From 66d0816de4deb961575544858562f92b24037dc3 Mon Sep 17 00:00:00 2001 From: Michael Dawson Date: Wed, 5 Mar 2025 17:32:12 -0500 Subject: [PATCH 1/5] doc: first cut at sponsor agreements, and sponsor page documentation Signed-off-by: Michael Dawson --- sponsorship/README.md | 126 ++++++++++++++++++ .../ci_stability_lead_sponsor_agreement.md | 41 ++++++ .../nodejs_supporters_page_template.md | 69 ++++++++++ sponsorship/releasers_sponsor_agreement.md | 44 ++++++ .../security_lead_sponsor_agreement.md | 36 +++++ .../security_steward_sponsor_agreement.md | 49 +++++++ .../security_triager_sponsor_agreement.md | 47 +++++++ 7 files changed, 412 insertions(+) create mode 100644 sponsorship/README.md create mode 100644 sponsorship/ci_stability_lead_sponsor_agreement.md create mode 100644 sponsorship/nodejs_supporters_page_template.md create mode 100644 sponsorship/releasers_sponsor_agreement.md create mode 100644 sponsorship/security_lead_sponsor_agreement.md create mode 100644 sponsorship/security_steward_sponsor_agreement.md create mode 100644 sponsorship/security_triager_sponsor_agreement.md diff --git a/sponsorship/README.md b/sponsorship/README.md new file mode 100644 index 0000000..add5e7c --- /dev/null +++ b/sponsorship/README.md @@ -0,0 +1,126 @@ +# Sponsorship + +The Node.js project needs a variety of sponsors in order to make the delivery +of Node.js possible. Sponsors support the project through people time, +infrastructure and monetary donations. + +## Sponsor Recognition + +The project aims to recognize sponsors who help keep the `lights on` by +contributing in ways that support + +* Releases +* CI stability +* Security +* Infrastructure + +In addition the project aims to recognize sponsors who make significant +individual or organizational monetary donations which are not directed +towards a specific purpose. +The project has enabled crowd funding platforms and can also receive + +funds through directed contributions to the OpenJS foundation and from +OpenJS programs like the +[Ecosystem Sustainability Program] + +Sponsors who have made a contribution of 5000 us or more will be +included in a rotating set of sponsors on the main Nodejs.org landing +page with a visibility in proportion to the level of +contribution that they have made. + +All sponsorships are considered as being a calendar year sponsorship +with the calendar year starting on the date the donation was made. + +## Releases + +Organizations or individuals who commit to do at least 4 releases per +year are included in the `Releasers` section of the sponsor page on the +Node.js website. + +All of the logos shown in the `Releasers` section will be of the same +general size. + +If you are a releaser or an organization who employs a releaser +See the [Releasers sponsor agreement](releasers_sponsor_agreement.md) +for how to be included in the releasers supporters. + +## CI stability + +The project documented the need for a stability lead as part of +enabling crowd funding accounts. Organizations or individuals +that become supporters of 10000 US or higher towards the 60,000 US +goal will be included in the `CI Stability Lead` section of the +sponsors page. + +Logos shown in the `CI Stability lead` section will be in proportion +to the percentage of the taget sponsored. For example, if a single +sponsor provides 60,000 US their logo will be the only one in that section. + +If you have sponsored the CI stability lead either through +the project's crowd funding accounts or through directed donation +through the OpenJS foundation see the [CI stability lead sponsor agreement]() +for how to be included in the CI stability lead sponsors. + +## Security Lead + +The project documented the need for a security lead as part of +enabling crowd funding accounts. Organizations or individuals +that become supporters of 20,000 US or higher towards the 300,000 US +goal will be included in the `Security Lead` section of the +sponsors page. + +Logos shown in the `Security lead` section will be in proportion +to the percentage of the taget sponsored. For example, if a single +sponsor provides 300,000 US their logo will be the only one in that section. + +If you have sponsored the `Security lead` either through +the project's crowd funding accounts or through directed donation +through the OpenJS foundation see the [Security lead sponsor agreement]() +for how to be included in the Security lead sponsors. + +## Security Triage + +Organizations or individuals who have contributors to the project with the +required trust and commit to