Skip to content

Latest commit

 

History

History
74 lines (51 loc) · 2.85 KB

opensource_checklist.md

File metadata and controls

74 lines (51 loc) · 2.85 KB
layout title foo ok fail emdash rdab ldab
page
Open Source Checklist
bar
<span style="color:green;font-size:150%">&#x2713;</span>
<span style="color:darkred;font-size:150%">&#x2717;</span>
&#x2014;
<span style="color:#eaeaea">&#x300b;</span>

{{page.ok}} Prior to releasing an existing project to GitHub.com, walk through these items and ensure they are addressed.

  • Has PII been identified and removed?

    • Use Clouseau for scanning source code.
      • For an Open Source Release, attach the Clouseau output.
    • If there are images, visually inspect each image to ensure there is no CFPB-specific information.

  • Have security vulnerabilities been identified and remediated?

  • Are we including any other open source products? If so, is there any conflict with our public domain release?

  • Is our TERMS.md included?

  • Are instructions for contributing included (CONTRIBUTING.md)?

  • Are installation instructions clearly written in the README and tested on a clean machine?

  • Are all dependencies described in the README, requirements.txt, and/or buildout.cfg?

  • Are the API docs generated?

  • Are there unit tests?

  • If appplicable and possible, is it set up in TravisCI?

  • Have multiple people reviewed the code?

  • Is there a screenshot in the README, if applicable?

Copy this version to paste into a GitHub issue with live checkboxes:

{% highlight text %}

  • Has PII been removed?
    • Use Clouseau for scanning source code.
    • If there are images, visually inspect each image to ensure there is no CFPB-specific information.
  • Have security vulnerabilities been remediated?
  • Are we including any other open source products? If so, is there any conflict with our public domain release?
  • Is our TERMS.md included?
  • Are instructions for contributing included (CONTRIBUTING.md)?
  • Are installation instructions clearly written in the README and tested on a clean machine?
  • Are all dependencies described in the README, requirements.txt, and/or buildout.cfg?
  • Are the API docs generated?
  • Are there unit tests?
  • If applicable and possible, is it set up in TravisCI?
  • Have multiple people reviewed the code?
  • Is there a screenshot in the README, if applicable?

{% endhighlight %}

Take a look at the following projects as good models to follow: