 Hey, Carolyn, let's see if that's you or me. That's better. That was me. Okay. You can hear me now. Yeah. How am I doing? I can hear you fine. Okay. Cool. How you been? Oh, I'm good. I just had the Azure got a couple of days off last week. It was wonderful. Really? Yeah. Any particular reason? Well, so I don't do on-call. Yeah. So everyone else got it because they do on-call. I just happened to report up into Azure, so I got it too. Don't tell anyone. Oh, gosh, this is recorded. Yeah. One thing I forgot to do is get the host key from Paris, so I can't delete that portion of the recording. I'm right here. Oh, there you are. Everyone knows my shame. Yeah. I am sure that Microsoft is really going to care that you got two extra days off. Did it too? Yeah. I was just looking and trying to figure out what governance questions the CNCF has already asked anyone, which is a little challenging because their survey stuff is just a bunch of images. Oh, wait, wait. No, here's a questions file. Got it. OK, just ping to April. And there we go. Yay. Hello. OK. So for the sake of the recording, welcome everybody to the first governance, CNCF governance working group meeting, possibly the only one, possibly the first of many bi-weekly meetings. We'll decide that. So let's put that in the agenda. As always, this is a CNCF meeting, and therefore we are subject to the CNCF code of conduct. So don't do anything that you wouldn't do in front of your mother. And let's get going on this. I don't think anybody needs to introduce. We've all introduced ourselves on other contributor strategy calls. Yeah? At least I know everybody in this call. But do you all know each other? Haven't. I don't know that I've met Carolyn in person, but I've certainly seen her on previous calls. And that Paris person, I think I've heard about her a few times. OK. So we have a few things to get out of the way. One thing is there's, oh, actually, hold on. I'm going to back up here. I'm going to add a first item because I think it's actually kind of important, which is working group measurement. Membership. So right now in the read me we have for the working group, the only listed members are me and April. Carolyn, do you see yourself participating in this on an ongoing basis? I'm just more interested, but I don't think I'll have time to do work. Sorry. OK. Carolyn, I'm envious of the plushie collection behind you. Oh, thank you. That's for my conferences. Lots of go. I've only got the one. I have the I have the I have the little go in the car, the little gopher in the car, which is quite cute. Oh, yeah. That's a cute one. That's a cute one. I'll have to send you all some pancakes plush, the GRPC mascot. But they're currently they're currently in an office that we can't get into. So when we can, I'll send you. Yeah, we're having the same thing as, you know, I have, you know, maintainers saying, hey, we want to, since there are no conferences, we want to mail swag to our supporters. And I'm like, there's a problem with that. And that completely aside from shipping costs, there is nobody in the mailroom. Yeah. So OK. So we will continue with just me and April listed on as as members currently. Carolyn, if you find yourself showing up for stuff and taking issues, then we will add you as also a working group member. Is it OK to show up if I'm not a member? Absolutely. Of course. Yeah, absolutely. Absolutely. The. OK, so next thing, survey questions. Paris wants to send out a survey for contributor strategy in general to leaders of all of the various CNCF projects. She wants some governance related questions on there, which we need to determine. Now, one thing there is going to be excluding any governance related questions already asked by the CNCF. The figuring out what those are requires enough combing through files that I don't necessarily want to do it on the call. So why don't we just brainstorm on questions we would like to ask for projects ideas? Anybody? Paris, you were just if you refresh our memory, were you looking for like we're looking for like high level? Do you have governance essentially right? Or was it more? No. Yeah, it's more like we all want to know about these projects governance so that you can make recommendations for them and see like where the holes are. So for instance, do you have a contributor ladder? We're calling out maybe some of the more advanced things and some of them might not call it a contributor ladder. They might call it a expectations of contributors or something like that, right? So I mean, like crawling through 45 projects like community slash governance repos sound like anything that sounds not favorable to us in that regard, that would be a good question. Other things like how does real time communication fit into your governance? Do you have moderators? Like what do you like tell me about your code of conduct enforcement? These are like I don't necessarily I don't think that these necessarily need to be the questions themselves. But I guess that's the stuff that I was thinking about. So you can get a clear pulse because like CNCF obviously asks their maintainers like the warm and fluffy questions. This is like tell me about a program that you like that you do for governance or tell me about a problem. Yeah, I like that kind of thing. Like I don't recall any specific governance related questions that CNCF has asked to you. Like I'm trying to think of the previous maintainer surveys and it was all kind of general on what people are getting from CNCF. And I guess that would be kind of a good open ended question of like do you feel good with your governance? And do you feel like it meets your needs? Because even a project could very well. I mean, let's be honest, we tell a lot of projects like look at what Kubernetes did and scale that down. And so