From ab56c9f97c6fb20c3262fe7376f7f8a452231282 Mon Sep 17 00:00:00 2001 From: David Waltermire Date: Thu, 30 Nov 2023 00:56:35 -0500 Subject: [PATCH 1/2] updated issue templates using GitHub forms and core repo documentation. --- .github/ISSUE_TEMPLATE/1-feedback.md | 51 ------------ .github/ISSUE_TEMPLATE/1-feedback.yaml | 63 ++++++++++++++ .github/ISSUE_TEMPLATE/2-bug-report.md | 46 ----------- .github/ISSUE_TEMPLATE/2-bug-report.yaml | 65 +++++++++++++++ .github/ISSUE_TEMPLATE/3-action-item.md | 57 ------------- .github/ISSUE_TEMPLATE/3-action-item.yaml | 82 +++++++++++++++++++ .../ISSUE_TEMPLATE/4-schematron-rule-issue.md | 38 --------- .../5-validation-tooling-issue.md | 35 -------- .github/PULL_REQUEST_TEMPLATE.md | 15 ++++ CODE_OF_CONDUCT.md | 46 +++++++++++ CONTRIBUTING.md | 42 ++++++++++ LICENSE.md | 1 - 12 files changed, 313 insertions(+), 228 deletions(-) delete mode 100644 .github/ISSUE_TEMPLATE/1-feedback.md create mode 100644 .github/ISSUE_TEMPLATE/1-feedback.yaml delete mode 100644 .github/ISSUE_TEMPLATE/2-bug-report.md create mode 100644 .github/ISSUE_TEMPLATE/2-bug-report.yaml delete mode 100644 .github/ISSUE_TEMPLATE/3-action-item.md create mode 100644 .github/ISSUE_TEMPLATE/3-action-item.yaml delete mode 100644 .github/ISSUE_TEMPLATE/4-schematron-rule-issue.md delete mode 100644 .github/ISSUE_TEMPLATE/5-validation-tooling-issue.md create mode 100644 .github/PULL_REQUEST_TEMPLATE.md create mode 100644 CODE_OF_CONDUCT.md create mode 100644 CONTRIBUTING.md diff --git a/.github/ISSUE_TEMPLATE/1-feedback.md b/.github/ISSUE_TEMPLATE/1-feedback.md deleted file mode 100644 index 8dcad8274..000000000 --- a/.github/ISSUE_TEMPLATE/1-feedback.md +++ /dev/null @@ -1,51 +0,0 @@ ---- -name: OSCAL-based FedRAMP Resources Feedback -about: Provide feedback, ask a question, or request an enhancement related to any - of the OSCAL-based FedRAMP resources published for public comment -title: '' -labels: '' -assignees: volpet2014 - ---- - -* **This is a ...** - - [ ] **concern** - I think something needs to be different. - - [ ] **question** - I didn't understand something. - - [ ] **kudos** - I found something helpful and want to encourage it in future FedRAMP publications. - - [ ] **request** - I would like to see something additional provided. - -* **This relates to ...** - - [ ] the **FedRAMP OSCAL Registry** (Excel File) - - [ ] the **Guide to OSCAL-based FedRAMP Content** (PDF) - - [ ] the **Guide to OSCAL-based FedRAMP System Security Plans (SSP)** (PDF) - - [ ] the **Guide to OSCAL-based FedRAMP Security Assessment Plans (SAP)** (PDF) - - [ ] the **Guide to OSCAL-based FedRAMP Security Assessment Results (SAR)** (PDF) - - [ ] the **Guide to OSCAL-based FedRAMP Plan of Action and Milestones (POA&M)** (PDF) - - [ ] the **FedRAMP SSP OSCAL Template** (JSON or XML Format) - - [ ] the **FedRAMP SAP OSCAL Template** (JSON or XML Format) - - [ ] the **FedRAMP SAR OSCAL Template** (JSON or XML Format) - - [ ] the **FedRAMP POA&M OSCAL Template** (JSON or XML Format) - - [ ] **General/Overall** - - [ ] **Other** - -NOTE: For feedback related to the OSCAL syntax itself, please create or add to an [issue in the NIST OSCAL Repository](https://github.com/usnistgov/OSCAL/issues). - -* **Where, exactly?** - - For the registry, please indicate the tab and cell, or other clear identifier - - For the guide, please indicate the section number and printed page number (lower right corner) - - For the OSCAL XML or JSON files, please indicate XML or JSON; and indicate the line number, field id, or other clear location identifier - - - -* **What is your feedback?** - -* **Is this report specifically related to [the Word or Excel files from fedramp.gov?](fedramp.gov/documents-templates/)** If so, please do not open an issue here. Follow the guidance in [this repository's README](https://github.com/GSA/fedramp-automation#support-and-oscal-deprecation-strategy) and contact [info@fedramp..gov](mailto:info@fedramp.gov). - -* **What version of OSCAL are you using? (Check our info on [supported OSCAL versions](https://github.com/GSA/fedramp-automation/blob/master/README.md#support-and-oscal-deprecation-strategy))** - - -* **What action would you like to see from the FedRAMP PMO?