cover least one slot in the +security triage rotation are included in the `Security Triage` section of +the sponsor page on the Node.js website. Each slot is 2 weeks long and +a security triager's slot comes up every 2N weeks where N is the total +nubmer of committed triagers. + +All of the logos shown in the `Security Triage` section will be of the same +general size. + +If you are a triager or an organization who employs a triager +See the [Security triager sponsor agreement](security_triager_sponsor_agreement.md) +for how to be included in the security triage supporters. + +## Security Stewards + +Organizations or individuals who have contributors to the project with the +required trust and commit to cover least one slot in the +security steward rotation as documented in +[Security Release Stewards](https://github.com/nodejs/node#security-release-stewards) +are included in the `Security Stewards` section of +the sponsor page on the Node.js website. Each slot in the rotation is +for stewarding 1 security release. + +All of the logos shown in the `Security Steward` section will be of the same +general size. + +If you are a security steward or an organization who employs a security steward +See the [Security Steward sponsor agreement](security_steward_sponsor_agreement.md) +for how to be included in the security steward supporters. + +## General Supporters + +Logos for organizations and individuals who have contributed at least $500 per year to the project through Open Collective or Open Collective will be shown on the supporters page. In addition a full link to the GitHub sponsors and open collective pages will be included in the sponsors page +. A full list of supporters is available on our GitHub sponsors and Open Collective pages: + + +## Supporters page template for Nodejs.org + +The template will be as shown in +[Nodejs.org Supporters page template](/nodejs_supporters_page_template.md). + + + diff --git a/sponsorship/ci_stability_lead_sponsor_agreement.md b/sponsorship/ci_stability_lead_sponsor_agreement.md new file mode 100644 index 0000000..18f3dfb --- /dev/null +++ b/sponsorship/ci_stability_lead_sponsor_agreement.md @@ -0,0 +1,41 @@ +# CI stability lead sponsor Agreement + +The project documented the need for a stability lead as part of +enabling crowd funding accounts. Organizations or individuals +that become supporters of 10000 US or higher towards the 60,000 US +goal will be included in the `CI Stability Lead` section of the +sponsors page. + +In order to be recognized ci stability lead sponsor sponsor, open an PR to add an entry +in the [nodejs/admin/sponsors](https://github.com/nodejs/sponsors) directory titled +`CI stability lead sponsor request - XXXX` where XXXX is the name of the organization +or individual. In that issue include the following template: + +## Organization Details + +* Organization/Individual Name: +* Organization/Individual Contact: +* Sponsor visiblity level (0-1): (Will be agreed and set in co-operation with the project, based + current sponsors). Used for rotating display on main Nodejs.org landing page. + +## Comfirmation of committment + +Include reference to contribution through OpenCollective or GitHub sponsors, or +contact at OpenJS foundation that can confirm directed contribution. + +## Logo details + +* Link to logo to be included on sponsor page +* Link to company website that can be linked to from logo + +## Confirmation of use of Logo + +* By submitting this issue I confirm that the Node.js project can + use the logo provided and that I have obtained all required + approvals from my organization for the Node.js project to use + the logo submitted. + + + + + diff --git a/sponsorship/nodejs_supporters_page_template.md b/sponsorship/nodejs_supporters_page_template.md new file mode 100644 index 0000000..18d3a2a --- /dev/null +++ b/sponsorship/nodejs_supporters_page_template.md @@ -0,0 +1,69 @@ +# Supporters + +The work of the Node.js project is driven forward by volunteers. Our preferred form of support +from an organization is sending your people to contribute on a regular and consistent manner. + +However, there is some supporting work within the project that is not the best fit for volunteers. +For example, when vulnerabilities come with a disclosure deadline there is no guarrantee that +a volunteers will have time to get the vulnerabilty fixed and out in a security release out in time. + +In addition, the project needs non-people resources to continue operating. For example machines for +the CI infrastructure. While the OpenJS