2026 - Draft Update to OSS policies #374
Closed
Conversation
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
…ware Corporation.
…e; changing reference from "project owners" to advisors.
… terms with respect to Decider and Community Organizers.
…n the page's TOC. Fixing.
…onvey any rights over trademarks or logo marks.
…ss of whether the downstream distriution is commercialized or offered for free use.
![github-advanced-security[bot]](https://avatars.githubusercontent.com/in/57789?s=60&v=4){kind=small}
Comment on lines
+10
to
+23
| name: Deploy docs | ||
| runs-on: ubuntu-latest | ||
| steps: | ||
| - name: Checkout master | ||
| uses: actions/checkout@v1 | ||
|
|
||
| - name: Deploy docs | ||
| uses: mhausenblas/mkdocs-deploy-gh-pages@master | ||
| env: | ||
| GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }} | ||
| CONFIG_FILE: mkdocs.yml | ||
| #EXTRA_PACKAGES: build-base | ||
| # GITHUB_DOMAIN: github.myenterprise.com | ||
| REQUIREMENTS: /requirements.txt No newline at end of file |
Check warning
Code scanning / CodeQL
Workflow does not contain permissions Medium
Show autofix suggestion
Hide autofix suggestion
Copilot Autofix
AI 7 months ago
To fix the issue, we will add a permissions block to the workflow. Since the workflow deploys documentation to GitHub Pages, it requires contents: write permissions. We will add this block at the root level of the workflow to apply it to all jobs. This ensures that the GITHUB_TOKEN has only the necessary permissions, reducing the risk of unintended access.
Suggested changeset
1
.github/workflows/publish.yml
| @@ -1,2 +1,4 @@ | ||
| name: Publish docs via GitHub Pages | ||
| permissions: | ||
| contents: write | ||
| on: |
Copilot is powered by AI and may make mistakes. Always verify output.
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Add this suggestion to a batch that can be applied as a single commit.
This suggestion is invalid because no changes were made to the code.
Suggestions cannot be applied while the pull request is closed.
Suggestions cannot be applied while viewing a subset of changes.
Only one suggestion per line can be applied in a batch.
Add this suggestion to a batch that can be applied as a single commit.
Applying suggestions on deleted lines is not supported.
You must change the existing code in this line in order to create a valid suggestion.
Outdated suggestions cannot be applied.
This suggestion has been applied or marked resolved.
Suggestions cannot be applied from pending reviews.
Suggestions cannot be applied on multi-line comments.
Suggestions cannot be applied while the pull request is queued to merge.
Suggestion cannot be applied right now. Please check back later.
As per the last meeting; here is a first draft of the Chef OSS Practices.
A few notes;
1/ I moved it to publish to a github pages content to make it easier to read / find for people https://chef.github.io/chef-oss-practices/ as such the markdown has moved to mkdocs format.
2/ this is a first draft. I will have another set of changes at the end of July (going to be out of town for the next 2 weeks).
let me know what you want to see that is not part of the document, raise any questions you have about process so we can capture them as well.