Skip to content

docs(ospo): community health rollout v2 — README, agents.md, health files#248

Open
dj4oC wants to merge 2 commits into
masterfrom
ospo/community-health-v2
Open

docs(ospo): community health rollout v2 — README, agents.md, health files#248
dj4oC wants to merge 2 commits into
masterfrom
ospo/community-health-v2

Conversation

@dj4oC

@dj4oC dj4oC commented May 28, 2026

Copy link
Copy Markdown

Summary

This PR is part of the Kiteworks OSPO community health rollout (kiteworks.com/opensource), applied to all ~110 public ownCloud repositories starting May 5, 2026.

  • README.md: Rewritten with v2 OSPO template
    • License-specific OSPO section with Apache 2.0 migration guidance
    • Mandatory Community & Support section: GitHub Discussions, Matrix, docs, enterprise support, OSPO home
    • Contributing workflow: Rebase Early/Often, Dependabot, PGP/GPG-signed commits, DCO sign-off, GitHub Actions policy
    • Security section pointing to security.owncloud.com + YesWeHack bug bounty
    • Translations link to Transifex (owncloud project)
  • agents.md (new): AI agent context file with architecture, build commands, OSPO policy constraints
  • CODE_OF_CONDUCT.md (new): Redirect to https://owncloud.com/contribute/code-of-conduct/
  • CONTRIBUTING.md (new): Redirect to https://owncloud.com/contribute/
  • SECURITY.md (new): Redirect to https://security.owncloud.com + YesWeHack
  • SUPPORT.md (new): Redirect to https://owncloud.com/contact-us/ and support channels

Test plan

  • README renders correctly on GitHub (badges, sections, links)
  • All health file links resolve (CODE_OF_CONDUCT, CONTRIBUTING, SECURITY, SUPPORT)
  • agents.md loads correctly in Claude Code and GitHub Copilot
  • License referenced in README matches actual LICENSE file in repo

🤖 Generated with Claude Code as part of the ownCloud OSPO rollout.
Kiteworks OSPO: https://kiteworks.com/opensource

@dj4oC dj4oC requested review from DeepDiver1975 and kobergj May 28, 2026 08:04
@dj4oC
docs(ospo): community health rollout v2 — README, agents.md, health f…
ebb0ad9 
…iles

Introduced by the Kiteworks Open Source Program Office (OSPO) on May 5, 2026.

Changes:
- README.md: rewritten with OSPO v2 template — license-specific migration
  guidance, Community & Support section, Contributing workflow, Security
  section pointing to security.owncloud.com + YesWeHack bug bounty
- agents.md: AI agent context file with architecture, build commands, and
  OSPO Policy Constraints (GitHub Actions, Dependabot, Git Workflow)
- CODE_OF_CONDUCT.md: redirect to https://owncloud.com/contribute/code-of-conduct/
- CONTRIBUTING.md: redirect to https://owncloud.com/contribute/
- SECURITY.md: redirect to https://security.owncloud.com + YesWeHack
- SUPPORT.md: redirect to https://owncloud.com/contact-us/ + channels

OSPO: https://kiteworks.com/opensource

Signed-off-by: David Walter <david.walter@kiteworks.com>
@dj4oC dj4oC force-pushed the ospo/community-health-v2 branch from 3aaf055 to ebb0ad9 Compare June 2, 2026 06:22
DeepDiver1975
DeepDiver1975 reviewed Jun 16, 2026
View reviewed changes

@DeepDiver1975 DeepDiver1975 left a comment

Copy link
Copy Markdown
Member

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

🤖 Automated review by Claude Code review agent.

Overview

This PR applies the Kiteworks OSPO community-health template v2 to docs-client-android: a rewritten README.md plus new agents.md, CODE_OF_CONDUCT.md, CONTRIBUTING.md, SECURITY.md, and SUPPORT.md. The redirect-style health files are clean and the README is well structured. The substantive concerns are around license metadata accuracy and a couple of broken links / awkward wording introduced by the templated content.

Code quality / style

  • The four redirect health files (CODE_OF_CONDUCT.md, CONTRIBUTING.md, SECURITY.md, SUPPORT.md) are clear and consistent. Links are well-formed.
  • README is much more readable than the prior version and the Getting Started commands (npm install, npm run antora-local, npm run serve) all map to real scripts in package.json. Good.
  • Minor consistency nit: most links in SUPPORT.md use <...> autolink syntax, but Community discussions uses a bare URL. Wrap it in <> for consistency.

Specific suggestions

  1. License metadata is inaccurate (highest priority). The README states **Current license: Not detected.** and agents.md says contributions must be compatible with **the license specified in the repository**. However, the repo's package.json declares "license": "AGPL-3.0". The license is detectable — the template's "not detected" fallback fired incorrectly here. Please set the README/agents.md to reflect AGPL-3.0.

  2. Broken LICENSE links. The README License badge (](LICENSE)) and the License section (See [LICENSE](LICENSE)) both point to a LICENSE file, but no LICENSE file exists in the repo root (confirmed via the GitHub contents API; root has README, package.json, antora.yml, etc., but no LICENSE). These render as broken links and broken-link-checker (the project's own linkcheck) may flag them. Either add a LICENSE file (AGPL-3.0, matching package.json) or point the links to the canonical license source.