a project could very well have done that, but it may not work for them. And they haven't kind of done that. And let me just say scale that down is actually a really problematic recommendation. Oh, yeah. I always tell people like people always look at Kubernetes and I always say like it's great, but remember Kubernetes is far along the lifecycle of a project than most new projects that are like creating governance. And in some cases, it's a what not to do because it's got a lot of complexity to it. And that's not going to work for everybody. And so that's where I'm curious like are there projects that tried to pick some of it and then find out later like, oh, we really don't need that. And maybe they need help from this group on how to walk some stuff back or how to simplify even. Can we clarify the goals a little bit? I'm just looking at the issue. And I'm unsure if we're trying to identify where we can help or are we trying to identify if they're satisfied or are we trying to dig for ideas? Or it's kind of like how many different things we're trying to do with the survey? Yeah. For my part, I need I want the survey so that we can collect best practices from them. Because we're over here like preaching about what we think is best practice. But they also might be doing things that are best practice. So I'm trying to figure out what are programs that work for you. So in the contributor growth area, like what mentoring programs work, what doesn't. I want to dig deeper here because we are right now sitting at kind of like our pearly gates and going, oh, well, each one of us is very active in one project. And we do things right and wrong in certain areas. But I can't speak to 40 other projects, right? So I think getting best practices, getting the holes, figuring out all that stuff is going to greatly help us with building trust. So that's the other goal here is to so that people can see what kind of topics we're working on through these kinds of survey questions. And they also don't necessarily need to be survey questions. If people don't want to do a survey, I will happily go to them and do a focus group. Sure. So when we do the survey, is it OK then if we make it clear to them that that's what we're trying to do? And maybe give them open-ended waves or just a general thing at the end that says, if you'd like to just reach out and check us about this too. Just so that they know why we're asking. Yeah, yeah, I included all that stuff in the template email that I want to push out. Yeah, I'm also looking at the two different branches where we're doing the two different things we're doing through the governance work group. Also in terms of the questions, which is on the one hand, we want to get an idea of where each project is in their governance development process, particularly because the TOC is going to implement much stricter requirements on required governance benchmarks or required levels of governance for incubating and graduated projects in the near future. And so getting an idea of where each project is in relation to those, one of the things I would like to do. And then of course, the second thing is advice and assistance. And then that comes down to the trying to figure out where projects actually need help. Yeah, I think figuring out what, like Paris was saying, figure out what works and figure out what's not working. And then what's not working will help us identify what we need to create and provide. Yeah, so I'd say examples of those two different sort of sides is one of the ones that I just put into the notes is the what format is your governance. There's basically six kind of basic governance structures that open source projects have. Four of them would be relevant potentially to CNCF projects. So projects that see themselves as not that don't have any formal governance at all, which I think is going to be the majority of them. Projects where the founders of the project just run everything. Ones where they have a sort of council that selects its own members. And then ones that actually have some kind of democratic process. And then the second thing, the other side of the question that Carolyn put on there, do you feel good about your governance would be what specific problems are you have? Oh, yeah. I don't know who's typing that. Do you want to say that out loud? Yeah, this is me. Depending on whether or not they have someone like Paris, basically, like this is you Paris. If they have someone who is their full-time job or not to make the governance model or the community model successful will greatly impact how happy they are and what's going to feel realistic to them and whether or not scaled down Kubernetes or whatever it is that we're going to be suggesting is going to make sense. And I think that's going to help give us a really good data point to kind of understand why it's working for them or not when they say they're happy. Because otherwise, you're going to go, great, they're happy. Why is it that it's working for how long and it's not working for this other project? And what may be a really, I'm going to guess, that people who don't have full-time people to make certain type of models work are not going to be as happy because they're just she's trying to make this happen. So it'd be really useful to know. Yeah, and I think that's also like... Oh, I'm sorry, April. I was just saying, I think it also, it'll skew towards big companies that also have like a open-source programs office because then even if you don't have someone who's dedicated, you still at least have theoretically a resource you can go to versus other projects that are just like, we got nothing. And so those are ones that would need a lot more help from this group and from CNCF. You'd be surprised. I work for a very big company and I work on a project