We aspire to create a welcoming environment for collaboration on this project and ask that all contributors do the same. For more details, see our code of conduct.
This document covers contributions to this git repository. Please review governance for our mission, charter, and other operations.
While this repository does not contain open source code, we manage content contributions following open source practice, as detailed below.
All contributions to this project will be released under open source license as described in LICENSE.md. By submitting a pull request (PR), you are agreeing to release the PR contents under this license.
Anyone interested in contributing should join the mailing list and other communication channels
We strongly encourage and support all our members to participate in anyway they can. Not everyone can participate in the regularly scheduled live meetings, so we strive to make our processes friendly for people to be active contributors through asynchronous communication and contributions to our documentation in this repository.
If you are new to the group, reviewing pull requests and commenting on issues is a great way to get involved!
When creating or reviewing pull requests, please refer to the writing style guide to help maintain consistency across all of our documents.
This group engages in security reviews of projects to assist in improving their overall security posture. As part of those reviews, members may find or discuss potential issues. These findings and discussions (verbal, slack, or draft doc) are not regarded as a verified vulnerability and must adhere to the project's security reporting process. It is critical that contributions from security reviews remain close held to ensure adherence to a given project's responsible security disclosures process should an potential issue be discovered.
Presentations on security issues prior or during active engagement with projects is not permitted as these may be under embargo. If you are interested in presenting on a potential security issues we request you contact the project and get concurrence prior to submitting a presentation issue to our repo. If you are interested in presenting on security issues discovered as a result of a security review, please refer to use of a completed package for how that content may be used.