?
There was a problem hiding this comment.
If not in readme, we still expect it to be listed somewhere, correct?
@SantiagoTorres mentioned to me that he will try addressing this today.
There was a problem hiding this comment.
Yea, I would expect them to be listed somewhere and the community repo seems like a good place though obviously not the only option.
There was a problem hiding this comment.
in-toto/community#36 should have fixed this. Please let us know if not!
Co-authored-by: Emily Fox <[email protected]> Signed-off-by: Bill Mulligan <[email protected]>
Some subprojects were not explicitly listed in the README. As per our [governance review](cncf/tag-contributor-strategy#740) (thanks! tag-contributor strategy!), we should include some repositories that have been recently added as subprojects. Do exactly so and make sure we include witness and archivista. Include attestation verifier and helm-charts which were recently included/approved as projects.
Some subprojects were not explicitly listed in the README. As per our [governance review](cncf/tag-contributor-strategy#740) (thanks! tag-contributor strategy!), we should include some repositories that have been recently added as subprojects. Do exactly so and make sure we include witness and archivista. Include attestation verifier and helm-charts which were recently included/approved as projects. Signed-off-by: Santiago Torres Arias <[email protected]>
| The following issues have been identified that need to be resolved before [project milestone or other requirement]: | ||
|
|
||
| **Sub-projects** | ||
| Multiple subprojects are not listed on the [README](https://github.com/in-toto/community/blob/main/README.md#subprojects) in the community repo including archivista and witness. |
There was a problem hiding this comment.
in-toto/community#36 should have fixed this. Please let us know if not!
| Over the next year, the project should work on the following issues to improve its governance, these are considered non-blocking: | ||
|
|
||
| **Roadmap** | ||
| The [roadmap](https://github.com/in-toto/community/blob/7b104e9d8c660bac05e789c4d0c218b8d5fdbdf7/ROADMAP.md) has not been updated since 2023 and should be updated to include 2024 and 2025. |
There was a problem hiding this comment.
in-toto/community#33 should have fixed this for 2024 at least.
| The 2025 election is coming soon. The [election schedule](https://github.com/in-toto/community/blob/3da1c4ed10c78ab47523ddda9625fd9e3f4043be/STEERING-COMMITTEE.md) should be updated with the details. The project should also consider staggering terms to allow for continuity. | ||
|
|
||
| **Linking Governance** | ||
| archivista and witness have maintainers, but do not link back to the overall project governance. |
There was a problem hiding this comment.
@jkjell can we fix this?
|
Thanks, all, merging per @TheFoxAtWork |
fixes #733