that has no support and would have very hard time enacting some of the things that we're going to be suggesting as part of this. It really just matters on how that project is resourced. Right? So, I'm Carolyn. I'm snapping and this is for recording. I want to say that I'm snapping. Ferris is always snapping. I am silently snapping in the background. Poetry snapping. I don't care. I'll say anything recorded. I love your poetry snaps. Yeah, no, and that's a good point. I mean, even at Google, we see that there are certain projects that get, you know, there are certain projects that are just started by an engineer, maybe, and they're working on it in their spare time. And then there are others that have got a full team behind them. It just depends on overall goals. And so I think that's something to rip off of the question around, do you have a full-time person? What I would be curious in is not, even if you don't have a full-time person, like, do you have someone, something that you feel like you can go to for support? You know, and maybe that'll turn up some interesting resources that we're not aware of, you know? I also asked, is there a body of people that performs community-like duties, example, working group special answers group committee? Because some of them do have committees. I think one of the goals for contributor growth or even governance should be, should be some kind of decision tree on whether or not you need a community manager, a special interest group, a committee of community-like-minded people to do the work. Because I think that is one of the most important things that we could probably provide is that, like, how are you going to get community operational support? I think that would be really lovely. Sounds like we've got a good amount of survey questions. I think I'm suggesting that we either A, stop here, or B, refine the ones that we have. Yeah, I think we just need to refine them when we have. I'd actually like to make it shorter. Yeah, that's cool. And some things I would see combining with the other working groups, like actually a single question saying, please check all of the documents that your project has. So in our case, for governance would be interested in, do they have a COC? Do they have an collections procedure? Contributor growth wants to know, do they have a contributing.md or similar document? And I think just having one question, this is check off all the documents that your project has. That would be nice. Yeah. Yeah, we should also make sure to put something in there where we're asking like, are you willing to have an additional conversation about this? Because not one, not every project we'll be willing to, but also certain people from project might be more willing than others in that way that'll help us identify who we could do a deeper dive with. I have one other thing that I would be really interested in knowing, but I'm not sure if this is the right time to dig in and try to find this out. So I've been involved with a code of conduct. Like my name has been put on people to follow up with for the code of conduct for a number of communities at various points. And I would say a lot of communities have had a code of conduct is then they picked one and put it up. But I would say they could check the box, but they would actually have no idea what to do if someone reported it. Or to be honest, the community themselves didn't feel comfortable reporting things. Like when I look at a healthy community that has a code of conduct where people really feel comfortable reporting it and it's actually taken advantage of. And then you see things being dealt with appropriately versus we have one it's never used. So we can check the box, but really it may as well not have one. Like the thing is you're saying to kind of follow up with like we have one and it's working or we have one and we may as well not because no one uses it and who knows. I'm curious to know if that's working for people. So I was thinking we should definitely ask whether or not they have a code of conduct enforcement process. These are CNCA projects so they all have a code of conduct. My general experience is that anybody that says yes, we have an enforcement process unless they're lying to you, which sometimes they are. Well, in their head, there's a process. They just haven't discussed it with anybody. Right. Or it's never been tested. No one's ever used it. So they're terrified that someone will actually contact them. Yeah. I'll tell you, I know one project where they adopted a code of conduct and the very first COC report was against the head of the company was the project's single largest financial sponsor. So and they actually didn't have a written process, but that doesn't mean that there wasn't instant panic. Yeah, I mean, I'm being completely honest. I'm looking at the GRPC. I don't know what our process is because I personally have never experienced a code of conduct issue from the maintainer side on this project and I'm just kind of curious. Yeah. That is a thing. It's a sensitive thing to ask people about, which is why I'm not confident that this survey is the best way to do it. But I 100% believe that this is really important for us as a group to help them do because honestly, if you have a code of conduct, but then you have people behind it who are not comfortable dealing with it, or you have just the code of conduct but no policies or whatever, for whatever reason, no one's ever comfortable bringing anything on or whatever, you may as well not have one. Well, what's interesting is I just looked, so I mean, GRPC has a code of conduct.md file that just says we follow the CNCF code of conduct. And when you go to the CNCF code of conduct page, it says if you have something in the Kubernetes community that you want to