Governance

Project governance and decision-making process

Project Governance

This document describes the governance model for my open source projects. The goal is to provide transparency about how decisions are made and how the community can participate.

Roles and Responsibilities

Project Owner

As the project owner and primary maintainer, I am responsible for:

  • Setting the overall direction and vision for the project
  • Reviewing and merging pull requests
  • Managing releases and versioning
  • Ensuring code quality and security standards
  • Responding to issues and community feedback
  • Making final decisions when consensus cannot be reached

Contributors

Contributors are community members who contribute to the project through:

  • Submitting bug reports and feature requests
  • Contributing code via pull requests
  • Improving documentation
  • Helping other users in discussions
  • Reviewing pull requests and providing feedback

All contributions are valued and appreciated.

Decision-Making Process

Day-to-Day Decisions

Routine decisions about bug fixes, minor features, and documentation updates are made by the project owner based on:

  • Alignment with project goals
  • Code quality and test coverage
  • Impact on existing functionality
  • Community feedback

Significant Changes

For significant changes such as breaking changes, major new features, or architectural decisions:

  1. Proposal - Open an issue describing the proposed change
  2. Discussion - Allow time for community feedback (typically 1-2 weeks)
  3. Decision - The project owner makes the final decision, considering all feedback
  4. Documentation - Significant decisions are documented in the repository

Conflict Resolution

If disagreements arise:

  1. Parties discuss the issue openly and respectfully
  2. Seek compromise and common ground
  3. If no consensus is reached, the project owner makes the final decision
  4. Decisions are documented with rationale

Contributing

See the Contributing Guidelines for detailed information on how to contribute to the project.

Code of Conduct

All participants in the project are expected to:

  • Be respectful and inclusive
  • Welcome newcomers and help them get started
  • Accept constructive criticism gracefully
  • Focus on what is best for the community
  • Show empathy towards other community members

Unacceptable behavior includes:

  • Harassment, discrimination, or personal attacks
  • Trolling or inflammatory comments
  • Publishing others’ private information
  • Other conduct that would be inappropriate in a professional setting

Communication Channels

  • GitHub Issues - For bug reports, feature requests, and discussions
  • Pull Requests - For code contributions and reviews
  • Discussions - For general questions and community conversations

Versioning and Releases

Projects follow Semantic Versioning:

  • MAJOR - Incompatible API changes
  • MINOR - New functionality in a backward-compatible manner
  • PATCH - Backward-compatible bug fixes

Release notes are provided with each release documenting changes.

Security

Security vulnerabilities should be reported privately via GitHub’s security advisory feature or by contacting the project owner directly. Please do not open public issues for security vulnerabilities.

Licensing

Each project specifies its license in the repository. Contributors agree that their contributions will be licensed under the same terms.

Changes to Governance

This governance document may be updated as the project evolves. Significant changes will be announced and community feedback will be considered.

Latest Posts

GCP Managed Kafka Authentication Handler
GCP Managed Kafka Authentication Handler

When working with Google Cloud Platform’s Managed Service for Apache Kafka, you’ll quickly discover that authentication can be surprisingly challenging, especially when using Apache Beam Dataflow pipelines. In this post, I’ll share a utility I created called gcp-kafka-auth-handler that bridges this gap.

Read more about GCP Managed Kafka Authentication Handler

Published: Dec 9, 2024

AWS KMS Key Replication
AWS KMS Key Replication

When architecting cloud-based solutions, one key principle I follow is to isolate resources within their respective regions and avoid sharing or replicating them across regions. This approach consistently provides a more secure and compliant framework for business continuity. Recently, AWS has introduced replication capabilities for various resources. In this post, I will delve into AWS Key Management Service (KMS) and assess whether adopting replication for KMS keys offers tangible benefits.

Read more about AWS KMS Key Replication

Published: Jun 13, 2024

AWS VPN Client
AWS VPN Client

Amazon Web Services (AWS) offers a VPN Client that is particularly advantageous for organizations seeking scalable and secure connectivity solutions compared to traditional VPN services like NordVPN. This distinction is largely due to the inherent flexibility and elasticity of cloud-based services provided by AWS, tailored to meet the dynamic requirements of modern businesses.

Read more about AWS VPN Client