Foundation covers some resources which are needed by the +project it cannot cover all of them. + +For cases were volunteers are not a great fit and for non-people resources we are grateful to the +sponsors listed on their page for their support. + +## Releasers +Regular and timely releases are a key goal for the projectsc. Organizations and individuals that support +the project by committing to do at least 4 releases per year include: + +![LOGOS](https://github.com/user-attachments/assets/53f3fd31-160a-4307-8144-de30c9f963cf) + +## CI stability lead + +The project has been having ongoing issues with flaky tests and this has been a major pain point. +The project, therefore, has a goal to hire a short term ci stability lead who can improve +ci stability and implement tooling and processes that will provide longer term benefits. The following +sponsors have made this possible: + +![LOGOS](https://github.com/user-attachments/assets/53f3fd31-160a-4307-8144-de30c9f963cf) + +## Security + +Maintaining a good security posture and addressing vulnerabilities in a timely manner is a key goal +for the project. We thank the following sponsors for their support in helping to do that. + +### Security Lead + +Organizations and individuals that support the project by funding our security lead for a mininmum of +10000 US per year include: + +![LOGOS](https://github.com/user-attachments/assets/53f3fd31-160a-4307-8144-de30c9f963cf) + +### Security Triage +Organizations and individuals who support the project by commiting at least one person to take a regular slot in our +security triage rotation include: + +![LOGOS](https://github.com/user-attachments/assets/53f3fd31-160a-4307-8144-de30c9f963cf) + +### Security Steward +Organizations and individuals that support the project by committing at least one person to +take a regular slot in our security steward rotation include: + +![LOGOS](https://github.com/user-attachments/assets/53f3fd31-160a-4307-8144-de30c9f963cf) + +## Infrastructure +Organizations and individuals that support the project by contributing at least $5000 of resources +to the project per year include: + +![LOGOS](https://github.com/user-attachments/assets/53f3fd31-160a-4307-8144-de30c9f963cf) + +## General supporters + +Organizations and individuals who have contributed at least $500 per year to the project. A +full list of supporters is available on our GitHub sponsors and Open Collective pages: +* https://github.com/sponsors/nodejs +* https://opencollective.com/nodejs + + ![lager sponsors](https://github.com/user-attachments/assets/96539660-0578-4a77-97ea-92176bf1a737) diff --git a/sponsorship/releasers_sponsor_agreement.md b/sponsorship/releasers_sponsor_agreement.md new file mode 100644 index 0000000..460c5db --- /dev/null +++ b/sponsorship/releasers_sponsor_agreement.md @@ -0,0 +1,44 @@ +# Releasers Sponsor Agreement + +Orgnizations or individuals who commit to do at least 4 releases per +year are included in the `Releasers` section of the sponsor page on the +Node.js website. + +In order to be recognized as a releaser sponsor, open an PR to add an entry +in the [nodejs/admin/sponsors](https://github.com/nodejs/sponsors) directory titled +`Releasers sponsor request - XXXX` where XXXX is the name of the organization +or individual. In that issue include the following template: + +## Organization Details + +* Organization/Individual Name: +* Organization/Individual Contact: +* Releasers Github handles: +* Sponsor visiblity level (0-1): (Will be agreed and set in co-operation with the project, based + current sponsors). Used for rotating display on main Nodejs.org landing page. + +## Comfirmation of committment + +By submitting this issue I confirm that: + +* I have the ability to commit the named resources to doing releases +* If this request is on behalf of an organization, I confirm that the + releasers named have been allocated to do at least 4 releases per + year. + +## Logo details + +* Link to logo to be included on sponsor page +* Link to company website that can be linked to from logo + +## Confirmation of use of Logo + +* By submitting this issue I confirm that the Node.js project can + use the logo provided and that I have obtained all required + approvals from my organization for the Node.js project to use + the logo submitted. + + + + + diff --git a/sponsorship/security_lead_sponsor_agreement.md b/sponsorship/security_lead_sponsor_agreement.md new file mode 100644 index 0000000..3bffcff --- /dev/null +++ b/sponsorship/security_lead_sponsor_agreement.md @@ -0,0 +1,36 @@ +# CI stability lead sponsor Agreement + +The project documented the need for a security lead as part of +enabling crowd funding accounts. Organizations or individuals +that become supporters of 20,000 US or higher towards the 300,000 US +goal will be included in the `Security Lead` section of the +sponsors page. + +In order to be recognized as security release lead sponsor, open an PR to add an entry +in the [nodejs/admin/sponsors](https://github.com/nodejs/sponsors) directory titled +`Security release sponsor request - XXXX` where XXXX is the name of the organization +or individual. In that issue include the following template: + +## Organization Details + +* Organization/Individual Name: +* Organization/Individual Contact: +* Sponsor visiblity level (0-1): (Will be agreed and set in co-operation with the project, based + current sponsors). Used for rotating display on main Nodejs.org landing page. + +## Comfirmation of committment + +Include reference to contribution through OpenCollective or GitHub sponsors, or +contact at OpenJS foundation that can confirm directed contribution. + +## Logo details + +* Link to logo to be included on sponsor page +* Link to company website that can be linked to from logo + +## Confirmation of use of Logo + +* By submitting this issue I confirm that the Node.js project can + use the logo provided and that I have obtained all required + approvals from my organization for the Node.js project to use + the logo submitted. diff --git a/sponsorship/security_steward_sponsor_agreement.md b/sponsorship/security_steward_sponsor_agreement.md new file mode 100644 index 0000000..d9e66d1 --- /dev/null +++ b/sponsorship/security_steward_sponsor_agreement.md @@ -0,0 +1,49 @@ +# Releasers Sponsor Agreement + +Organizations or individuals who have contributors to the project with the +required trust and commit to cover least one slot in the +security steward rotation as documented in +[Security Release Stewards](https://github.com/nodejs/node#security-release-stewards) +are included in the `Security Stewards` section of +the sponsor page on the Node.js website. Each slot in the rotation is +for stewarding 1 security release. + +In order to be recognized as a security steward sponsor, open an PR to add an entry +in the [nodejs/admin/sponsors](https://github.com/nodejs/sponsors) directory titled +`Security steward sponsor request - XXXX` where XXXX is the name of the organization +or individual. In that issue include the following template: + +## Organization Details + +* Organization/Individual Name: +* Organization/Individual Contact: +* Security steward Github handles: +* Sponsor visiblity level (0-1): (Will be agreed and set in co-operation with the project, based + current sponsors). Used for rotating display on main Nodejs.org landing page. + +## Comfirmation of committment + +By submitting this issue I confirm that: + +* I have the ability to commit the named security steward to covering a slot + in the security steward rotation +* If this request is on behalf of an organization, I confirm that the + security stewards named have been allocated to cover at least one slot in the + rotation. + +## Logo details + +* Link to logo to be included on sponsor page +* Link to company website that can be linked to from logo + +## Confirmation of use of Logo + +* By submitting this issue I confirm that the Node.js project can + use the logo provided and that I have obtained all required + approvals from my organization for the Node.js project to use + the logo submitted. + + + + + diff --git a/sponsorship/security_triager_sponsor_agreement.md b/sponsorship/security_triager_sponsor_agreement.md new file mode 100644 index 0000000..70899b7 --- /dev/null +++ b/sponsorship/security_triager_sponsor_agreement.md @@ -0,0 +1,47 @@ +# Releasers Sponsor Agreement + +Organizations or individuals who have contributors to the project with the +required trust and commit to cover least one slot in the +security triage rotation are included in the `Security Triage` section of +the sponsor page on the Node.js website. Each slot is 2 weeks long and +a security triager's slot comes up every 2N weeks where N is the total +nubmer of committed triagers. + +In order to be recognized as a security triage sponsor, open an PR to add an entry +in the [nodejs/admin/sponsors](https://github.com/nodejs/sponsors) directory titled +`Security triage sponsor request - XXXX` where XXXX is the name of the organization +or individual. In that issue include the following template: + +## Organization