** - - - -* **Other information** (e.g. detailed explanation, related issues, suggestions how to fix, links for us to have context, eg. slack, gitter, etc) diff --git a/.github/ISSUE_TEMPLATE/1-feedback.yaml b/.github/ISSUE_TEMPLATE/1-feedback.yaml new file mode 100644 index 000000000..0e0fe8ff4 --- /dev/null +++ b/.github/ISSUE_TEMPLATE/1-feedback.yaml @@ -0,0 +1,63 @@ +name: Feedback on FedRAMP OSCAL Resources +description: Provide feedback, ask a question, or request an enhancement related to any of the OSCAL-based FedRAMP resources. +title: "[Feedback]: " +labels: ["feedback"] +body: + - type: markdown + attributes: + value: | + Is this report specifically related to [the Word or Excel files from fedramp.gov](fedramp.gov/documents-templates/)? If so, please do not open an issue here. Follow the guidance in [this repository's README](https://github.com/GSA/fedramp-automation#support-and-oscal-deprecation-strategy) and contact [info@fedramp.gov](mailto:info@fedramp.gov). + - type: markdown + attributes: + value: | + NOTE: For feedback related to the OSCAL syntax itself, please create or add to an [issue in the NIST OSCAL Repository](https://github.com/usnistgov/OSCAL/issues). + - type: dropdown + attributes: + label: This is a ... + options: + - request - need something additional provided + - concern - something needs to be different + - question - need to understand something + - kudos - want to encourage something helpful + validations: + required: true + - type: checkboxes + attributes: + label: This relates to ... + description: Select all things this feedback relates to. + options: + - label: the **FedRAMP OSCAL Registry** + - label: the **Guide to OSCAL-based FedRAMP Content** + - label: the **Guide to OSCAL-based FedRAMP System Security Plans (SSP)** + - label: the **Guide to OSCAL-based FedRAMP Security Assessment Plans (SAP)** + - label: the **Guide to OSCAL-based FedRAMP Security Assessment Results (SAR)** + - label: the **Guide to OSCAL-based FedRAMP Plan of Action and Milestones (POA&M)** + - label: the **FedRAMP SSP OSCAL Template** (JSON or XML Format) + - label: the **FedRAMP SAP OSCAL Template** (JSON or XML Format) + - label: the **FedRAMP SAR OSCAL Template** (JSON or XML Format) + - label: the **FedRAMP POA&M OSCAL Template** (JSON or XML Format) + - label: the **FedRAMP OSCAL Validations** + - type: textarea + attributes: + label: What is your feedback? + description: What action would you like to see from the FedRAMP PMO? Please provide sufficient detail to make your feedback actionable. + placeholder: | + Provide your feedback here. + validations: + required: true + - type: textarea + attributes: + label: Where, exactly? + description: Provide some context about what this feedback relates to. + placeholder: | + - For the registry, please indicate the tab and cell, or other clear identifier + - For the guide, please indicate the section number and printed page number (lower right corner) + - For the OSCAL XML or JSON files, please indicate XML or JSON; and indicate the line number, field id, or other clear location identifier + validations: + required: true + - type: textarea + attributes: + label: Other information + description: Provide any other relevant information. + placeholder: | + detailed explanation, suggestions how to fix, reference to related issues, links providing context, etc. diff --git a/.github/ISSUE_TEMPLATE/2-bug-report.md b/.github/ISSUE_TEMPLATE/2-bug-report.md deleted file mode 100644 index ddceeb6d0..000000000 --- a/.github/ISSUE_TEMPLATE/2-bug-report.md +++ /dev/null @@ -1,46 +0,0 @@ ---- -name: Bug report -about: Create a report to help us improve -title: '' -labels: bug -assignees: volpet2014 - ---- - -# Describe the bug - -{A clear and concise description of what the bug is.} - -# Who is the bug affecting? - -# Is this report specifically related to [the Word or Excel files from fedramp.gov?](fedramp.gov/documents-templates/) - -If so, please do not open an issue here. Follow the guidance in [this repository's README](https://github.com/GSA/fedramp-automation#support-and-oscal-deprecation-strategy) and contact [info@fedramp..gov](mailto:info@fedramp.gov). - -# What version of OSCAL are you using? (Check our info on [supported OSCAL versions](https://github.com/GSA/fedramp-automation/blob/master/README.md#support-and-oscal-deprecation-strategy)) - -# What is affected by this bug? - -{Describe the impact the bug is having.