Commit d74b0a95 authored by David Seaward's avatar David Seaward
Browse files

Refine contributions and scope. Add links to Digital Bill of Rights. Add...


Refine contributions and scope. Add links to Digital Bill of Rights. Add copies of policy and stay safe documents.
Signed-off-by: David Seaward's avatarDavid Seaward <david.seaward@puri.sm>
parent c5055507
......@@ -10,9 +10,9 @@ Alternatively, anyone can support the project financially with a [Librem One sub
## Onboarding
Unfortunately we don't have the resources to onboard volunteers without prior experience. If you're curious about the tools we use, here's a short list of jumping off points. Some of these projects do have onboarding teams, so keep digging till you find one you like. Enjoy the journey!
Unfortunately we don't have the resources to onboard volunteers without prior experience. If you're curious about the tools we use, here's a short list of jumping off points. Some of *these* projects have onboarding teams, so keep digging till you find one you like. Enjoy the journey and happy hacking!
* [Django Girls Tutorial🔗](https://tutorial.djangogirls.org/en/). If you try only one tutorial, make it this one. A great introduction to web applications using Python and Django.
* [Django Girls Tutorial🔗](https://tutorial.djangogirls.org/en/). If you try only one tutorial, make it this one. A great introduction to the ideas behind web applications. You don't need to prior experience with Python or Django.
* ...more to come!
......@@ -20,52 +20,54 @@ Unfortunately we don't have the resources to onboard volunteers without prior ex
Projects are listed at [source.puri.sm/liberty🔗](https://source.puri.sm/liberty). Projects follow the same conventions (detailed below) unless impractical. Naturally we rely on and collaborate with a vast number of other libre projects, and follow their conventions when contributing upstream.
## Logging issues
## Ticket requirements
Submit your ticket now and the product owner will help you achieve these requirements:
Submit your ticket while it's still fresh! Take a screenshot! Aim for these requirements, and the product owner will make a best effort attempt to complete the submission. Tickets must meet these requirements before being assigned to a milestone:
* Log under the correct project. If you're unsure, use [liberty/services🔗](https://source.puri.sm/liberty/services/issues).
* Log under the correct project. If you're unsure, use [liberty/services🔗](https://source.puri.sm/liberty/services/issues) and we'll figure it out.
* Descriptions must be actionable. Enhancements should include a clearly motivated user story. Bug reports should include steps to reliably reproduce the problem. (See templates below.)
* Ticket descriptions must be actionable. Enhancements should include a clearly motivated user story. Bug reports should include steps to reliably reproduce the problem with any account. (See templates below.)
* Where business logic needs to be expressed, use [Gherkin🔗](https://cucumber.io/docs/gherkin/reference/) ([alternate reference🔗](https://behave.readthedocs.io/en/stable/gherkin.html#gherkin-feature-testing-language)) and focus on the happy-day scenario. (Undefined edge cases are expected to fail gracefully.)
* You *may* include a suggested technical solution, but you do not have to. If you are suggesting a technical solution, you *must* include a solution-agnostic user story.
## User story template
Keep user stories simple and focus on everyday outcomes. Save technical details for the suggested solution. For example...
**User story:** I am an everyday user. I want to send a private message, so that no-one else can read it.
> **User story:** I am an everyday user. I want to send a private message to my friend, so that only they can read it.
## Bug report template
**Steps to reproduce:**
* Log into the Acme System
* Enter telephone number
* Click "OK" button
**What should happen?**
* Telephone number is saved.
* Return to login page.
**What happens instead?**
* A message appears, "Please do not click this button again."
> **Steps to reproduce:**
>
> * Log into the Acme System
> * Enter telephone number
> * Click "OK" button
>
> **What should happen?**
>
> * Telephone number is saved.
> * Return to login page.
>
> **What happens instead?**
>
> * A message appears, "Please do not click this button again."
## Ticket state
* Unclassified. The ticket must be triaged by the product owner.
* **Unclassified.** The ticket must be triaged by the product owner.