  3. Copyleft guidance vs. actual license. agents.md warns against introducing "copyleft-licensed dependencies (GPL, AGPL, LGPL, MPL)" — but the repository itself is AGPL-3.0. As written this is confusing for an AGPL project (and this is a docs-only repo with no shipped code dependencies anyway). Consider tailoring or softening this clause for documentation repos.

  4. "the the" typo in agents.md: compatible with the **the license specified in the repository** license — duplicated "the" and trailing "license" reads awkwardly. Suggest: compatible with the repository's license (AGPL-3.0).

  5. README HTML comment exposes template internals: <!-- OSPO-managed README | Generated: 2026-04-16 | v2 -->. Harmless, but note the generation date (2026-04-16) predates the stated rollout start (May 5, 2026) mentioned in the body and About section — minor internal inconsistency.

Potential issues / risks

  • Low risk overall — this is documentation/metadata only; no build or content-module changes.
  • The agents.md "Build & Test Commands" reference npm run antora and npm run linkcheck, both of which exist in package.json — accurate.
  • The Test framework: broken-link-checker and Lint: Not detected (Prettier config present) lines are accurate (.prettierrc exists; no separate lint script).
  • External links (Matrix room, YesWeHack program, kiteworks.com/opensource, doc.owncloud.com, GitHub discussions) were not all live-verified here but are consistent with the standard ownCloud/Kiteworks OSPO set.

Recommendation: Address items 1 and 2 (license accuracy + broken LICENSE link) before merge, as they directly contradict the repo's actual metadata and would fail the PR's own "License referenced in README matches actual LICENSE file" test-plan checkbox. The rest are minor cleanups.

DeepDiver1975
DeepDiver1975 reviewed Jun 16, 2026
View reviewed changes

@DeepDiver1975 DeepDiver1975 left a comment

Copy link
Copy Markdown
Member

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

🤖 Automated review by Claude Code review agent.

Overview

This PR applies the Kiteworks OSPO community-health template v2 to docs-client-android: a rewritten README.md plus new agents.md, CODE_OF_CONDUCT.md, CONTRIBUTING.md, SECURITY.md, and SUPPORT.md. The redirect-style health files are clean and the README is well structured. The substantive concerns are around license metadata accuracy and a couple of broken links / awkward wording introduced by the templated content.

Code quality / style

  • The four redirect health files (CODE_OF_CONDUCT.md, CONTRIBUTING.md, SECURITY.md, SUPPORT.md) are clear and consistent. Links are well-formed.
  • README is much more readable than the prior version and the Getting Started commands (npm install, npm run antora-local, npm run serve) all map to real scripts in package.json. Good.
  • Minor consistency nit: most links in SUPPORT.md use <...> autolink syntax, but Community discussions uses a bare URL. Wrap it in <> for consistency.

Specific suggestions

  1. License metadata is inaccurate (highest priority). The README states **Current license: Not detected.** and agents.md says contributions must be compatible with **the license specified in the repository**. However, the repo's package.json declares "license": "AGPL-3.0". The license is detectable — the template's "not detected" fallback fired incorrectly here. Please set the README/agents.md to reflect AGPL-3.0.

  2. Broken LICENSE links. The README License badge (](LICENSE)) and the License section (See [LICENSE](LICENSE)) both point to a LICENSE file, but no LICENSE file exists in the repo root (confirmed via the GitHub contents API; root has README, package.json, antora.yml, etc., but no LICENSE). These render as broken links and broken-link-checker (the project's own linkcheck) may flag them. Either add a LICENSE file (AGPL-3.0, matching package.json) or point the links to the canonical license source.

  3. Copyleft guidance vs. actual license. agents.md warns against introducing "copyleft-licensed dependencies (GPL, AGPL, LGPL, MPL)" — but the repository itself is AGPL-3.0. As written this is confusing for an AGPL project (and this is a docs-only repo with no shipped code dependencies anyway). Consider tailoring or softening this clause for documentation repos.

  4. "the the" typo in agents.md: compatible with the **the license specified in the repository** license — duplicated "the" and trailing "license" reads awkwardly. Suggest: compatible with the repository's license (AGPL-3.0).

  5. README HTML comment exposes template internals: <!-- OSPO-managed README | Generated: 2026-04-16 | v2 -->. Harmless, but note the generation date (2026-04-16) predates the stated rollout start (May 5, 2026) mentioned in the body and About section — minor internal inconsistency.

Potential issues / risks

  • Low risk overall — this is documentation/metadata only; no build or content-module changes.
  • The agents.md "Build & Test Commands" reference npm run antora and npm run linkcheck, both of which exist in package.json — accurate.
  • The Test framework: broken-link-checker and Lint: Not detected (Prettier config present) lines are accurate (.prettierrc exists; no separate lint script).
  • External links (Matrix room, YesWeHack program, kiteworks.com/opensource, doc.owncloud.com, GitHub discussions) were not all live-verified here but are consistent with the standard ownCloud/Kiteworks OSPO set.

Recommendation: Address items 1 and 2 (license accuracy + broken LICENSE link) before merge, as they directly contradict the repo's actual metadata and would fail the PR's own "License referenced in README matches actual LICENSE file" test-plan checkbox. The rest are minor cleanups.

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

@DeepDiver1975 DeepDiver1975 DeepDiver1975 left review comments

@kobergj kobergj Awaiting requested review from kobergj

At least 1 approving review is required to merge this pull request.

Assignees

No one assigned

Labels

None yet

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

2 participants

@dj4oC @DeepDiver1975