Update Governance Docs (#233)

* Update Governance Docs

Add the Hyperledger Code of Conduct, a changelog, and some symbol and
whitespace changes to LICENCE and SECURITY.md.  This allows the repo
linter to pass.

Signed-off-by: Danno Ferrin <danno.ferrin@gmail.com>

* fix dead link

Signed-off-by: Danno Ferrin <danno.ferrin@gmail.com>

* minor edit

Signed-off-by: Madeline Murray <madeline.taylor@gmail.com>

* Removed trailing space

Signed-off-by: Madeline Murray <madeline.taylor@gmail.com>

* Updated formatting

Signed-off-by: Madeline Murray <madeline.taylor@gmail.com>

Co-authored-by: MadelineMurray <43356962+MadelineMurray@users.noreply.github.com>
Co-authored-by: Madeline Murray <madeline.taylor@gmail.com>
pull/315/head
Danno Ferrin 5 years ago committed by GitHub
parent c67cdaee93
commit 0895c8022b
No known key found for this signature in database
GPG Key ID: 4AEE18F83AFDEB23
  1. 2
      CHANGELOG.md
  2. 156
      CODE_OF_CONDUCT.md
  3. 4
      LICENSE
  4. 26
      SECURITY.md

@ -0,0 +1,2 @@
For changes see the Hyperledger Besu
[CHANGELOG.md](https://github.com/shemnon/besu/blob/master/CHANGELOG.md)

@ -0,0 +1,156 @@
# Hyperledger Code of Conduct
Hyperledger is a collaborative project at The Linux Foundation. It is an open-source and open
community project where participants choose to work together, and in that process experience
differences in language, location, nationality, and experience. In such a diverse environment,
misunderstandings and disagreements happen, which in most cases can be resolved informally. In rare
cases, however, behavior can intimidate, harass, or otherwise disrupt one or more people in the
community, which Hyperledger will not tolerate.
A **Code of Conduct** is useful to define accepted and acceptable behaviors and to promote high
standards of professional practice. It also provides a benchmark for self evaluation and acts as a
vehicle for better identity of the organization.
This code (**CoC**) applies to any member of the Hyperledger community – developers, participants in
meetings, teleconferences, mailing lists, conferences or functions, etc. Note that this code
complements rather than replaces legal rights and obligations pertaining to any particular
situation.
## Statement of Intent
Hyperledger is committed to maintain a **positive** [work environment](#work-environment). This
commitment calls for a workplace where [participants](#participant) at all levels behave according
to the rules of the following code. A foundational concept of this code is that we all share
responsibility for our work environment.
## Code
1. Treat each other with [respect](#respect), professionalism, fairness, and sensitivity to our many
differences and strengths, including in situations of high pressure and urgency.
1. Never [harass](#harassment) or [bully](#workplace-bullying) anyone verbally, physically or
[sexually](#sexual-harassment).
1. Never [discriminate](#discrimination) on the basis of personal characteristics or group
membership.
1. Communicate constructively and avoid [demeaning](#demeaning-behavior) or
[insulting](#insulting-behavior) behavior or language.
1. Seek, accept, and offer objective work criticism, and [acknowledge](#acknowledgement) properly
the contributions of others.
1. Be honest about your own qualifications, and about any circumstances that might lead to conflicts
of interest.
1. Respect the privacy of others and the confidentiality of data you access.
1. With respect to cultural differences, be conservative in what you do and liberal in what you
accept from others, but not to the point of accepting disrespectful, unprofessional or unfair or
[unwelcome behavior](#unwelcome-behavior) or [advances](#unwelcome-sexual-advance).
1. Promote the rules of this Code and take action (especially if you are in a
[leadership position](#leadership-position)) to bring the discussion back to a more civil level
whenever inappropriate behaviors are observed.
1. Stay on topic: Make sure that you are posting to the correct channel and avoid off-topic
discussions. Remember when you update an issue or respond to an email you are potentially
sending to a large number of people.
1. Step down considerately: Members of every project come and go, and the Hyperledger is no
different. When you leave or disengage from the project, in whole or in part, we ask that you do
so in a way that minimizes disruption to the project. This means you should tell people you are
leaving and take the proper steps to ensure that others can pick up where you left off.
## Glossary
### Demeaning Behavior
is acting in a way that reduces another person's dignity, sense of self-worth or respect within the
community.
### Discrimination
is the prejudicial treatment of an individual based on criteria such as: physical appearance, race,
ethnic origin, genetic differences, national or social origin, name, religion, gender, sexual
orientation, family or health situation, pregnancy, disability, age, education, wealth, domicile,
political view, morals, employment, or union activity.
### Insulting Behavior
is treating another person with scorn or disrespect.
### Acknowledgement
is a record of the origin(s) and author(s) of a contribution.
### Harassment
is any conduct, verbal or physical, that has the intent or effect of interfering with an individual,
or that creates an intimidating, hostile, or offensive environment.
### Leadership Position
includes group Chairs, project maintainers, staff members, and Board members.
### Participant
includes the following persons:
- Developers
- Member representatives
- Staff members
- Anyone from the Public partaking in the Hyperledger work environment (e.g. contribute code,
comment on our code or specs, email us, attend our conferences, functions, etc)
### Respect
is the genuine consideration you have for someone (if only because of their status as participant in
Hyperledger, like yourself), and that you show by treating them in a polite and kind way.
### Sexual Harassment
includes visual displays of degrading sexual images, sexually suggestive conduct, offensive remarks
of a sexual nature, requests for sexual favors, unwelcome physical contact, and sexual assault.
### Unwelcome Behavior
Hard to define? Some questions to ask yourself are:
- how would I feel if I were in the position of the recipient?
- would my spouse, parent, child, sibling or friend like to be treated this way?
- would I like an account of my behavior published in the organization's newsletter?
- could my behavior offend or hurt other members of the work group?
- could someone misinterpret my behavior as intentionally harmful or harassing?
- would I treat my boss or a person I admire at work like that ?
- Summary: if you are unsure whether something might be welcome or unwelcome, don't do it.
### Unwelcome Sexual Advance
includes requests for sexual favors, and other verbal or physical conduct of a sexual nature, where:
- submission to such conduct is made either explicitly or implicitly a term or condition of an
individual's employment,
- submission to or rejection of such conduct by an individual is used as a basis for employment
decisions affecting the individual,
- such conduct has the purpose or effect of unreasonably interfering with an individual's work
performance or creating an intimidating hostile or offensive working environment.
### Workplace Bullying
is a tendency of individuals or groups to use persistent aggressive or unreasonable behavior (e.g.
verbal or written abuse, offensive conduct or any interference which undermines or impedes work)
against a co-worker or any professional relations.
### Work Environment
is the set of all available means of collaboration, including, but not limited to messages to
mailing lists, private correspondence, Web pages, chat channels, phone and video teleconferences,
and any kind of face-to-face meetings or discussions.
## Incident Procedure
To report incidents or to appeal reports of incidents, send email to Mike Dolan
(mdolan@linuxfoundation.org) or Angela Brown (angela@linuxfoundation.org). Please include any
available relevant information, including links to any publicly accessible material relating to the
matter. Every effort will be taken to ensure a safe and collegial environment in which to
collaborate on matters relating to the Project. In order to protect the community, the Project
reserves the right to take appropriate action, potentially including the removal of an individual
from any and all participation in the project. The Project will work towards an equitable resolution
in the event of a misunderstanding.
## Credits
This code is based on the
[W3C’s Code of Ethics and Professional Conduct](https://www.w3.org/Consortium/cepc) with some
additions from the [Cloud Foundry](https://www.cloudfoundry.org/)‘s Code of Conduct.

