This is a set of default guidelines for contributing my projects and participating in their official communication channels. If the project has a CONTRIBUTING file in the root of the source directory than that policy applies instead.
If you find a security issue in any project that I am involved in please contact me via email at security@kevincox.ca
If possible please PGP encrypt the message to B66B891DD83B0E677D84FC309BB92CC1552E99AA and sign with your own key so that I can send encrypted responses.
You can also see this information in my security.txt file.
Most of my repositories are licensed under the Apache 2.0 license. See the LICENSE file in the source of the repository for details. If the repository doesn’t have a license please reach out and I will generally be happy to release it under the Apache 2.0 license.
If the repository is licensed but the license isn’t suitable for you, feel free to reach out with your concerns. I may be able to release the code under another license. However note that if there are other contributors you may need to get a license for their contributions separately.
In general the preferred place to submit patches is the forge where the project is located. This keeps patches tidy and allows easy community discovery.
PGP signing of commits is highly encouraged.
Please explicitly indicate that you are releasing the contribution under the license in the repository. I can’t accept patches if they are not suitably licensed.
The best way to do this is to reference the Developer Certificate of Origin, either by link and version reference or by quoting the claims and writing your name. Example:
I, YOUR-NAME, have read the Developer Certificate of Origin Version 1.1 and certify that this contribution complies.
You may also submit patches via email to patches@kevincox.ca. By sending to that address you are expressly giving me a license to publish these works, either automatically manually, selectively or in bulk. Your change should still be explicitly licensed for inclusion in the project as described in the License section.
For non-contribution work the best place is to open an “Issue” on the tracker of the relevant project. Don’t worry if it isn’t an issue, you can use the issue tracker for bug reports, feature requests, support, design discussions, feedback or anything else! The issue tracker is just a convenient place to hold public discussions, whatever they are about.
- If your discussion is about a security issues please see the Security Section instead.
- If you don’t wish to create an account or need to communicate privately you can email me. But please prefer the issue tracker if possible.
I do not have a detailed Code of Conduct. In general treat people with respect and assume good faith by default.
- Do not use personal attacks, discuss the work, not the people.
- Try to make people feel welcome. While it is impossible to please everyone use your best judgement and try to accommodate others where reasonable. For example, refer to people how they wish to be referred to and avoid bringing up topics with people who have asked to be left out of these discussions.
- Keep the discussion on-topic. On-topic discussion will be assumed to be in good faith by default, off-topic discussion will be treated more strictly.
For many projects I am the only moderator and will be making the ruling on who is violating this Code of Conduct. On all projects I appreciate feedback, both positive and negative on all of my behaviour, moderation-related or otherwise.
In general I will try to address any concerns where they are occurring to maintain transparency. If the behaviour continues I will generally attempt to reach out personally. If the behaviour is egregious I may immediately apply bans (temporarily or permanently) without warning. If you feel my actions were unfair please send me an email.
If you have any other questions please reach out to kevincox@kevincox.ca.