report, contact that committee and then it says for other projects, please contact a CNCF project maintainer or our mediator and that gives their email address. So it sounds like CNCF has at least done the defaults if, which is good for a project like myself that apparently has not ever put in its own personal process, there is kind of the default of go to CNCF. So Paris suggested code of conduct sessions at the maintainer circle. The Kubernetes code of conduct committee did training where we were taught how to take a report and how to follow through with people. Making that available to people who are on the email list or who would be potentially taking reports if they were comfortable and interested in being able to take that similar training and have the CNCF help them do that. I think that would be amazing if we could make that possible for interested people. Yeah, and I'm also curious about, you know, obviously there's a process in place to reach out to CNCF. If you have an issue with the project and I'm curious kind of what their process is for once a complaint comes in and it's not covered in that file, it could be covered elsewhere or it may just be not documented yet, but I would be curious to see kind of like what is their handbook for how to handle a complaint that comes in. I mean, there's a handbook for like events. Yeah. Yeah. Yeah, I just, you know, it's where it specifically says to email someone at the Linux Foundation. I'm just curious what their process is and like what if that person is out of the office that might be an opportunity for improvement. Definitely, yeah. Okay, I feel like we need to refine these questions a little bit, but I'd like to get to some of the other items in our agenda. Yeah, I apologize for derailing. Like I said, I'm not confident that all of this that we're unpacking here needs to be in the survey. No. Well, so I guess, yeah, I mean, actually the real question for the survey is, do we just want a checkbox for do they have a CNCF enforcement process or do we actually want a free form question that says, hey, what is your COC process and how do you feel about it? The, I mean, in that case, I prefer the latter. Yeah. Because I, you know, I'm speaking from my experience, like if you would ask me, do you have an enforcement process, I would have been like, yeah, totally. But until I actually went and looked at the .md file, now I discover, no, we actually don't. You have an md file that says to do COC enforcement process? I haven't filed that issue for myself yet, but I will. But yeah, I mean, I would have, and I think a lot of maintainers assume that it already exists, that it's like part of the default. So I think having them actually describe it would be enlightening. Okay. Okay. I put in the notes here, some other sort of pro forma things like, do you have formally defined project roles? One of the things that we're struggling with currently in Kubernetes is failing to formally define what makes somebody a Kubernetes project member. Really? You guys have such a great chart. Yeah, but the problem is that member got defined by implication in several different process documents. And each one of those process documents has a different definition. Yeah. Oh, fun. Okay. So now we're having to reconcile those. Yeah. Yeah. Okay. So, yeah. Yeah, and then I've always, oh, sorry. No, I would just say I've always used that table as a great starting point for other projects because it's very clear and the guidelines make sense. And so it's kind of a good cautionary tale to think in mind as a project grows, that other things start referring to that terminology and making sure everyone agrees with what it means. Yeah, you'll see when I add some of my raw materials, once we figure out what our structure is going to be, I have a whole thing about project roles because I think that's a mistake. A lot of open search projects make about governance is the thing about governance entirely in terms of processes and not in terms of roles. Yeah. And that leads to problems because you say things like a maintainer has to do with acts and then discover you haven't defined anywhere what a maintainer is. Yeah, makes sense. Yeah. I was hoping we could also add to that and just say, do you have a defined way to become each one of these roles? Yeah. Yo, that was the contributor ladder question. Yeah. And none of us knows what that means. Yeah. Yeah. Yeah. Yeah. Well, I think we would need to clarify that because not everybody uses that term. Yeah. Yeah. And you could even just be more open-ended of how does someone become a maintainer, like leave it that way because not even, not all projects have a ladder. For GRPC, if you want to be a maintainer, you just say you want to be a maintainer. So hard to imagine this is actually quite small. You have a ladder. Right. You have a ladder. It's just that the rungs are quite close together. Yeah. It's more like a step stool. Yeah. Yeah. But yeah, I mean, it's not something that we would think of as a ladder. So just maybe that clarification of when we say this, we mean, how does someone get more responsibility in the projects? Okay. So I'll try to refine that a little to see because everything we want to do is we want to, of course, minimize the number of actual questions we asked. We asked to try to make it more likely that somebody's going to answer them. And then throw that on our Slack so that we can actually turn it into a real section of a questionnaire. Oh, I have one other one. You know, we've struggled. I've seen this in a number of communities like in our own right here, but then in some of the other SIGS I'm on, where we favor real-time Slack communication to the detriment of other time zones. And the mailing list has actually one post on it. And that's it. So with the real-time communication, it'd be nice to actually have people talk about if they even use real asynchronous channels anymore and if that's working for everyone. Or I don't know how to word it, but that's kind of what I'd be interested in getting at. The ways that one of the ways I've worded it for internal Red Hat projects is for asking projects to define their primary and secondary mechanisms of communication. Because usually a project has one to two primary mechanism of communication, like for Kubernetes, that would be Slack and Zoom conferences. And then it will have any number of secondary communication. So like GitHub issues, mailing list, etc. Yeah, with other projects I've worked on, we've set it up where primary is GitHub. We want it as much as possible to have it on GitHub. And Slack is secondary, but we're trying really hard to push that if a decision is going to be made, it's decided on GitHub. Yeah, that kind of thing would be really interesting to understand a bit, because I think it's something that really intersects with governments. When you start talking about where decisions mean. Okay, would it be okay if I move on to the next section of the agenda? Yeah, okay. So we have two things to build out for the governance working group. One is the CNCF TOC would like our advice on what governance requirements should exist at the incubating and graduated level. There really isn't much right now. Some of their staff are working on some requirements, but they really want our feedback on it. So my question for this meeting is, because that's a broad topic, is actually more about how do we do this rather than what do we recommend? Because I think we're going to need a lot of discussion on what we recommend. Which is how do we want to collaborate on this, given that pull requests are not a very good mechanism for open discussion? It's the kind of open discussion I think we need to have in the early stages of what should be required. And then the second thing is, we're going to be giving the TOC advice based on a moving target of what they've already passed. Right. So I don't know if there's any good way for us to kind of track their upstream requirements, reality, particularly given that they seem to keep moving where it's actually located. Well, so you mentioned that they have staff that's working on writing out some requirements. Is it something that we could start with what has already been created and propose changes, things like that? Yeah. That's the idea. Yeah, what the staff is doing is that they're codifying the things that the TOC has already passed in the past. Oh, okay. But a lot of those are only in TOC meeting notes. They're currently not anywhere else. Which can be, it's going to be very hard to search out because it's not like they use special keywords or anything. Right. So like, for example, that the TOC planned to require multi-company maintainership at the incubating level was actually thrown into a discussion on sandbox requirements. Oh, right. Yeah, I remember that. Yeah, I saw that. But... Scope creep. Yeah, so I guess we can't answer how we want to track current TOC requirements because they don't currently have a formal way to codify those. So... Right, that was going to be, my next question would be like, so if there's a team that's working on putting it all together, like, do we have an ETA for when they'll have it all kind of documented and then we can... Yeah. And maybe they want our advice on how they should actually track those requirements, in which case. We'll turn that over actually main contributor strategy. I know that Paris has proposed that the CNCF could use a community repo that would contain this kind of thing, although I don't see why we can't put it in the TOC repo. Yeah, I kind of thought that was what the TOC repo had been doing, but she's right. It could be getting too big. Okay, but the requirements, so for our initial sort of rough collaboration, do we want to use Google Docs? Do we want to use HackMD? Do we want to use something else? No, I'm open to either one. Do we want to use Google Docs? Isn't there... I thought by now GitHub was supposed to have some sort of collaborative hacking on gists, but maybe not. Maybe coming. I don't know, I don't use gists very often, so. I've used HackMD and you can leave comments and things like that, but they're not... I mean, they work fine, but I think they're a little bit easier to resolve and work with and then track the history of in Google Docs. This is fine from someone who loves Markdown. Yeah, the one problem I have with Google Docs is that if a comment gets deleted, yes, you can't ever recover it. Yeah, yeah. Just because I had a particular collaborative document that I had like 18 people from I had commenting on and somebody somehow found the switch to delete all comments. Oh, gosh, good. Yeah, but okay, sounds like Google Doc though, because I don't have a better solution. Yeah, usually like what I've done, and I'm not saying this is the thing, but we usually had like one person who owns it is the one person who can edit it, and then everyone else is just suggesting comments. Yeah, or ability to just add comments, yeah. Yeah, and then everyone else just comments and suggests. Okay, the other thing I want to do is I'm going to put a wip.md file in each directory and have that link to the Google Docs. Oh, yeah, great. So that way somebody coming to our repo can figure out where it is we're doing this in progress work. Awesome. I mean, it'll have to be a view only link for bot fighting reasons, but okay, so I'll go ahead and launch that. The, yeah, as far as I know, the only formal direction that we actually have from the TOC is that they actually want a multi-company requirement at incubating level. And at graduated level, they want some level