New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
[V6] Add contributing guides and improve documentation #1711
base: v6
Are you sure you want to change the base?
Conversation
Co-Authored-By: Alex Feyerke <391124+espy@users.noreply.github.com> Co-Authored-By: Ayham Kteash <11707377+ayhamthemayhem@users.noreply.github.com>
Co-Authored-By: Alex Feyerke <391124+espy@users.noreply.github.com>
Co-Authored-By: Alex Feyerke <391124+espy@users.noreply.github.com>
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Hey 👋 Happy new year, and thanks for the added docs! Some comments below :)
.github/ISSUE_TEMPLATE/BUG_REPORT.md
Outdated
|
||
Before creating a new bug report, please take a few moments to review the following: | ||
- Have you searched existing issues and discussions about your problem? Your problem might be already solved, and this could avoid creating duplicates | ||
- Is this a security related bug? If so, disclose it privately following the procedure described in https://github.com/openpgpjs/openpgpjs/blob/main/SECURITY.md |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Very nitpicky but in OpenPGP.js, any bug can be considered related to security, but only vulnerabilities (or bugs that could cause them) should be reported there.
- Is this a security related bug? If so, disclose it privately following the procedure described in https://github.com/openpgpjs/openpgpjs/blob/main/SECURITY.md | |
- Could this issue cause a security vulnerability? If so, please disclose it privately following the procedure described in https://github.com/openpgpjs/openpgpjs/blob/main/SECURITY.md |
.github/PULL_REQUEST_TEMPLATE.md
Outdated
--> | ||
|
||
**Description:** | ||
<!-- Explain what this PR does and why we need it --> |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
<!-- Explain what this PR does and why we need it --> | |
<!-- Explain what this PR does and why we need it --> |
CONTRIBUTING.md
Outdated
```bash | ||
# Clone your fork of the repo into the current directory | ||
git clone https://github.com/<your-username>/<repo-name> | ||
|
||
# Navigate to the newly cloned directory | ||
cd <repo-name> | ||
|
||
# Assign the original repo to a remote called "upstream" | ||
git remote add upstream https://github.com/openpgpjs/<repo-name> | ||
``` |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Are these instructions meant to be generic to other repos? Since we're in the openpgpjs repo here I would just write that:
```bash | |
# Clone your fork of the repo into the current directory | |
git clone https://github.com/<your-username>/<repo-name> | |
# Navigate to the newly cloned directory | |
cd <repo-name> | |
# Assign the original repo to a remote called "upstream" | |
git remote add upstream https://github.com/openpgpjs/<repo-name> | |
``` | |
```bash | |
# Clone your fork of the repo into the current directory | |
git clone https://github.com/<your-username>/openpgpjs | |
# Navigate to the newly cloned directory | |
cd <repo-name> | |
# Assign the original repo to a remote called "upstream" | |
git remote add upstream https://github.com/openpgpjs/openpgpjs | |
``` |
CONTRIBUTING.md
Outdated
|
||
6. Make sure to update or add to the tests when appropriate. Run the appropriate testing suites to check that all tests pass after you've made changes. You can read about our different types of tests in our [Testing](#testing) section. | ||
|
||
7. If you added or changed a feature, make sure to document it accordingly in the [README.md](https://github.com/openpgpjs/openpgpjs/blob/main/README.md) file. |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
7. If you added or changed a feature, make sure to document it accordingly in the [README.md](https://github.com/openpgpjs/openpgpjs/blob/main/README.md) file. | |
7. If you added or changed a feature, make sure to document it accordingly in the [README.md](https://github.com/openpgpjs/openpgpjs/blob/main/README.md) file, when appropriate. |
(not every feature needs to be documented in the main README file)
CONTRIBUTING.md
Outdated
We follow the seven rules of a great Git commit message, which is extensively described in [this blog post](https://cbea.ms/git-commit/), but in short the principles are: | ||
|
||
1. Separate subject from body with a blank line | ||
2. Limit the subject line to 50 characters | ||
3. Capitalize the subject line | ||
4. Do not end the subject line with a period | ||
5. Use the imperative mood in the subject line | ||
6. Wrap the body at 72 characters | ||
7. Use the body to explain what and why vs. how | ||
|
||
You can also take a look at our [main branch commits](https://github.com/openpgpjs/openpgpjs/commits/main). |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
We don't religiously follow all of these, particularly the subject line length limit. So I would just say:
We follow the seven rules of a great Git commit message, which is extensively described in [this blog post](https://cbea.ms/git-commit/), but in short the principles are: | |
1. Separate subject from body with a blank line | |
2. Limit the subject line to 50 characters | |
3. Capitalize the subject line | |
4. Do not end the subject line with a period | |
5. Use the imperative mood in the subject line | |
6. Wrap the body at 72 characters | |
7. Use the body to explain what and why vs. how | |
You can also take a look at our [main branch commits](https://github.com/openpgpjs/openpgpjs/commits/main). | |
We roughly follow the Git commit guidelines in [this blog post](https://cbea.ms/git-commit/). | |
Additionally, please try to follow the style of the commit messages on our [main branch](https://github.com/openpgpjs/openpgpjs/commits/main). |
MAINTAINERS.md
Outdated
|
||
### Step 3: Assign the Work | ||
|
||
It should be clear who is responsible for working on an issue once it has been triaged and deemed actionable. This also includes eventual reviews. Ideally don’t assign things to people who aren’t expecting it. |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
The above also means that this isn't always possible. If one of the maintainers will do it, then yes, but otherwise it's up to the applications and contributors to pick up the work, not for us to assign it.
