Skip to content

docs(ospo): community health rollout v2 — README, agents.md, health files#59

Merged
DeepDiver1975 merged 1 commit into
masterfrom
ospo/community-health-v2
Jul 15, 2026
Merged

docs(ospo): community health rollout v2 — README, agents.md, health files#59
DeepDiver1975 merged 1 commit into
masterfrom
ospo/community-health-v2

Conversation

@dj4oC

@dj4oC dj4oC commented May 28, 2026

Copy link
Copy Markdown
Contributor

Summary

This PR is part of the Kiteworks OSPO community health rollout (kiteworks.com/opensource), applied to all ~110 public ownCloud repositories starting May 5, 2026.

  • README.md: Rewritten with v2 OSPO template
    • License-specific OSPO section with Apache 2.0 migration guidance
    • Mandatory Community & Support section: GitHub Discussions, Matrix, docs, enterprise support, OSPO home
    • Contributing workflow: Rebase Early/Often, Dependabot, PGP/GPG-signed commits, DCO sign-off, GitHub Actions policy
    • Security section pointing to security.owncloud.com + YesWeHack bug bounty
    • Translations link to Transifex (owncloud project)
  • agents.md (new): AI agent context file with architecture, build commands, OSPO policy constraints
  • CODE_OF_CONDUCT.md (new): Redirect to https://owncloud.com/contribute/code-of-conduct/
  • CONTRIBUTING.md (new): Redirect to https://owncloud.com/contribute/
  • SECURITY.md (new): Redirect to https://security.owncloud.com + YesWeHack
  • SUPPORT.md (new): Redirect to https://owncloud.com/contact-us/ and support channels

Test plan

  • README renders correctly on GitHub (badges, sections, links)
  • All health file links resolve (CODE_OF_CONDUCT, CONTRIBUTING, SECURITY, SUPPORT)
  • agents.md loads correctly in Claude Code and GitHub Copilot
  • License referenced in README matches actual LICENSE file in repo

🤖 Generated with Claude Code as part of the ownCloud OSPO rollout.
Kiteworks OSPO: https://kiteworks.com/opensource

@dj4oC dj4oC requested review from DeepDiver1975 and kobergj May 28, 2026 08:04
…iles

Introduced by the Kiteworks Open Source Program Office (OSPO) on May 5, 2026.

Changes:
- README.md: rewritten with OSPO v2 template — license-specific migration
  guidance, Community & Support section, Contributing workflow, Security
  section pointing to security.owncloud.com + YesWeHack bug bounty
- agents.md: AI agent context file with architecture, build commands, and
  OSPO Policy Constraints (GitHub Actions, Dependabot, Git Workflow)
- CODE_OF_CONDUCT.md: redirect to https://owncloud.com/contribute/code-of-conduct/
- CONTRIBUTING.md: redirect to https://owncloud.com/contribute/
- SECURITY.md: redirect to https://security.owncloud.com + YesWeHack
- SUPPORT.md: redirect to https://owncloud.com/contact-us/ + channels

OSPO: https://kiteworks.com/opensource

Signed-off-by: David Walter <david.walter@kiteworks.com>
@dj4oC dj4oC force-pushed the ospo/community-health-v2 branch from 5b069ad to b869d00 Compare June 2, 2026 06:22
@DeepDiver1975 DeepDiver1975 merged commit 556de65 into master Jul 15, 2026
@DeepDiver1975 DeepDiver1975 deleted the ospo/community-health-v2 branch July 15, 2026 14:27
phil-davis pushed a commit that referenced this pull request Jul 15, 2026
All alerts are transitive devDependencies; resolved via `npm audit fix`
(no --force, no direct-dependency major bumps). package.json unchanged.

- body-parser -> 1.20.6 (GHSA, needs >= 1.20.3) #44
- braces -> 3.0.3 (needs >= 3.0.3) #40
- cookie -> 0.7.2 (needs >= 0.7.0) #45
- flatted -> 3.4.2 (prototype pollution, needs >= 3.4.2) #62
- follow-redirects -> 1.16.0 (needs >= 1.16.0/1.15.6/1.15.4) #69 #39 #38
- lodash -> 4.18.1 (code injection + prototype pollution, needs >= 4.18.0/4.17.23) #68 #67 #52
- minimatch -> 3.1.5 (ReDoS, needs >= 3.1.3) #59
- picomatch -> 2.3.2 (needs >= 2.3.2) #64
- qs -> 6.15.3 (DoS, needs >= 6.14.2/6.14.1) #55 #49
- tmp -> 0.2.7 (path traversal, needs >= 0.2.6/0.2.4) #71 #47
- ws -> 8.21.1 (DoS, needs >= 8.21.0/8.17.1) #72 #41

npm audit reports 0 vulnerabilities. Test suite (Karma, 21 tests)
passes. Note: lockfileVersion bumped 1 -> 3 as npm 10 regenerated the
lockfile; CI runs `npm ci` on Node 20 which supports v3.

Signed-off-by: Thomas Müller <1005065+DeepDiver1975@users.noreply.github.com>
Co-authored-by: Claude Opus 4.8 <noreply@anthropic.com>
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Labels

None yet

Projects

None yet

Development

Successfully merging this pull request may close these issues.

2 participants