of a requirement for mature governance. Oh, they don't have a definition of what mature governance means. Oh, that's going to be my next question. That's kind of up to us. I mean, like, I'm sure when we provide them with a proposal, they're going to have criticism of it, but they haven't written anything down that I've been able to find that says that, you know, you have to have all of these things. Yeah, I would just, you know, we're from that, that comment of mature governance just some sort of, you know, tidbit of what kind of the thought is behind it would be helpful. Unless it could be something as simple as like, this project has existed for a couple years, and so the governance has been in place for a couple of years, who knows. Yeah, but I know projects that have been in existence for 20 years, and their governance is still, these three guys founded this project, they run it. Yup. I mean, well, but that's the thing, like you could make the case that that's mature because it's lasted for 20 years and it still works. Yeah, so I think mature is not quite the right word. I think hopefully it would be something that has been, like, you know how we have accepted licenses and kind of accepted models is like, the TOC thinks these are good models or our own group has decided these are models that works. I think the governance model needs to be one that we've vetted. I think so it's appropriate for the CNCF. Yeah. Yeah, I think if, you know, CNCF has always been very much a, we don't tell projects how to govern, but if it's moving in that direction, then I think we need to be able to provide, like you said, that kind of license type format that explains what's good and what isn't. But we do make sure that they need essential criteria. Oh, yeah. Well, and one of the questions, you know, would be, and this would be a question ultimately for the TOC is that, you know, is the CNCF willing to consider a project graduated if it is, you know, there's a single founder for the project and he or she is the governance. Right. Like, is that okay? Because obviously, there's obviously a potential critical succession problem there. You know, and whether or not that's a deal breaker for the CNCF is really a TOC question. I mean, so we're talking about adding multi-company for incubating so it would fail right there. Yeah, I guess it would. It would, wouldn't it, right? Unless the guy is like part timing for two different companies. Well, and then a good, you know, a good thing is like a multi-company, what happens if one company buys the other and then you suddenly have a project that was two, but now it's one, you know, what does that do? That already came up in a TOC meeting. Someone else asked that too, if it was you. I think Anne, I saw was a comment I saw Anne had made, or maybe, no, I may have put it, yeah, I know, but I know it was something that Anne and I had discussed. And, you know, also like when, you know, maintainers change companies, you know, we, those are very real things that happen. And so when we say like, this thing of company diversity, it's like, well, what does that mean? Is it two? Is it three? Where's the, what do we define as diverse? Yeah, basically it means we need to be able to follow the money and find different masters of people's paychecks. Yeah, let's be honest. Well, but I don't, like, I guess it's also a why. Like, why does it matter if one project only has maintainers from one company? If everybody uses it is okay with it. Right. The main thing the CNCF is trying to prevent is having CNCF projects become an extension of somebody's engineering department. Okay, makes sense. Because for projects where all of the contributors work for a single company, it's often difficult to separate that company's internal product strategy from projects. Sure. Yeah, yeah. Like people don't even have to have bad intentions, right? It's just that it's all the same people in both the company meetings and the public meetings and you lose track. Well, and honestly, like you saying that is the first time it's been explained to me in a way that actually gets, you know, to what it's really trying to solve. Like, you know, when saying maintainer diversity, it was kind of that same thing of like, does that mean two or three or four? But that makes sense. So I'm wondering if there's a different kind of way to frame it that would allow for those situations where, you know, maintainers might go to different companies and things like that and where, you know, we're still kind of getting to the same goal, but not in such a concrete way. Yeah. For large projects, it's not as much of a problem because when there's an employer switch and we, you know, and a project ends up with sort of a bad balance, a person can always step down or they can promote somebody. It's for small projects that have difficulty recruiting new maintainers where it can be really difficult. Yeah. Although I will say pushing projects to diversify their maintainer base, I found materially often also pushes them to broaden their concept of a maintainer. Like to finally promote the person who's, say, in charge of their release process or the person who's their lead doc writer to be a maintainer. Right. Right. Instead of treating them as being kind of outside. Yeah. So it can have some good side effects. Yeah. And so one thing I, you know, think especially with this very bizarre pandemic time that we're in, you know, the consequences that it's going to have on open source projects and that down the road we could conceivably be seeing a situation where there just aren't people that can volunteer to be a maintainer because for a lot of folks it is something they do, you know, in their spare time, that kind of thing, labor of love. And when, you know, the going is really tough, then