} - -# When does this occur? - -{Describe the conditions under which the bug is occurring.} - -# How do we replicate the issue? - -{What are the steps to reproduce the behavior?} - -1. Do this... -1. Then this... -1. See error - -{If applicable, add screenshots to help explain your problem.} - -# Expected behavior (i.e. solution) - -{A clear and concise description of what you expected to happen.} - -# Other Comments - -{Add any other context about the problem here.} diff --git a/.github/ISSUE_TEMPLATE/2-bug-report.yaml b/.github/ISSUE_TEMPLATE/2-bug-report.yaml new file mode 100644 index 000000000..aeec5b03d --- /dev/null +++ b/.github/ISSUE_TEMPLATE/2-bug-report.yaml @@ -0,0 +1,65 @@ +name: Bug report +description: Submit a bug report to help us improve +labels: ["bug"] +body: + - type: markdown + attributes: + value: | + Is this report specifically related to [the Word or Excel files from fedramp.gov](fedramp.gov/documents-templates/)? If so, please do not open an issue here. Follow the guidance in [this repository's README](https://github.com/GSA/fedramp-automation#support-and-oscal-deprecation-strategy) and contact [info@fedramp.gov](mailto:info@fedramp.gov). + - type: markdown + attributes: + value: | + NOTE: For feedback related to the OSCAL syntax itself, please create or add to an [issue in the NIST OSCAL Repository](https://github.com/usnistgov/OSCAL/issues). + - type: markdown + attributes: + value: | + Thanks for taking the time to fill out this bug report! + - type: checkboxes + attributes: + label: This relates to ... + description: Select all things this feedback relates to. + options: + - label: the **FedRAMP OSCAL Registry** + - label: the **Guide to OSCAL-based FedRAMP Content** + - label: the **Guide to OSCAL-based FedRAMP System Security Plans (SSP)** + - label: the **Guide to OSCAL-based FedRAMP Security Assessment Plans (SAP)** + - label: the **Guide to OSCAL-based FedRAMP Security Assessment Results (SAR)** + - label: the **Guide to OSCAL-based FedRAMP Plan of Action and Milestones (POA&M)** + - label: the **FedRAMP SSP OSCAL Template** (JSON or XML Format) + - label: the **FedRAMP SAP OSCAL Template** (JSON or XML Format) + - label: the **FedRAMP SAR OSCAL Template** (JSON or XML Format) + - label: the **FedRAMP POA&M OSCAL Template** (JSON or XML Format) + - label: the **FedRAMP OSCAL Validations** + - type: textarea + id: what-happened + attributes: + label: What happened? + description: Also tell us, what did you expect to happen? + placeholder: Tell us what you see! + value: "A bug happened!" + validations: + required: true + - type: textarea + id: logs + attributes: + label: Relevant log output + description: Please copy and paste any relevant log output. This will be automatically formatted into code, so no need for backticks. + render: Shell + - type: textarea + id: howto-replicate + attributes: + label: How do we replicate this issue? + description: What are the steps to reproduce this behavior (use screenshots if applicable)? + placeholder: | + 1. Do this... + 2. Then this... + 3. See error... + validations: + required: true + - type: textarea + id: other + attributes: + label: Other relevant details + description: Anything else we should know? + placeholder: | + detailed explanation, suggestions how to fix, reference to related issues, links providing context, etc. \ No newline at end of file diff --git a/.github/ISSUE_TEMPLATE/3-action-item.md b/.github/ISSUE_TEMPLATE/3-action-item.md deleted file mode 100644 index 65d4aa0cc..000000000 --- a/.github/ISSUE_TEMPLATE/3-action-item.md +++ /dev/null @@ -1,57 +0,0 @@ ---- -name: PMO Action Item (FedRAMP PMO Use Only) -about: Capture an action item intended for follow-up by the FedRAMP PMO. -title: '' -labels: '' -assignees: volpet2014 - ---- - -# Action Item - -**This is a ...** - - [ ] **fix** - Something needs to be different. - - [ ] **enhancement** - Something could be better. - - [ ] **investigation** - Something needs to be investigated further. - -**This relates to ...