* On hold. The ticket is valid but indefinitely deprioritized. Volunteer work is welcome. Some valid tickets will be closed rather than put on hold to make the backlog easier to read.
* **On hold.** The ticket is valid but indefinitely deprioritized. Volunteer work is welcome. Some valid tickets will be closed rather than put on hold to make the backlog easier to read.
* Ready. The ticket is well-defined, has a milestone and is assigned. The assignee should aim to complete it by the milestone deadline (along with other tickets in the milestone).
* **Ready.** The ticket is well-defined, has a milestone and is assigned. The assignee should aim to complete it by the milestone deadline (along with other tickets in the milestone).
* In progress. The assignee has set a due date and begun work.
* **In progress.** The assignee has reviewed the ticket, set a target due date and begun work.
* Please review. The ticket is reassigned to the product owner. The work is complete and ready for review. For example, there is a screenshot or code has been deployed to the staging environment. If accepted, the ticket and associated MR is closed. If not, it is put back to "Ready" with an explanation.
* **Please review.** The ticket is reassigned to the product owner. The work is complete and ready for review. For example, there is a screenshot or code has been deployed to the staging environment. If accepted, the ticket and associated MR is closed. If not, it is put back to "Ready" with an explanation.
* Closed. The work is merged or the fix released or the ticket has been canceled.
* **Closed.** The work is merged or the fix released or the ticket has been canceled.
## Release workflow
......
......@@ -4,7 +4,7 @@ body:
*Regular services* are implementations of networked software, typically lightweight clients or browser interfaces that deliver messages to remote applications operated by a third party.
An *ethical service* is one that explicitly protects users from exploitation in this scenario.
An *ethical service* is one that explicitly protects users from exploitation in this scenario. (See the [Digital Bill of Rights🔗](https://puri.st).)
The [Liberty Deckplan](../drafts/deckplan/) is our concrete configuration plan for a well-defined suite of ethical services.
......@@ -22,9 +22,11 @@ This is a non-exhaustive non-prioritized list of ideals and limitations on the s
**Upstream first.** Wherever feasible and welcome we will contribute changes to upstream projects, minimizing the delta between our fork (if any) and upstream.
**Engineering not advocacy.** This is a software engineering project managed within the framework of Purism's [already-defined social purpose🔗](https://puri.sm/about/social-purpose/) and available resources. We refer to subject-matter experts for further guidance.
**Flagship-friendly but vendor-neutral.** We will implement defaults and humane branding to improve user experience on the flagship domain, but will actively enable the use of alternate domains, and provide mechanisms for re-branding.
**Single end-user, two trusted devices.** We assume that the end-user has two trusted devices where they are the sole user/owner, like a laptop and a phone, and they frequently switch between devices. In general, the end-user should be able to perform task A on one device, and immediately perform task B on the second device.
**Engineering not advocacy.** This is a software engineering project managed within the already-defined framework of Purism's [social purpose🔗](https://puri.sm/about/social-purpose/), [Digital Bill of Rights🔗](https://puri.st) and [service policy🔗](https://librem.one/policy/). We refer to subject-matter experts for further guidance. Discussion around these issues is out of scope in the context of this project, but [welcome on the Purism forums🔗](https://forums.puri.sm/categories).
**Single end-user, multiple trusted devices.** We consider use-cases where the end-user has one or more trusted devices where they are the sole user/owner, like a laptop and a phone. In general, the end-user should be able to perform task A on one device, and immediately perform task B on a second device. We do not consider shared devices, shared sessions or shared accounts.
**Two accounts is a fair solution.** Using two or more accounts solves some user stories, especially those dealing with operations security. Where a two-account-solution exists, solving the problem with one account will be indefinitely deprioritized.
......
_model: page
---
title: Policy
---
body:
*Last modified: April 11, 2019*
Purism provides [Librem One](https://librem.one), a bundle of services that respect you and your privacy.