that, that doesn't get as much attention. So it's situations like that where I'd want to be sure that we, you know, give, give some wiggle room basically. You know, like you said, if a project has the best intentions, but can't get new maintainers just because the current environment makes that really hard, you know, it's, it's, I don't want to penalize them. The, yeah, well, I mean, a lot of that's going to actually be up to the TOC and or the technical six when they decide on graduation. We're just trying to come up with a set of rules for them to follow. The, okay, so yeah, so we'll be going over that. I guess what I will do is I will create a bunch of Google docs and WP.m, I work in progress.md file that links to those so that we can get started with sort of trying to come up with what we think the requirements should be. Oh, kind of one thing about Sandbox. Now that Sandbox, you've seen the proposal that Sandbox will change radically. It seems like it doesn't make sense to have a lot of or if any new requirements for Sandbox, would you agree? Yeah, I don't see any governance requirements on there. And so then one of the questions becomes, do we want to recommend that there be any governance requirements for Sandbox? Other than code of conduct? Well, yeah, I mean, I guess, yes, actually, they're required by the CNCF to adopt the CNCF code of conduct. Yeah. And they're required to adopt certain IP requirements. Yeah, but they're not required to adopt a reporting process for the code of conduct. So that is potentially something we've really identified as a big need. You know, when we talk about governance for Sandbox projects, I would say, like Carolyn was saying, like at the bare minimum, you need the code of conduct, but you also need a process by which people can report violations. And then I would think that the whole point of being in Sandbox is that you get a chance to kind of work through what you want your governance to be like. Okay, I mean, I'm fine with that. I'm not, you know, it's going to be hard enough to come up with recommendations for incubating and graduated. I don't really feel like borrowing trouble. So speaking of Google Docs, I mean, I guess, so one of the things I want to have, so the other half of governance working group is coming up with a body of guidance and advice, both stuff we write ourselves and resources that we link to on how to do these things, right? If the project says, hey, you know, how, you know, we want to have a formal contributor ladder, how do we set one up, right? You know, hey, we want to do COC, you know, we want to have, you know, real COC enforcement reporting, you know, how do we set this up? Yeah, and you know, and other things of how to governance. So I have a bunch of stuff I've written for this, but I realized that I actually wanted to collaborate on having some kind of structure to plug it into, because eventually we'll end up with a fairly substantial set of documents. And I think it'll help us a lot if we have an outline of it now, an outline ahead of it, ahead of generating a whole bunch of materials, both to make it easier for people, for projects who are trying to use this to find things, and also so that we can see what areas we're completely missing stuff in. So the contributor growth, working group will be working on both assistance with definition of roles and various ladders, not as like a hard and fast role, but just, these are things that are going to be put in the, it's called contribute community, just to kind of help out with that, but we haven't gotten that working group going yet. Okay, well they answer the one of the questions is whether or not we should be combining documents for this, because like maintainer tends to be both a contributor role and a governance role? Yes. But say steering committee for the projects that have one is purely a governance role. Yeah, I think we'll have to collaborate on that. I think it would be confusing to have it be entirely separate. I mean there may be like perhaps separate sections where you have additional information and maybe text that would focus on governance specific things. I think we'll have to evolve that, but I would hate to have it be two separate efforts that we need to completely, you know, work on individually. Okay, but contributor growth does not already have an outline, so we would be working on it. I was just saying hopefully we can collaborate in that repo on it. Okay, so a couple brief things before we finish. Meeting schedule. I had Amy put this on the calendar for every two weeks at this time. Is there some reason to do a different schedule? Do we want to do less frequent meetings? Do we know of somebody from a non-US time zone who's interested and we ought to move it either earlier or later for that matter? Have we put anything about the new meeting schedule on the mailing list? Yeah, I mean I say this time is working fine and every two weeks seems to work fine and we can always, you know, adjust time and stuff in the future if we need to as more people join Okay, okay, and I put open issue PR review in there as a template, but the only open issue we have is the one we already discussed. So, except that I think I should probably close launch governance working groups as of having a first meeting as we are launched. We're launched. Okay, anything else? No, get on our mailing list. Thanks, let me crash here. You're working group today. You are always welcome. Thanks for the feedback. Yeah, you can crash every time just, you know, if you do it too much beware of being assigned issues. It's a random number generator for which dates I should. Cool, okay. Thanks a lot all. See you on Slack and I'll get a dock up for that survey right away and the other stuff probably tomorrow. Sounds good. Awesome, bye y'all.