** - - [ ] the **FedRAMP OSCAL Registry** (Excel File) - - [ ] the **Guide to OSCAL-based FedRAMP Content** (PDF) - - [ ] the **Guide to OSCAL-based FedRAMP System Security Plans (SSP)** (PDF) - - [ ] the **Guide to OSCAL-based FedRAMP Security Assessment Plans (SAP)** (PDF) - - [ ] the **Guide to OSCAL-based FedRAMP Security Assessment Results (SAR)** (PDF) - - [ ] the **Guide to OSCAL-based FedRAMP Plan of Action and Milestones (POA&M)** (PDF) - - [ ] the **FedRAMP SSP OSCAL Template** (JSON or XML Format) - - [ ] the **FedRAMP SAP OSCAL Template** (JSON or XML Format) - - [ ] the **FedRAMP SAR OSCAL Template** (JSON or XML Format) - - [ ] the **FedRAMP POA&M OSCAL Template** (JSON or XML Format) - - [ ] **General/Overall** - - [ ] **Other** - -NOTE: For issues related to the OSCAL syntax itself, please create or add to an [issue in the NIST OSCAL Repository](https://github.com/usnistgov/OSCAL/issues). - - -## Describe the problem or enhancement - -{A clear and concise description of the problem or enhancement.} - - -## Goals: - -{A clear and concise description of what you want to happen. This should be outcome focused. Include concise description of any alternative solutions or features you've considered. Feel free to include screenshots or examples about the feature request here.} - -## Dependencies: - -{Describe any previous issues or related work that must be completed to start or complete this issue.} - -## Acceptance Criteria - -- [ ] All [FedRAMP Documents Related to OSCAL Adoption](https://github.com/GSA/fedramp-automation) affected by the changes in this issue have been updated. -- [ ] A Pull Request (PR) is submitted that fully addresses the goals of this User Story. This issue is referenced in the PR. - -{The items above are general acceptance criteria for all User Stories. Please describe anything else that must be completed for this issue to be considered resolved.} - - -## Other Comments - -{Add any other context about the problem here.} diff --git a/.github/ISSUE_TEMPLATE/3-action-item.yaml b/.github/ISSUE_TEMPLATE/3-action-item.yaml new file mode 100644 index 000000000..21dbf3c01 --- /dev/null +++ b/.github/ISSUE_TEMPLATE/3-action-item.yaml @@ -0,0 +1,82 @@ +name: Request an Action +description: Request something be done +labels: ["enhancement"] +body: + - type: markdown + attributes: + value: | + Is this report specifically related to [the Word or Excel files from fedramp.gov](fedramp.gov/documents-templates/)? If so, please do not open an issue here. Follow the guidance in [this repository's README](https://github.com/GSA/fedramp-automation#support-and-oscal-deprecation-strategy) and contact [info@fedramp.gov](mailto:info@fedramp.gov). + - type: markdown + attributes: + value: | + NOTE: For feedback related to the OSCAL syntax itself, please create or add to an [issue in the NIST OSCAL Repository](https://github.com/usnistgov/OSCAL/issues). + - type: dropdown + attributes: + label: This is a ... + options: + - fix - something needs to be different + - improvement - something could be better + - research - something needs to be investigated + validations: + required: true + - type: checkboxes + attributes: + label: This relates to ... + description: Select all things this feedback relates to. + options: + - label: the **FedRAMP OSCAL Registry** + - label: the **Guide to OSCAL-based FedRAMP Content** + - label: the **Guide to OSCAL-based FedRAMP System Security Plans (SSP)** + - label: the **Guide to OSCAL-based FedRAMP Security Assessment Plans (SAP)** + - label: the **Guide to OSCAL-based FedRAMP Security Assessment Results (SAR)** + - label: the **Guide to OSCAL-based FedRAMP Plan of Action and Milestones (POA&M)** + - label: the **FedRAMP SSP OSCAL Template** (JSON or XML Format) + - label: the **FedRAMP SAP OSCAL Template** (JSON or XML Format) + - label: the **FedRAMP SAR OSCAL Template** (JSON or XML Format) + - label: the **FedRAMP POA&M OSCAL Template** (JSON or XML Format) + - type: textarea + id: user-story + attributes: + label: User Story + description: Describe why the new feature is needed. + placeholder: | + As a FedRAMP {*stakeholder*}, I *provide a clear and concise description of what the problem is.* Ex. I need to be able to do + validations: + required: true + - type: textarea + id: goals + attributes: + label: Goals + description: Describe what needs to be accomplished to address the User Story. + placeholder: | + A clear and concise description of what you want to happen. This should be outcome focused. Include concise description of any alternative solutions or features you've considered. Feel free to include screenshots or examples about the feature request here. + validations: + required: true + - type: textarea + id: dependencies + attributes: + label: Dependencies + description: Describe any previous issues or related work that must be completed to start or complete this issue. + placeholder: | + Link to any previous issues or related work. + validations: + required: false + - type: textarea + id: acceptance-criteria + attributes: + label: Acceptance Criteria + description: Describe the artifacts and additional work that must be completed to resolve this issue. + placeholder: | + The items below are general acceptance criteria for all User Stories. Please describe anything else that must be completed for this issue to be considered resolved. + value: | + - All FedRAMP Documents Related to OSCAL Adoption (https://github.com/GSA/fedramp-automation) affected by the changes in this issue have been updated. + - A Pull Request (PR) is submitted that fully addresses the goals of this User Story. This issue is referenced in the PR. + validations: + required: false + - type: textarea + attributes: + label: Other information + description: Provide any other relevant information. + placeholder: | + detailed explanation, suggestions how to fix, reference to related issues, links providing context, etc. + diff --git a/.github/ISSUE_TEMPLATE/4-schematron-rule-issue.md b/.github/ISSUE_TEMPLATE/4-schematron-rule-issue.md deleted file mode 100644 index 610efe811..000000000 --- a/.github/ISSUE_TEMPLATE/4-schematron-rule-issue.md +++ /dev/null @@ -1,38 +0,0 @@ ---- -name: Schematron validation rule -about: Validation-related issues -title: '' -labels: '' -assignees: '' - ---- - -**Extended Description** -- As a …, in order to …, I want … - -**Preconditions** -- Preconditions… - -**Acceptance Criteria** -- [ ] All Schematron assertion messages are declarative statements which affirm the positive test outcome. -- [ ] All Schematron assertion diagnostic messages are declarative statements which explain the negative test outcome. -- [ ] The Schematron code has no assertion failures when validated using `src/validations/styleguides/sch.sch` using the `basic` phase. -- [ ] XSpec unit tests for positive and negative Schematron assertion outcomes accompany all Schematron assertions (where feasible). -- More acceptance criteria… - -**Story Tasks** -- [ ] Tasks… - -**Definition of Done** - - [ ] Acceptance criteria met - - [ ] Unit test coverage of our code > 95% - - [ ] Automated code quality checks passed - - [ ] Security reviewed and reported - - [ ] Reviewed against plain language guidelines - - [ ] Code must be self-documenting - - [ ] No local tech debt - - [ ] Load/performance tests passed – needs to be created/automated - - [ ] Documentation updated - - [ ] Architectural Decision Record completed as necessary for significant design choices - - [ ] PR reviewed & approved - - [ ] Source code merged diff --git a/.github/ISSUE_TEMPLATE/5-validation-tooling-issue.md b/.github/ISSUE_TEMPLATE/5-validation-tooling-issue.md deleted file mode 100644 index ef522832c..000000000 --- a/.github/ISSUE_TEMPLATE/5-validation-tooling-issue.md +++ /dev/null @@ -1,35 +0,0 @@ ---- -name: Validation tooling -about: Validation tooling-related issues (node.js project, build system) -title: '' -labels: '' -assignees: '' - ---- - -**Extended Description** -- As a ... , in order to ... , I want ... - -**Preconditions** -- Preconditions... - -**Acceptance Criteria** -- Acceptance criteria... - -**Story Tasks** -- [ ] Tasks... - -**Definition of Done** - - [ ] Acceptance criteria met - - [ ] Unit test coverage of our code > 90% - needs automation story - - [ ] Accessibility tests pass - needs automation story - - [ ] Automated code quality checks pass - - [ ] Security reviewed and reported - check in with Wes on what we could do here - - [ ] Reviewed against plain language guidelines - - [ ] Design QA passed - - [ ] Code must be self-documenting - - [ ] No local tech debt - - [ ] Documentation updated - - [ ] Architectural Decision Record completed as necessary for significant design choices - - [ ] PR reviewed & approved - - [ ] Source code merged diff --git a/.github/PULL_REQUEST_TEMPLATE.md b/.github/PULL_REQUEST_TEMPLATE.md new file mode 100644 index 000000000..265f269d9 --- /dev/null +++ b/.github/PULL_REQUEST_TEMPLATE.md @@ -0,0 +1,15 @@ +# Committer Notes + +{Please provide a description of what this PR accomplishes. Be sure to reference any issues addressed. If the PR is a work-in-progress submitted for early review, please submit the PR as a draft PR using the "Draft pull request" dropdown.