6 月 3 日消息 开放原子开源基金会是致力于推动全球开源产业发展的非营利机构,于 2020 年 6 月正式获得民政部批准在北京成立,由阿里巴巴、百度、华为、浪潮、360、腾讯、招商银行等十家龙头科技企业联合发起,由工信部作为业务指导单位。开放原子开源基金会拟通过共建、共治、共享的方式,系统性打造信息产业和工业开源开放框架,搭建国际开源社区,提升行业协作效率,赋能千行百业。目前开放原子开源基金会业务范围主要包括为各类开源软件、开源硬件、开源芯片、开源内容提供中立的知识产权托管、战略咨询、法务咨询、项目运营、品牌营销和教育培训等服务。
今天,OpenHarmony 2.0 孵化和运营者开放原子开源基金会发布了孵化项目毕业标准 v1.0。
1. 代码与文档 (Code and Document)
OA-CD-10
【中】项目代码是易于找到的,并且能被公开访问。
【EN】The project's code is easily discoverable and publicly accessible.
OA-CD-20
【中】可以使用常用的标准工具对项目代码进行重复构建。
【EN】The code can be built in a reproducible way using widely available standard tools.
OA-CD-30
【中】应通过源代码管理系统保留项目代码的完整变更历史,所有已发布版本都可以被重新构建。
【EN】The full history of the project's code is available via a source code control system, in a way that allows any released version to be recreated.
OA-CD-40
【中】每一行代码必须由具备强认证机制的提交者通过源代码管理系统建立,当提交第三方贡献时,提交备注中要包含可靠的代码来源信息。
【EN】The provenance of each line of code is established via the source code control system, in a reliable way based on strong authentication of the committer. When third-party contributions are committed, commit messages provide reliable information about the code provenance.
OA-CD-50
【中】项目必须有最终用户文档,例如:API、CLI、仪表板、安装部署、配置等。
【EN】The project must have end-user docs in place such as API use, CLI use, Dashboard use, Deployment use, Configuration use.
OA-CD-60
【中】项目应具有可证实的用户支持历史,可以是在邮件列表或 issue 系统中的答复。
【EN】The project should have a proven history of providing user support,such as replies in mailing list or issue systems.
2. 流程 (Process)
OA-PR-10
【中】项目需要有符合业界最佳实践的代码提交流程。
【EN】The project requires a code commit process that meets industry best practices.
OA-PR-20
【中】项目团队应该与营销团队一起确定合适的官方名称。
【EN】The project should have engaged with marketing team to check suitable official name.
OA-PR-30
【中】项目需要通过独立的第三方安全审计。
【EN】The project should have completed an independent and third party security audit.
OA-PR-40
【中】项目必须使用基金会基础设施团队认可的任务、缺陷和设计跟踪工具。
【EN】The project must use task, defect and design track tools that approved by infrastructure team of OpenAtom Foundation.
3. 许可证与版权 (Licenses and Copyright)
OA-LC-10
【中】代码发布需要满足项目所采用开源许可证的合规性 / 兼容性要求,且符合开放原子开源基金会的知识产权政策。
【EN】The code is released under the open source license that project used, meets the compatibility requirements,and complies with OpenAtom Foundation's IPR policy.
4. 发布 (Releases)
OA-RE-10
【中】发布要包含源代码,分发时需要采用标准开放的打包格式,以便长期保持可读性。
【EN】Releases consist of source code, distributed using standard and open archive formats that are expected to stay readable in the long term.
OA-RE-20
【中】发布由项目的项目管理委员会批准。
【EN】Releases are approved by the project's PMC (Project Management Committee).
OA-RE-30
【中】发布需要进行数字签名或带有哈希摘要,以校验下载包的完整可靠。
【EN】Releases are signed and/or distributed along with digests that can be reliably used to validate the downloaded archives.
OA-RE-40
【中】发布必须包含源代码,也可同时发布二进制文件。
【EN】Release must include source code; convenience binaries can be distributed alongside source code.
OA-RE-50
【中】发布过程必须有详细的文档说明,并且是可重复进行的。根据文档指引,任何人能够独立生成发布所需的所有制品。
【EN】The release process is documented and repeatable to the extent that anyone is able to independently generate the complete set of artifacts required for a release.
OA-RE-60
【中】项目必须有清晰的版本计划,并且必须制定至少 2 个常规的后续里程碑。
【EN】The project must have a clear roadmap and must have followed at least two common milestones.
5. 质量 (Quality)
OA-QU-10
【中】项目对代码的质量要开放且诚实。
【EN】The project is open and honest about the quality of its code.
OA-QU-20
【中】项目的安全性是最高优先级的。
【EN】The project puts a very high priority on secure software.
OA-QU-30
【中】需要提供一套规范化的安全响应流程。
【EN】The project requires a standardized security response process.