Cwikius-Spring
/
spring-security
mirror of https://github.com/spring-projects/spring-security.git
1
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity
spring-security/doc/xdocs/policies.html

132 lines
9.8 KiB
HTML
Raw Blame History

<!--
* ========================================================================
*
* Copyright 2005 Acegi Technology Pty Limited
*
* Licensed under the Apache License, Version 2.0 (the "License");
* you may not use this file except in compliance with the License.
* You may obtain a copy of the License at
*
* http://www.apache.org/licenses/LICENSE-2.0
*
* Unless required by applicable law or agreed to in writing, software
* distributed under the License is distributed on an "AS IS" BASIS,
* WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
* See the License for the specific language governing permissions and
* limitations under the License.
*
* ========================================================================
-->
<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head>
<title>Project Policies and Procedures</title>
<meta http-equiv="Content-Type" content="text/html; charset=iso-8859-1" />
</head>
<body>
<h1>Project Policies and Procedures Version 1.0</h1>
<p>The following policies and procedures are intended to ensure that Acegi Security will
continue to achieve its project objectives and support the community in the context of an
expanding development team.
<p>
The following was unanimously supported by the community supporting following
<a href="http://www.mail-archive.com/acegisecurity-developer%40lists.sourceforge.net/msg01174.html">discussion</a>
on acegisecurity-developer. The policies and procedures below represent version 1.0
and are effective 1 August 2005.
<ul type="1">
<li>
This project uses <a href="http://opensource.atlassian.com/projects/spring/secure/BrowseProject.jspa?id=10040">JIRA</a>. Please log a task in JIRA for any changes you make to CVS, with the exception of very minor changes that users are unlikely to ever be interested in searching for and/or the change affects code that has never been in an officially released version of the project (eg ongoing changes to a new feature in CVS HEAD that hasn't been released previously).<br><br>
</li>
<li>
Any users running from CVS HEAD are warmly encouraged to <a href="http://lists.sourceforge.net/mailman/listinfo/acegisecurity-cvs">join acegisecurity-cvs</a> so that they can keep an eye on commit comments. Developers are encouraged to join acegisecurity-cvs and read the commit comments. If anyone has a concern with any commit, please raise it on <a href="http://lists.sourceforge.net/mailman/listinfo/acegisecurity-developer">acegisecurity-developer</a> so that the broader community can participate (not acegisecurity-cvs). Alternatively, contact the author of the change directly if you think that would be more appropriate or diplomatic.<br><br>
</li>
<li>
Please make your commit comments informative, yet not too detailed. Detailed comments are ideally placed in the JIRA task. In the case of a contribution by a non-developer, please use the CVS commits to reflect who provided the contribution and add that person's name to /project.xml in the contributors section. If the contributors section does not list the name of someone who has contributed accepted code, please add them or let me know so that I can do so.<br><br>
</li>
<li>
If you add a major new feature, please announce it on acegisecurity-developer. That way people using the project have an idea of what is coming up in the next release, and any implementation-specific comments can be received prior to the first release when users will start expecting some degree of consistency and stability. It also encourages people to try out your new feature.<br><br>
</li>
<li>
Please make sure /docs/xdocs/changes.xml has a reference to JIRA for the upcoming release version. You don't need to add the name of contributors to /doc/xdocs/changes.xml, as acknowledgement is already provided via /project.xml, source code @author tags, the CVS commit message, and typically a JIRA task.<br><br>
</li>
<li>
Please edit /docs/xdocs/upgrade/upgrade-xx-yy.html if you make a change that is significant and you think users who are upgrading should be aware of it. Equally, users are encouraged to consult the upgrade-xx-yy.html file before they deploy subsequent official release JARs.<br><br>
</li>
<li>
Please use Jalopy with the /jalopy.xml file to format your Java code before checkin. This keeps our code consistent and ensures the license message is correct. There are plugins for all major IDEs.<br><br>
</li>
<li>
The /sandbox can be used to obtain feedback from fellow developers and the community about your code, general approach or new ideas. If you have CVS rights, please use /sandbox instead of emailing ZIP files to other developers for feedback. The community should understand that code in the sandbox is unsupported, subject to refactoring, may not have any unit tests, and may be removed at any time. The /sandbox will never be included in official release ZIPs. It's a "scratching pad" only.<br><br>
</li>
<li>
Unit tests are important to any security project, and we have a good history of high coverage. You can view the <a href="http://acegisecurity.sourceforge.net/multiproject/acegi-security/clover/index.html">latest coverage report</a> online (rebuilt every 24 hours). Please keep an eye on coverage and don't hesitate to add more unit tests. Please do not check code into /core unless it has at least an exercising unit test - use the /sandbox instead.<br><br>
</li>
<li>
Never check in code if the unit tests fail. This means, at minimum, successfully running "maven test:test" from /core. Always name your unit test classes so they end in "*Tests" - this ensures that Maven picks them up. If there is code in CVS which you didn't write and it is breaking the unit tests, please correct it yourself - don't leave CVS "broken" whilst waiting for the responsible developer to address it (the delay causes confusing and long-running threads on the list and forum). You can always rollback to the previous working version if in doubt of how the class works (just remember to comment the commit appropriately and let the author know).<br><br>
</li>
<li>
Please update the reference guide and JavaDocs for any new major features. The JavaDocs should always be correct. The reference guide may be kept updated with less rigor, although please briefly discuss any major new features. <a href="http://www.xmlmind.com/xmleditor/">XMLmind</a> can be used if you don't have a DocBook editor.<br><br>
</li>
<li>
Developers please keep an eye on the <a href="http://forum.springframework.org">Acegi Security forum</a>. It's a very active forum, and it takes a lot of work if not shared around. Please don't hesitate to reply to users - I try to read every thread and correct/confirm the situation if someone mentions they're unsure. I also will generally send developers an email if there's a question I can't answer as I didn't write the code.<br><br>
</li>
<li>
In the future, I will put to vote any proposed new developers. New developers will be firstly encouraged to attach patches to JIRA tasks to illustrate their understanding of the project, or, if they're long-time users, they might be given access without this JIRA stage if they're undertaking a major new feature.<br><br>
</li>
<li>
Developers should be subscribed to acegisecurity-developer. Obviously it would take significant time to read every thread, but reading the high priority messages (as indicated by the subject line) is needed to ensure we all have a way of communicating.<br><br>
</li>
<li>
Please do not hesitate to assign yourself any JIRA task that is unassigned, or assigned to me and not in the "In Progress" status. Also feel free to approach fellow developers to volunteer to work on tasks they might be assigned but haven't started.<br><br>
</li>
<li>
No code in CVS is "sacred". If you have a good idea or refactoring for an area of code that someone else wrote, raise it on acegisecurity-developer or contact the author directly. Please don't commit changes to such code unless it is a unit test failure correction, or you've firstly raised it on the acegisecurity-developer list or directly with the author.<br><br>
</li>
<li>
People's priorities are ever-changing, and we're all short on time. For this reason it's perfectly understandable that over time developers will move on to other things. This is not a negative reflection in any way - just part of any long-term project. If a developer no longer has the time or inclination to participate in the project , please send an email to acegisecurity-developer or myself. I will remove the CVS rights and reassign any JIRA tasks. Importantly, this helps find a new maintainer of the former developer's code (or, in very extreme cases, their code might be relocated to the sandbox or removed).<br><br>
</li>
<li>
Use CDATA inside XML files for multi-line properties. There is no tab/space policy for XML files, although try to maintain whatever the file is already using. The tab/space policy for Java files is managed by Jalopy.<br><br>
</li>
<li>
Keep the warm community spirit. The Spring community is a nice place to be - especially compared with some of the other open source communities out there where people are abused, ignored, insulted or excluded. No policy or procedure (including those above) should ever compromise operating in a considerate and diplomatic manner that respects the dignity of each individual member of the community. If in doubt, please contact me directly first. If I am ever guilty of this, please let me know and I will correct myself.<br><br>
</li>
</ul>
<p>Thanks for your help in connection with the above. If you have any suggestions for improving these
policies and procedures, please use the acegisecurity-developer list to raise them.
<p>
Ben Alex<br>
Project Admin
<p>
$Id$
</body>
</html>
Reference in New Issue View Git Blame Copy Permalink