Skip to content
This repository has been archived by the owner on Sep 29, 2023. It is now read-only.

Meet Zalando's OSS requirements #23

Open
16 of 26 tasks
dmitrykrivaltsevich opened this issue Jun 26, 2017 · 4 comments
Open
16 of 26 tasks

Meet Zalando's OSS requirements #23

dmitrykrivaltsevich opened this issue Jun 26, 2017 · 4 comments
Assignees
@dmitrykrivaltsevich

Comments

@dmitrykrivaltsevich
Copy link
Collaborator

dmitrykrivaltsevich commented Jun 26, 2017
edited
Loading

Checklist:

Before Review Group approval:

  • Use the MIT license only. Include an edited license file in every repository.
  • Include a MAINTAINERS file. Every project MUST have at least two named maintainers.
  • Include an SECURITY. md file in the main root folder of your repository. E.g.: “If you have discovered a security vulnerability, please email [email protected] .”
  • Create a README covering the points provided in Zalando's standard README template. The README MUST include a note about the MIT license at the bottom.
  • Include a CONTRIBUTING guidelines file, plus a note in your README that you welcome community contributions.
  • Answer this security questionnaire
  • Contact the appropriate language/technology guild to request a code review (reviewed by Simon Leo Hafner from scala guild, Notes from code review session made by Zalandos' scala guild #28 - review summary)
  • Contact Engineering Productivity ( [email protected] ) to request a basic code review and recommendation (approved by Diego Fernando Molina Bocanegra).
  • Estimate and provide the project’s current level of automated test coverage, and how you plan on maintaining or increasing that level over time. (current value: 92%)
  • Complete this product analysis. Provide some evidence that your work is unique and does not imitate an existing, actively maintained project. Usually a one-paragraph summary/list of 3-4 bullet points defining your project’s innovative features and distinct advantages is sufficient (see key points in README.md)
  • Contact OSS Evangelist Lauri Apple ([email protected]) for help in satisfying these criteria.
  • Send a review request email to the Open Source Review Group including the project name and link: [email protected]
  • Receive approval from the Review Group

After approval from Review Group:

  • enable Two-Factor Authentication (2FA/MFA)
  • MUST NOT, at any time, include Zalando specifics such as credentials and private identifiers
  • SDLC: 4 eyes principle implemented
  • SDLC: history of master branch MUST NEVER be changed
  • Tag all versions in GitHub with the exact version name
  • Use GitHub pull requests to make all repository changes, including those made by maintainers, so that we can streamline review and change tracking
  • SDLC: Zappr configured, Team ID entered into Zappr file
  • SDLC: every Pull Request MUST contain or reference the specification for the code change.
  • SDLC: enforced reviews for backdoors
  • SDLC: enforced reviews for vulnerable code fragments
  • If you use third-party OSS, you MUST create a workflow to clear combinations of different licenses within a project.
  • honor the original license of third-party code
  • contact Zalando Legal ([email protected]) if you are unsure about how to create corresponding license files
@dmitrykrivaltsevich dmitrykrivaltsevich self-assigned this Jun 26, 2017
dmitrykrivaltsevich added a commit that referenced this issue Jun 26, 2017
@dmitrykrivaltsevich
#23 added SECURITY.md file
676cc29
@dmitrykrivaltsevich dmitrykrivaltsevich mentioned this issue Jun 26, 2017
Merged
dmitrykrivaltsevich added a commit that referenced this issue Jun 26, 2017
@dmitrykrivaltsevich
#23 updated readme
79697c7 
enhanced intro, added links to contributing guideline and licence
@dmitrykrivaltsevich dmitrykrivaltsevich mentioned this issue Jun 26, 2017
Merged
dmitrykrivaltsevich added a commit that referenced this issue Jun 26, 2017
@dmitrykrivaltsevich
#23 created CONTRIBUTING.md
73105cb
@dmitrykrivaltsevich dmitrykrivaltsevich mentioned this issue Jun 26, 2017
Merged
raychenon added a commit that referenced this issue Jun 26, 2017
@raychenon
Merge pull request #24 from zalando-incubator/feature/#23-add-securit…
32abff2 
…y-info