} + +### All Submissions: + +- [ ] Have you selected the correct base branch per [Contributing](https://github.com/GSA/fedramp-automation/blob/master/CONTRIBUTING.md) guidance? +- [ ] Have you set "[Allow edits and access to secrets by maintainers](https://docs.github.com/en/pull-requests/collaborating-with-pull-requests/working-with-forks/allowing-changes-to-a-pull-request-branch-created-from-a-fork)"? +- [ ] Have you checked to ensure there aren't other open [Pull Requests](https://github.com/GSA/fedramp-automation/pulls) for the same update/change? +- [ ] Have you squashed any non-relevant commits and commit messages? \[[instructions](https://git-scm.com/book/en/v2/Git-Tools-Rewriting-History)\] +- [ ] Have you added an explanation of what your changes do and why you'd like us to include them? +- [ ] If applicable, have all [FedRAMP Documents Related to OSCAL Adoption](https://github.com/GSA/fedramp-automation) affected by the changes in this issue have been updated.? +- [ ] If applicable, does this PR reference the issue it addresses and explain how it addresses the issue? + +By submitting a pull request, you are agreeing to provide this contribution under the [CC0 1.0 Universal public domain](https://creativecommons.org/publicdomain/zero/1.0/) dedication. diff --git a/CODE_OF_CONDUCT.md b/CODE_OF_CONDUCT.md new file mode 100644 index 000000000..17e0da32e --- /dev/null +++ b/CODE_OF_CONDUCT.md @@ -0,0 +1,46 @@ +# Contributor Covenant Code of Conduct + +## Our Pledge + +In the interest of fostering an open and welcoming environment, we as contributors and maintainers pledge to making participation in our project and our community a harassment-free experience for everyone, regardless of age, body size, disability, ethnicity, gender identity and expression, level of experience, nationality, personal appearance, race, religion, or sexual identity and orientation. + +## Our Standards + +Examples of behavior that contributes to creating a positive environment include: + +* Using welcoming and inclusive language +* Being respectful of differing viewpoints and experiences +* Gracefully accepting constructive criticism +* Focusing on what is best for the community +* Showing empathy towards other community members + +Examples of unacceptable behavior by participants include: + +* The use of sexualized language or imagery and unwelcome sexual attention or advances +* Trolling, insulting/derogatory comments, and personal or political attacks +* Public or private harassment +* Publishing others' private information, such as a physical or electronic address, without explicit permission +* Other conduct which could reasonably be considered inappropriate in a professional setting + +## Our Responsibilities + +Project maintainers are responsible for clarifying the standards of acceptable behavior and are expected to take appropriate and fair corrective action in response to any instances of unacceptable behavior. + +Project maintainers have the right and responsibility to remove, edit, or reject comments, commits, code, wiki edits, issues, and other contributions that are not aligned to this Code of Conduct, or to ban temporarily or permanently any contributor for other behaviors that they deem inappropriate, threatening, offensive, or harmful. + +## Scope + +This Code of Conduct applies both within project spaces and in public spaces when an individual is representing the project or its community. Examples of representing a project or community include using an official project e-mail address, posting via an official social media account, or acting as an appointed representative at an online or offline event. Representation