Closed
Description
Currently there are no requirements beyond adopting the Foundation's CoC for projects.
It seems we would need additional requirements for projects who wish to handle CoC violations themselves. For example, having a clear process for raising a violation, certain guarantees around privacy, etc.
Next steps:
- open a pull request against FOUNDATION_CODE_OF_CONDUCT_REQUIREMENTS that adds a section listing the requirements outlined above (see Update and refactor CoC policy and processes #1135).
- open a pull request against the onboarding checklist that includes implementing those requirements.
- have an email reporting address
- (required for impact and at-large) have at least more than one person selected by the project maintainership (through a process defined by the project) on that email address
- publicly list who is on that email address
- publicly document the decision-making process
- confidentiality of reporter and victim
- basic rules around data retention to meet legal requirements (e.g. GDPR)
- following up on the audit @rginn is running to make sure that the projects that have opted in to run their own CoC enforcement have implemented those requirements.
Activity