Adding SIG related information to Governance documentation #15
Conversation
original Issue: slsa-framework/slsa#453 Added 1.6. Special Interest Group Members to Governance.md Added Reporting Violations section with associated contacts to Code_of_Conduct.md Added 3 files for SIG charters as they stand today. Added Special Interest Groups section to Readme Updated Readme.md Related issues, PRs, docs: slsa-framework/slsa#384 https://github.com/slsa-framework/slsa-proposals/tree/main/0002 https://docs.google.com/document/d/1L1gEJMBIvE0IbpFi23FOUByDYlItSYPPJmKdhvJQYsg/edit#
Signed-off-by: Melba <[email protected]>
original Issue: slsa-framework/slsa#453 Added 1.6. Special Interest Group Members to Governance.md Added Reporting Violations section with associated contacts to Code_of_Conduct.md Added 3 files for SIG charters as they stand today. Added Special Interest Groups section to Readme Updated Readme.md Related issues, PRs, docs: slsa-framework/slsa#384 https://github.com/slsa-framework/slsa-proposals/tree/main/0002 https://docs.google.com/document/d/1L1gEJMBIvE0IbpFi23FOUByDYlItSYPPJmKdhvJQYsg/edit#
| @@ -47,6 +47,8 @@ The Steering Committee may add additional Steering Committee Members as it deems | |||
|
|
|||
| After discussion with the nominees for a vacant seat, the Steering Committee will select the new Steering Committee Members from the group of nominees taking into account such things as the nominees’ willingness to take on the role, skills, and level of participation as well as the need to maintain a balanced perspective on the Steering Committee (e.g., no more than two people from the same group of related companies should be on the Steering Committee). A Steering Committee Member nominee may not deliberate or vote on their own appointment. | |||
|
|
|||
| **1.6. Special Interest Group Members.** The SLSA project has entered a phase where there is known work to be accomplish which requires focused collaboration. The community meeting has grown to a large number of participants with mixed agendas: learning, knowledge sharing, contributing, and so on. We established focus groups, or SIGs, as a formal mechanism to promote focused collaboration amongst a subset of the broader SLSA community. Each SIG will have leads and may determine their own meeting cadence and charters as approved by the Steering Committee Members. For more information, please see [Specification](https://github.com/slsa-framework/governance/blob/main/9._Specification_Charter.md), [Positioning](https://github.com/slsa-framework/governance/blob/main/10._Positioning_Charter.md), or [Tooling](https://github.com/slsa-framework/governance/blob/main/11._Tooling_Charter.md) Charters. | |||
There was a problem hiding this comment.
nit:make these links relative, e.g. [Specification](9._Specification_Charter.md)
There was a problem hiding this comment.
didn't realize you could do this. Fixed on my local (will commit in a few)
| ## Special Interest Groups | ||
| To contact the various SIG Leads: | ||
|
|
||
| Specification |
There was a problem hiding this comment.
suggestion: link to the specification charters here, e.g. [Specification](9._Specification_Charter.md), and add links to the meeting notes in the bullets
There was a problem hiding this comment.
done; will commit shortly.
| @@ -0,0 +1,5 @@ | |||
| Please see [SLSA SIGs document](https://docs.google.com/document/d/1L1gEJMBIvE0IbpFi23FOUByDYlItSYPPJmKdhvJQYsg/edit#heading=h.1hce59kd4nn0) for more information. | |||
There was a problem hiding this comment.
# Tooling SIG Charter
Not yet written. In the meantime, see [SLSA SIGs proposal](https://docs.google.com/document/d/1L1gEJMBIvE0IbpFi23FOUByDYlItSYPPJmKdhvJQYsg/edit). Summary:
* Mission: Tools, services, and documentation make SLSA readily adoptable.
* Immediate work: builders and generators, policy model
* Longer range: distribution, discovery and policy integration
There was a problem hiding this comment.
done will commit shortly
| @@ -0,0 +1,5 @@ | |||
| Please see [SLSA SIGs document](https://docs.google.com/document/d/1L1gEJMBIvE0IbpFi23FOUByDYlItSYPPJmKdhvJQYsg/edit#heading=h.1hce59kd4nn0) for more information. | |||
There was a problem hiding this comment.