of a project may be further defined and clarified by project maintainers. + +## Enforcement + +Instances of abusive, harassing, or otherwise unacceptable behavior may be reported by contacting the project team at oscal@fedramp.gov. The project team will review and investigate all complaints, and will respond in a way that it deems appropriate to the circumstances. The project team is obligated to maintain confidentiality with regard to the reporter of an incident. Further details of specific enforcement policies may be posted separately. + +Project maintainers who do not follow or enforce the Code of Conduct in good faith may face temporary or permanent repercussions as determined by other members of the project's leadership. + +## Attribution + +This Code of Conduct is adapted from the [Contributor Covenant][homepage], version 1.4, available at [http://contributor-covenant.org/version/1/4][version]. + +[homepage]: http://contributor-covenant.org +[version]: http://contributor-covenant.org/version/1/4/ diff --git a/CONTRIBUTING.md b/CONTRIBUTING.md new file mode 100644 index 000000000..a50185540 --- /dev/null +++ b/CONTRIBUTING.md @@ -0,0 +1,42 @@ +# Contributing to the Project + +This page is for potential contributors to this project. It provides basic information on the project, describes the main ways people can make contributions, explains how to report issues relating to the project and project artifacts, and lists pointers to additional sources of information. + +## Making Contributions + +Contributions are welcome to this project repository. + +For more information on the project's current needs and priorities, see the project's GitHub issue tracker (discussed below). Please refer to the [guide on how to contribute to open source](https://opensource.guide/how-to-contribute/) for general information on contributing to an open source project. + +## Issue reporting and handling + +All requests for changes and enhancements to the repository are initiated through the project's [GitHub issue tracker](https://github.com/GSA/fedramp-automation/issues). To initiate a request, please [create a new issue](https://help.github.com/articles/creating-an-issue/). + +The project team regularly reviews the open issues, prioritizes their handling, and updates the issue statuses, proving comments on the current status as needed. + +## Contributing to this GitHub repository + +This project uses a typical GitHub fork and pull request [workflow](https://guides.github.com/introduction/flow/). To establish a development environment for contributing to the project, you must do the following: + +1. Fork the repository to your personal workspace. Please refer to the Github [guide on forking a repository](https://help.github.com/articles/fork-a-repo/) for more details. +1. Create a feature branch from the master branch for making changes. You can [create a branch in your personal repository](https://help.github.com/articles/creating-and-deleting-branches-within-your-repository/) directly on GitHub or create the branch using a Git client. For example, the ```git branch working``` command can be used to create a branch named *working*. +1. You will need to make your modifications by adding, removing, and changing the content in the branch, then staging your changes using the ```git add``` and ```git rm``` commands. +1. Once you have staged your changes, you will need to commit them. When committing, you will need to include a commit message. The commit message should describe the nature of your changes (e.g., added new feature X which supports Y). You can also reference an issue from the repository by using the hash symbol. For example, to reference issue #34, you would include the text "#34". The full command would be: ```git commit -m "added new feature X which supports Y addressing issue #34"```. +1. Next, you must push your changes to your personal repo. You can do this with the command: ```git push```. +1. Finally, you can [create a pull request](https://help.github.com/articles/creating-a-pull-request-from-a-fork/). + +## Communications mechanisms + +Project inquiries can be sent to [*oscal@fedramp.gov*](mailto:oscal@fedramp.gov). + +# Licenses and attribution + +## This project is in the public domain + +This