#23 added SECURITY.md file
dmitrykrivaltsevich added a commit that referenced this issue Jun 26, 2017
@dmitrykrivaltsevich
Merge branch 'master' into feature/#23-enhance-readme
f553195
dmitrykrivaltsevich added a commit that referenced this issue Jun 26, 2017
@dmitrykrivaltsevich
Merge branch 'master' into feature/#23-added-contributing-guideline
62702af
dmitrykrivaltsevich added a commit that referenced this issue Jun 27, 2017
@dmitrykrivaltsevich
#23 improved text for code style
6f7ac9c
dmitrykrivaltsevich added a commit that referenced this issue Jun 27, 2017
@dmitrykrivaltsevich
#23 created CONTRIBUTING.md (#26)
f12a8da 
* #23 created CONTRIBUTING.md

* #23 improved text for code style
dmitrykrivaltsevich added a commit that referenced this issue Jun 27, 2017
@dmitrykrivaltsevich
Merge branch 'master' into feature/#23-enhance-readme
4d2d0d5
dmitrykrivaltsevich added a commit that referenced this issue Jun 27, 2017
@dmitrykrivaltsevich
#23 updated readme (#25)
fa952c8 
enhanced intro, added links to contributing guideline and licence
@dmitrykrivaltsevich
Copy link
Collaborator Author

Sent code review request to "Engineering Productivity" team 2017-06-27

@dmitrykrivaltsevich
Copy link
Collaborator Author

Contacted scala guild in Zalando 2017-06-27

dmitrykrivaltsevich added a commit that referenced this issue Jun 27, 2017
@dmitrykrivaltsevich
#23 added codacy integration
1abb510
@dmitrykrivaltsevich dmitrykrivaltsevich mentioned this issue Jun 27, 2017
Merged
raychenon added a commit that referenced this issue Jun 27, 2017
@raychenon
Merge pull request #27 from zalando-incubator/feature/#23-added-codacy
e9c8daf 
#23 added codacy integration
@dmitrykrivaltsevich
Copy link
Collaborator Author

Contacted Lauri 2017-07-03

dmitrykrivaltsevich added a commit that referenced this issue Aug 17, 2017
@dmitrykrivaltsevich
#23 explained main goal of the library in details
7572de8
@dmitrykrivaltsevich dmitrykrivaltsevich mentioned this issue Aug 17, 2017
Merged
dmitrykrivaltsevich added a commit that referenced this issue Aug 17, 2017
@dmitrykrivaltsevich
#23 added known alternatives section
ec37cee
dmitrykrivaltsevich added a commit that referenced this issue Aug 17, 2017
@dmitrykrivaltsevich
Merge pull request #31 from zalando-incubator/issues-23-improvements-…
fb20e88 
…in-documentation

#23 explained main goal of the library in details
@dmitrykrivaltsevich
Copy link
Collaborator Author

OSS Review request sent 2017-08-17

dmitrykrivaltsevich added a commit that referenced this issue Aug 17, 2017
@dmitrykrivaltsevich
#23 added statement about further plans
94a7057
@dmitrykrivaltsevich dmitrykrivaltsevich mentioned this issue Aug 17, 2017
Merged
dmitrykrivaltsevich added a commit that referenced this issue Aug 17, 2017
@dmitrykrivaltsevich
Merge pull request #34 from zalando-incubator/issue-23-clarified-furt…
0a092b6 
…her-lans

#23 added statement about further plans
Sign up for free to subscribe to this conversation on GitHub. Already have an account? Sign in.
Assignees

@dmitrykrivaltsevich dmitrykrivaltsevich

Labels
None yet
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
1 participant
@dmitrykrivaltsevich