MAINTAINERS.md
Outdated
|
||
### Step 4: Follow up | ||
|
||
- **If no PR is opened on an issue within a month**, a maintainer should contact the assignee and ask them to create a PR or unassign themselves |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
This also seems overly rigid. Obviously, if someone else comes along and wants to work on the issue we can re-assign, but otherwise unassigning doesn't seem strictly necessary?
MAINTAINERS.md
Outdated
Triage can happen asynchronously and continuously, or in regularly scheduled meetings. | ||
|
||
**Benefits of triaging are:** | ||
- Maintaining project momentum | ||
- Engagement of contributors by increasing responsiveness | ||
- Prevents piling up of issues and work | ||
- Prevents issues and the project itself becoming stale | ||
- Provides structure and an opportunity for collaborative decision-making with regards to the project trajectory and roadmap | ||
|
||
It can be beneficial to have triage be part of already existing regular meetings, and if the volume of incoming issues requires it, have a regular, public triage meeting. If there is a regular meeting, make sure it is added here and in the [CONTRIBUTING.md](/CONTRIBUTING.md). Also consider adding it to the [NEW-CONTRIBUTORS.md](/NEW-CONTRIBUTORS.MD) and explicitly invite new and prospective contributors to listen in or participate. This will give interested people a plannable, social opportunity to meet the maintainers and gain insight into the project, with both a low barrier to entry for the new contributors and a low amount of additional effort for the maintainers. |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
This would seem like a reasonable suggestion if we had ore maintainers, but at the moment Lara is doing most of the work, so then having a meeting seems overkill (although we do have meetings, but not specifically for this).
Also, even if it is/becomes a good suggestion, it would make more sense to me for this document to describe the current practice? So I would drop this for now.
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
it would make more sense to me for this document to describe the current practice? So I would drop this for now.
IMO it could make sense to have this document as guideline for the future -- or more in general as an "action plan".
Personally I found these suggestions to be quite insightful, and I can definitely see how they would benefit in terms of engagement. Indeed, currently we don't have the volume of issues, nor the triaging need, to justify such meetings (but perhaps we did in the past, when it came to the Node.js streaming issues, for instance).
Still, the way I read it, the language in the document does cover the current practice as well ("Triage can happen asynchronously and continuously"), while also offering a [sound] alternative if need be , without implying any hard requirements 🙂
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
From the current text it's not really clear which option is current practice and which is a suggestion, though. And I think for OpenPGP.js contributors and future maintainers it would be more useful to know the actual process being followed here, rather than an aspirational document - we can have that elsewhere :) Or just refer to https://github.com/kubernetes/community/blob/master/contributors/guide/issue-triage.md (which is already linked) for future ideas in case the project grows significantly.
MAINTAINERS.md
Outdated
### Step 4: Follow up | ||
|
||
- **If no PR is opened on an issue within a month**, a maintainer should contact the assignee and ask them to create a PR or unassign themselves | ||
- **If a PR is ready for review**, use your triage meeting to find someone to review it within a reasonable amount of time. If you cannot manage a review soon, explain that to the contributor so they’re not left hanging and know what to expect. |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
- **If a PR is ready for review**, use your triage meeting to find someone to review it within a reasonable amount of time. If you cannot manage a review soon, explain that to the contributor so they’re not left hanging and know what to expect. | |
- **If a PR is ready for review**, find someone to review it within a reasonable amount of time. If you cannot manage a review soon, explain that to the contributor so they’re not left hanging and know what to expect. |
MAINTAINERS.md
Outdated
npm version {major,minor,patch} | ||
``` | ||
|
||
Which will trigger the `preversion`, `version` and `postversion` scripts specified in the `package.json`. These will handle the testing, building, publish to npm and pushing to GitHub. |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Which will trigger the `preversion`, `version` and `postversion` scripts specified in the `package.json`. These will handle the testing, building, publish to npm and pushing to GitHub. | |
(depending on whether a major, minor or patch release is to be created.) This command will run tests, create a build, publish it to npm, and push to GitHub. |
b340608
to
b41298a
Compare
This PR includes several contribution guides, implements a code of conduct and adds some improvements in documentation.
Thank you