# Specification SIG Charter
Not yet written. In the meantime, see [SLSA SIGs proposal](https://docs.google.com/document/d/1L1gEJMBIvE0IbpFi23FOUByDYlItSYPPJmKdhvJQYsg/edit). Summary:
* Mission: SLSA is stable, practical, and useful for reducing risk—with a healthy surrounding community.
* Immediate work: getting to 1.0
* Longer range: extending SLSA (including to vulnerability management)
There was a problem hiding this comment.
done; will commit shortly
| To report instance(s) of unacceptable behavior, please contact: | ||
| - [Joshua Lock](https://github.com/joshuagl) - VMware | ||
| - [Melba Lopez](https://github.com/melba-lopez) - IBM | ||
| - Or any [Steering Committee Member](https://github.com/slsa-framework/governance#steering-committee) |
There was a problem hiding this comment.
nit: use relative links: [Steering Committee Member](README.md#steering-committee)
There was a problem hiding this comment.
done; will commit shortly
|
|
||
| Tooling | ||
| - [Mike Lieberman](https://github.com/mlieberman85) - Kusari/CNCF | ||
| - [Eric Tice] |
There was a problem hiding this comment.
[Eric Tice](https://github.com/erictice) - Wipro
There was a problem hiding this comment.
fixed; will commit shortly
| @@ -0,0 +1,87 @@ | |||
| # Positioning SIG Charter | |||
|
|
|||
| ## Mission | |||
There was a problem hiding this comment.
nit: Across all the files, could you add blank lines after each heading and before bulleted lists, to keep the same style as the other files? Thanks!
There was a problem hiding this comment.
Done; you will have to double-check I didn't miss anything once i've committed.
|
|
||
| ## Mission | ||
| - Educate the open source community, global industry, and standards/regulatory bodies on SLSA | ||
| - Evangelize SLSA to increase adoption |
There was a problem hiding this comment.
Can we use a more precise term than "adoption"? I interpret it as getting projects to actually do SLSA, which I think is more in scope for the future Adoption SIG. My understanding is that the Positioning SIG is more focused on higher-level recognition and recommendation by organizations, governments, and standards. Is that right?
If so, would it make sense to combine with the bullet above?
- Educate and evangelize SLSA across the open source community, global industry, and standards/regulatory bodies
Same goes for the Vision. There, maybe just remove "adoption and" from the sentence?
| Obtain industry wide adoption and recognition, for public/private sectors, of SLSA as the “lingua franca” for producing software and ensuring a secure software supply chain. | ||
|
|
||
| ## Values | ||
| Please see Code of Conduct for more information: https://github.com/slsa-framework/slsa/blob/main/code-of-conduct.md |
There was a problem hiding this comment.
nit: use a relative link: [Code of Conduct](8._Code_of_Conduct.md)
| - Improving security of our open source communities/industry | ||
|
|
||
| ## Operating Goals | ||
| In addition to the Collaboration/Workstream process documented in [SLSA SIGs document](https://docs.google.com/document/d/1L1gEJMBIvE0IbpFi23FOUByDYlItSYPPJmKdhvJQYsg/edit#heading=h.1hce59kd4nn0), the following are our short term/long term goals: |
There was a problem hiding this comment.
nit: can we make this charter stand-alone without linking to original proposal? It's not clear to me what, if anything, one is supposed to read in that doc related to this section.
Same below.
|
For anyone following, this moved to #16. |
original Issue: slsa-framework/slsa#453
Added 1.6. Special Interest Group Members to Governance.md
Added Reporting Violations section with associated contacts to Code_of_Conduct.md
Added 3 files for SIG charters as they stand today.
Added Special Interest Groups section to Readme
Updated Readme.md
Related issues, PRs, docs:
slsa-framework/slsa#384
https://github.com/slsa-framework/slsa-proposals/tree/main/0002
https://docs.google.com/document/d/1L1gEJMBIvE0IbpFi23FOUByDYlItSYPPJmKdhvJQYsg/edit#
@melba-lopez