@ -178,7 +178,7 @@
APPENDIX: How to apply the Apache License to your work.
To apply the Apache License to your work, attach the following
boilerplate notice, with the fields enclosed by brackets "[]"
boilerplate notice, with the fields enclosed by brackets "{}"
replaced with your own identifying information. (Don't include
the brackets!) The text should be enclosed in the appropriate
comment syntax for the file format. We also recommend that a
@ -186,7 +186,7 @@
same "printed page" as the copyright notice for easier
identification within third-party archives.
Copyright [yyyy] [name of copyright owner]
Copyright {yyyy} {name of copyright owner}
Licensed under the Apache License, Version 2.0 (the "License");
you may not use this file except in compliance with the License.

@ -1,20 +1,20 @@
# Hyperledger security policy
# Hyperledger Security Policy
## Reporting a security bug
## Reporting a Security Bug
If you think you have discovered a security issue in any of the Hyperledger projects, we want to
hear from you. We take all security bugs seriously and if confirmed upon investigation, we will
If you think you have discovered a security issue in any of the Hyperledger projects, we'd love to
hear from you. We will take all security bugs seriously and if confirmed upon investigation we will
patch it within a reasonable amount of time and release a public security bulletin discussing the
impact and credit the discoverer.
To report a security bug:
You can report a security bug in two ways. The easiest is to email a description of the flaw and
any related information (e.g. reproduction steps, version) to
[security at hyperledger dot org](mailto:security@hyperledger.org).
* Email a description of the flaw and any related information (for example, reproduction steps,
version, and so on) to [security at hyperledger dot org](mailto:security@hyperledger.org). This
is the easiest way to report a security bug.
* File a confidential security bug in our [JIRA bug tracking system](https://jira.hyperledger.org).
Be sure to set the **Security Level** to “Security issue”.
The other way is to file a confidential security bug in our
[JIRA bug tracking system](https://jira.hyperledger.org). Be sure to set the “Security Level” to
“Security issue”.
For more information about the process by which the Hyperledger Security Team handles security bugs,
see the
[Hyperledger defect response wiki page](https://wiki.hyperledger.org/display/SEC/Defect+Response).
The process by which the Hyperledger Security Team handles security bugs is documented further in
our [Defect Response page](https://wiki.hyperledger.org/display/SEC/Defect+Response) on our
[wiki](https://wiki.hyperledger.org).
Loading…
Cancel
Save