Details + +* Organization/Individual Name: +* Organization/Individual Contact: +* Security triager Github handles: +* Sponsor visiblity level (0-1): (Will be agreed and set in co-operation with the project, based + current sponsors). Used for rotating display on main Nodejs.org landing page. + +## Comfirmation of committment + +By submitting this issue I confirm that: + +* I have the ability to commit the named security triagers to doing security triage +* If this request is on behalf of an organization, I confirm that the + security triagers named have been allocated to cover at least one slot in the + triage rotation. + +## Logo details + +* Link to logo to be included on sponsor page +* Link to company website that can be linked to from logo + +## Confirmation of use of Logo + +* By submitting this issue I confirm that the Node.js project can + use the logo provided and that I have obtained all required + approvals from my organization for the Node.js project to use + the logo submitted. + + + + + From 832f836506508b5d2b17410050bb373bcbeba910 Mon Sep 17 00:00:00 2001 From: Michael Dawson Date: Tue, 18 Mar 2025 15:14:00 -0400 Subject: [PATCH 2/5] Update sponsorship/README.md Co-authored-by: Antoine du Hamel --- sponsorship/README.md | 1 - 1 file changed, 1 deletion(-) diff --git a/sponsorship/README.md b/sponsorship/README.md index add5e7c..fc235b7 100644 --- a/sponsorship/README.md +++ b/sponsorship/README.md @@ -18,7 +18,6 @@ In addition the project aims to recognize sponsors who make significant individual or organizational monetary donations which are not directed towards a specific purpose. The project has enabled crowd funding platforms and can also receive - funds through directed contributions to the OpenJS foundation and from OpenJS programs like the [Ecosystem Sustainability Program] From d42ad43b7562d1ef317a010530c715e393ffcca7 Mon Sep 17 00:00:00 2001 From: Michael Dawson Date: Tue, 18 Mar 2025 15:14:12 -0400 Subject: [PATCH 3/5] Update sponsorship/README.md Co-authored-by: Antoine du Hamel --- sponsorship/README.md | 3 +-- 1 file changed, 1 insertion(+), 2 deletions(-) diff --git a/sponsorship/README.md b/sponsorship/README.md index fc235b7..10f53e9 100644 --- a/sponsorship/README.md +++ b/sponsorship/README.md @@ -19,8 +19,7 @@ individual or organizational monetary donations which are not directed towards a specific purpose. The project has enabled crowd funding platforms and can also receive funds through directed contributions to the OpenJS foundation and from -OpenJS programs like the -[Ecosystem Sustainability Program] +OpenJS programs like the [Ecosystem Sustainability Program][]. Sponsors who have made a contribution of 5000 us or more will be included in a rotating set of sponsors on the main Nodejs.org landing From e6459d317aa1365ca913902e8a0dbc5164c7a121 Mon Sep 17 00:00:00 2001 From: Michael Dawson Date: Tue, 18 Mar 2025 15:14:19 -0400 Subject: [PATCH 4/5] Update sponsorship/README.md Co-authored-by: Antoine du Hamel --- sponsorship/README.md | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/sponsorship/README.md b/sponsorship/README.md index 10f53e9..52d617c 100644 --- a/sponsorship/README.md +++ b/sponsorship/README.md @@ -21,7 +21,7 @@ The project has enabled crowd funding platforms and can also receive funds through directed contributions to the OpenJS foundation and from OpenJS programs like the [Ecosystem Sustainability Program][]. -Sponsors who have made a contribution of 5000 us or more will be +Sponsors who have made a contribution of 5000 USD or more will be included in a rotating set of sponsors on the main Nodejs.org landing page with a visibility in proportion to the level of contribution that they have made. From fad7a8cf6ef57925a1e6fe3115787817e218eb20 Mon Sep 17 00:00:00 2001 From: Michael Dawson Date: Tue, 18 Mar 2025 15:14:26 -0400 Subject: [PATCH 5/5] Update sponsorship/README.md Co-authored-by: Antoine du Hamel --- sponsorship/README.md | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/sponsorship/README.md b/sponsorship/README.md index 52d617c..f3880fa 100644 --- a/sponsorship/README.md +++ b/sponsorship/README.md @@ -46,7 +46,7 @@ for how to be included in the releasers supporters. The project documented the need for a stability lead as part of enabling crowd funding accounts. Organizations or individuals -that become supporters of 10000 US or higher towards the 60,000 US +that become supporters of 10,000 USD or higher towards the 60,000 USD goal will be included in the `CI Stability Lead` section of the sponsors page.