### Privacy
#### Our approach to privacy is simple — We respect and protect your digital life.
Purism is a [Social Purpose Corporation](https://puri.sm/about/social-purpose/) entirely focused on protecting your privacy, security, and freedom.
#### No Ads
We do not have advertising.
#### No Tracking
We do not track you.
#### We Respect You
We do not sell nor share anything. We do not build personal, social, nor behavioral profiles of people. We do not alter nor shape user behavior. We do not target people. We do not control people.
We do build products, software, and services that respect society and your privacy. We do release all our source code as free software. We do protect people by default.
### Content
You are solely responsible for all content and activity that occurs in your account. Purism is not be held legally responsible for conduct or content on this service. Purism will cooperate with lawful requests.
#### Copyright
You retain your copyright. Public messages are shared under [Creative Commons BY-SA 4.0](https://creativecommons.org/licenses/by-sa/4.0/) license terms. Write to takedown@puri.sm with any valid DMCA request.
#### Messages and Posts
Librem One messages and posts are divided into three types:
* **Public** – published publicly for everyone to see and share.
* **Private** – end-to-end encrypted for intended recipient(s) only.
* **Temporary** – If it’s not public, and it’s not private, it’s temporary and deleted after 30 days.
#### Services
* **Librem Social** is public, always.
* **Librem Chat** is optionally private or temporary.
* **Librem Mail** is optionally private or temporary.
* **Librem Tunnel** is private or temporary with no logging.
### Accounts
Account names cannot be reused, avoiding identity abuse. A canceled account deletes all data and that account name is gone forever. A lost password without a recovery address is gone forever.
#### Communication from Purism
Purism will generally not contact you for any reason except in the following situations:
* A security vulnerability or data breach has been discovered
* To share product changes or changes to your account or to this policy
* A lawful request for account information was received
You will find the latest copy of this policy at https://librem.one/policy/
_model: page
---
title: Stay safe online
---
body:
### Need security or legal advice?
For a detailed introduction to protecting yourself, read [Surveillance Self-Defense](https://ssd.eff.org/) by the Electronic Frontier Foundation.
To learn about your rights and privacy laws in your region, see Privacy International’s [global breakdown](https://www.privacyinternational.org/where-we-work).
For legal representation, [contact the Electronic Frontier Foundation](https://www.eff.org/pages/legal-assistance). If they can’t help directly, they may be able to pass you on to a cooperating attorney.
### Don’t like what you see?
Look after yourself. Do your best to treat others with dignity and respect, especially if you disagree with them.
If you see something illegal, report it to the relevant authorities. They are best equipped to handle illegal content.
If you see content you dislike or you are being harassed, block the offending user. If that doesn’t help, [document the incident](https://iheartmob.org/resources/rights) and flag it for moderator action. We empower you to take control, and [we do not tolerate harassment](https://librem.one/conduct/).
* Also read HeartMob’s guide to [Self-Care for People Experiencing Harassment](https://iheartmob.org/resources/self_care)
* You are encouraged to also email the [Cybersmile Global Support Service](https://www.cybersmile.org/what-we-do/online-abuse-support) at `help@cybersmile.org` for counseling and advice. Cybersmile have a wealth of resources, including a [helpline directory](https://www.cybersmile.org/advice-help/category/who-to-call).
If you witness online harassment, you can intervene and de-escalate. [Consider training in bystander intervention.](https://www.ihollaback.org/resources/bystander-resources/) Also read HeartMob’s guide to [Self-Care for Bystanders](https://iheartmob.org/resources/bystander_self_care). Thank you for making a difference.
Many online problems start offline. If discussion makes you aware of systemic issues, consider volunteering with or donating to a civic organization like the [World Wide Fund for Nature](https://panda.org) (WWF).
You will find the latest copy of this guide at https://librem.one/stay-safe/
[project]
name = libertyone
url = https://liberty.one
[servers.production]
target = rsync://liberty.one/var/www/liberty.one
name = Production
target = rsync://liberty.one/var/www/html/liberty
default = no
Markdown is supported
0% or .
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment