layout | title |
---|---|
base |
Open Source Checklist |
Prior to releasing a project to GitHub.com, walk through these items and ensure they are addressed.
-
Has PII been removed?
- Use Clouseau for scanning source code.
- For an Open Source Release, attach the Clouseau output.
- If there are images, visually inspect each image to ensure there is no CFPB-specific information.
- Use Clouseau for scanning source code.
-
Have security vulnerabilities been remediated?
-
Are we including any other open source products? If so, is there any conflict with our public domain release?
-
Is our
TERMS.md
included? -
Is a
CHANGELOG.md
present and does it contain structured, consistently formatted recent history?- See https://github.com/cfpb/qu and https://github.com/cfpb/hmda-explorer
- Some Inspiration: http://keepachangelog.com/
-
Are instructions for contributing included (
CONTRIBUTING.md
)? -
Are installation instructions clearly written in the
README
and tested on a clean machine? -
Are all dependencies described in the
README
,requirements.txt
, and/orbuildout.cfg
? -
Are the API docs generated?
-
Are there unit tests?
-
If appplicable and possible, is it set up in TravisCI?
-
Have multiple people reviewed the code?
-
Is there a screenshot in the
README
, if applicable?
- [ ] **Has PII been removed?**
- Use [Clouseau](https://github.com/virtix/clouseau) for scanning source code.
- If there are images, visually inspect each image to ensure there is no CFPB-specific information.
- [ ] **Have security vulnerabilities been remediated?**
- [ ] **Are we including any other open source products? If so, is there any conflict with our public domain release?**
- [ ] **Is our `TERMS.md` included?**
- [ ] **Is a `CHANGELOG.md` present and does it contain structured, consistently formatted recent history?**
- [ ] **Are instructions for contributing included (`CONTRIBUTING.md`)?**
- [ ] **Are installation instructions clearly written in the `README` _and_ tested on a clean machine?**
- [ ] **Are all dependencies described in the `README`, `requirements.txt`, and/or `buildout.cfg`?**
- [ ] **Are the API docs generated?**
- [ ] **Are there unit tests?**
- [ ] **If applicable and possible, is it set up in TravisCI?**
- [ ] **Have multiple people reviewed the code?**
- [ ] **Is there a screenshot in the `README`, if applicable?**