This document explains who maintainers are, what they do in various repos of 4urcloud, and how they should be doing it. If you're interested in contributing, see CONTRIBUTING.
Maintainers are active and visible members of the community, and have maintain-level permissions on a repository. Use those privileges to serve the community and evolve code as follows.
Model the behavior set forward by the Code of Conduct and raise any violations to other maintainers.
Security is your number one priority. Maintainer's Github keys must be password protected securely and any reported security vulnerabilities are addressed before features or bugs.
It's our responsibility to ensure the content and code in pull requests are correct and of high quality before they are merged. Here are some best practices:
- Leverage the issue triaging process to review pull requests and assign them to maintainers for review.
- In cases of uncertainty on how to proceed, search for related issues and reference the pull request to find additional collaborators.
- When providing feedback on pull requests, make sure your feedback is actionable to guide the pull request towards a conclusion.
- If a pull request is valuable but isn't gaining traction, consider reaching out to fulfill the necessary requirements. This way, the pull request can be merged, even if the work is done by several individuals.
- Lastly, strive for progress, not perfection.
Respond to enhancement requests, and forum posts. Allocate time to reviewing and commenting on issues and conversations as they come in.
Keep the main
branch at production quality at all times. Backport features as needed. Cut release branches and tags to enable future patches.
Ensure the repo highlights features that should be elevated to the project roadmap.
Make frequent project releases to the community.
Assist, add, and remove MAINTAINERS. Exercise good judgement, and propose high quality contributors to become co-maintainers.
Make sure the repo has a well-written, accurate, and complete description.
You can become a maintainer by actively contributing to any project, and being nominated by an existing maintainer.
Removing a maintainer is a disruptive action that the community of maintainers should not undertake lightly. There are several reasons a maintainer will be removed from the project, such as violating the code of conduct, or taking other actions that negatively impact the project.
There are plenty of reasons that might cause someone to want to take a step back or even a hiatus from a project. Existing maintainers can choose to leave the project at any time, with or without reason, by making a pull request to move themselves to the "Emeritus" section of MAINTAINERS.md.
Maintainer status never expires. If a maintainer becomes inactive for a time (usually several months), or a maintainer can confirm that they are no longer involved with the project for any reason, the members of the maintainer team may make a pull request to move them to the "Emeritus" section of the MAINTAINERS.md and upon merging the pull request, revoke the maintainer level access. Any past maintainer can be reinstated via another pull request, and have their permissions restored by the members of the maintainer team at any time upon request.
If the repo is left without any maintainers, either by maintainer inactivity or moving on, the repo is considered unmaintained. The members of the maintainer team will seek out new maintainers and note the maintenance status in the repo README file.
Actions that negatively impact the project will be handled by the members of the maintainer team, in balance with the urgency of the issue. Examples would be Code of Conduct violations, deliberate harmful or malicious actions, and security risks.