project is in the worldwide public domain. + +This project is in the public domain within the United States, and copyright and related rights in the work worldwide are waived through the [CC0 1.0 Universal public domain](https://creativecommons.org/publicdomain/zero/1.0/) dedication. + +## Contributions will be released into the public domain + +All contributions to this project will be released under the CC0 dedication. By submitting a pull request, you are agreeing to comply with this waiver of copyright interest. diff --git a/LICENSE.md b/LICENSE.md index 6801950c2..19fa33d2a 100644 --- a/LICENSE.md +++ b/LICENSE.md @@ -29,4 +29,3 @@ this deed makes no warranties about the work, and disclaims liability for all uses of the work, to the fullest extent permitted by applicable law. When using or citing the work, you should not imply endorsement by the author or the affirmer. - From b702efe4d2a59d96dc1e9816b4a83bc8005cb593 Mon Sep 17 00:00:00 2001 From: David Waltermire Date: Thu, 30 Nov 2023 21:45:45 -0500 Subject: [PATCH 2/2] Apply suggestions from code review --- .github/ISSUE_TEMPLATE/1-feedback.yaml | 2 ++ .github/ISSUE_TEMPLATE/2-bug-report.yaml | 12 ++++++++++++ .github/ISSUE_TEMPLATE/3-action-item.yaml | 1 + 3 files changed, 15 insertions(+) diff --git a/.github/ISSUE_TEMPLATE/1-feedback.yaml b/.github/ISSUE_TEMPLATE/1-feedback.yaml index 0e0fe8ff4..03a2401d9 100644 --- a/.github/ISSUE_TEMPLATE/1-feedback.yaml +++ b/.github/ISSUE_TEMPLATE/1-feedback.yaml @@ -27,6 +27,7 @@ body: description: Select all things this feedback relates to. options: - label: the **FedRAMP OSCAL Registry** + - label: the **FedRAMP OSCAL baselines** - label: the **Guide to OSCAL-based FedRAMP Content** - label: the **Guide to OSCAL-based FedRAMP System Security Plans (SSP)** - label: the **Guide to OSCAL-based FedRAMP Security Assessment Plans (SAP)** @@ -50,6 +51,7 @@ body: label: Where, exactly? description: Provide some context about what this feedback relates to. placeholder: | + - For any resource, please indicate the version number, if applicable. - For the registry, please indicate the tab and cell, or other clear identifier - For the guide, please indicate the section number and printed page number (lower right corner) - For the OSCAL XML or JSON files, please indicate XML or JSON; and indicate the line number, field id, or other clear location identifier diff --git a/.github/ISSUE_TEMPLATE/2-bug-report.yaml b/.github/ISSUE_TEMPLATE/2-bug-report.yaml index aeec5b03d..15cf4aa8a 100644 --- a/.github/ISSUE_TEMPLATE/2-bug-report.yaml +++ b/.github/ISSUE_TEMPLATE/2-bug-report.yaml @@ -20,6 +20,7 @@ body: description: Select all things this feedback relates to. options: - label: the **FedRAMP OSCAL Registry** + - label: the **FedRAMP OSCAL baselines** - label: the **Guide to OSCAL-based FedRAMP Content** - label: the **Guide to OSCAL-based FedRAMP System Security Plans (SSP)** - label: the **Guide to OSCAL-based FedRAMP Security Assessment Plans (SAP)** @@ -56,6 +57,17 @@ body: 3. See error... validations: required: true + - type: textarea + attributes: + label: Where, exactly? + description: Provide some context about what this feedback relates to. + placeholder: | + - For any resource, please indicate the version number, if applicable. + - For the registry, please indicate the tab and cell, or other clear identifier + - For the guide, please indicate the section number and printed page number (lower right corner) + - For the OSCAL XML or JSON files, please indicate XML or JSON; and indicate the line number, field id, or other clear location identifier + validations: + required: true - type: textarea id: other attributes: diff --git a/.github/ISSUE_TEMPLATE/3-action-item.yaml b/.github/ISSUE_TEMPLATE/3-action-item.yaml index 21dbf3c01..a97365f95 100644 --- a/.github/ISSUE_TEMPLATE/3-action-item.yaml +++ b/.github/ISSUE_TEMPLATE/3-action-item.yaml @@ -25,6 +25,7 @@ body: description: Select all things this feedback relates to. options: - label: the **FedRAMP OSCAL Registry** + - label: the **FedRAMP OSCAL baselines** - label: the **Guide to OSCAL-based FedRAMP Content** - label: the **Guide to OSCAL-based FedRAMP System Security Plans (SSP)** - label: the **Guide to OSCAL-based FedRAMP Security Assessment Plans (SAP)**