From 9833bf14c1e1388feca724691fe02f0fdac3271c Mon Sep 17 00:00:00 2001 From: Robert Zaremba Date: Fri, 1 Oct 2021 13:36:22 +0200 Subject: [PATCH] docs: update contributing guidelines (#10223) ## Description Closes: #9814 + Updates the contributing page + Adds contributing guidelines NOTE: + This pr doesn't update the code owners section. We will still need to define it. This is based on the discussion we had 2 months ago and recent chats. --- ### Author Checklist *All items are required. Please add a note to the item if the item is not applicable and please add links to any relevant follow up issues.* I have... - [x] included the correct [type prefix](https://github.com/commitizen/conventional-commit-types/blob/v3.0.0/index.json) in the PR title - [x] added `!` to the type prefix if API or client breaking change - [x] targeted the correct branch (see [PR Targeting](https://github.com/cosmos/cosmos-sdk/blob/master/CONTRIBUTING.md#pr-targeting)) - [x] provided a link to the relevant issue or specification - [x] followed the guidelines for [building modules](https://github.com/cosmos/cosmos-sdk/blob/master/docs/building-modules) - [x] included the necessary unit and integration [tests](https://github.com/cosmos/cosmos-sdk/blob/master/CONTRIBUTING.md#testing) - [x] added a changelog entry to `CHANGELOG.md` - [x] included comments for [documenting Go code](https://blog.golang.org/godoc) - [x] updated the relevant documentation or specification - [x] reviewed "Files changed" and left comments if necessary - [x] confirmed all CI checks have passed ### Reviewers Checklist *All items are required. Please add a note if the item is not applicable and please add your handle next to the items reviewed if you only reviewed selected items.* I have... - [ ] confirmed the correct [type prefix](https://github.com/commitizen/conventional-commit-types/blob/v3.0.0/index.json) in the PR title - [ ] confirmed `!` in the type prefix if API or client breaking change - [ ] confirmed all author checklist items have been addressed - [ ] reviewed state machine logic - [ ] reviewed API design and naming - [ ] reviewed documentation is accurate - [ ] reviewed tests and test coverage - [ ] manually tested (if applicable) --- CODING_GUIDELINES.md | 87 ++++++++ CONTRIBUTING.md | 266 +++++++---------------- STABLE_RELEASES.md => RELEASE_PROCESS.md | 96 ++++++-- SECURITY.md | 4 +- 4 files changed, 245 insertions(+), 208 deletions(-) create mode 100644 CODING_GUIDELINES.md rename STABLE_RELEASES.md => RELEASE_PROCESS.md (60%) diff --git a/CODING_GUIDELINES.md b/CODING_GUIDELINES.md new file mode 100644 index 00000000000..a2926bb3cd1 --- /dev/null +++ b/CODING_GUIDELINES.md @@ -0,0 +1,87 @@ +# Coding Guidelines + +This document is an extension to [CONTRIBUTING](./CONTRIBUTING.md) and provides more details about the coding guidelines and requirements. + +## API & Design + ++ Code must be well structured: + + packages must have a limited responsibility (different concerns can go to different packages), + + types must be easy to compose, + + think about maintainbility and testability. ++ "Depend upon abstractions, [not] concretions". ++ Try to limit the number of methods you are exposing. It's easier to expose something later than to hide it. ++ Take advantage of `internal` package concept. ++ Follow agreed-upon design patterns and naming conventions. ++ publicly-exposed functions are named logically, have forward-thinking arguments and return types. ++ Avoid global variables and global configurators. ++ Favor composable and extensible designs. ++ Minimize code duplication. ++ Limit third-party dependencies. + +Performance: ++ Avoid unnecessary operations or memory allocations. + +Security: ++ Pay proper attention to exploits involving: + + gas usage + + transaction verification and signatures + + malleability + + code must be always deterministic ++ Thread safety. If some functionality is not thread-safe, or uses something that is not thread-safe, then clearly indicate the risk on each level. + + +## Testing + +Make sure your code is well tested: ++ Provide unit tests for every unit of your code if possible. Unit tests are expected to comprise 70%-80% of your tests. ++ Describe the test scenarios you are implementing for integration tests. ++ Create integration tests for queries and msgs. ++ Use both test cases and property / fuzzy testing. We use the [rapid](pgregory.net/rapid) Go library for property-based and fuzzy testing. ++ Do not decrease code test coverage. Explain in a PR if test coverage is decreased. + +We expect tests to use `require` or `assert` rather than `t.Skip` or `t.Fail`, +unless there is a reason to do otherwise. +When testing a function under a variety of different inputs, we prefer to use +[table driven tests](https://github.com/golang/go/wiki/TableDrivenTests). +Table driven test error messages should follow the following format +`, tc #, i #`. +`` is an optional short description of whats failing, `tc` is the +index within the test case table that is failing, and `i` is when there +is a loop, exactly which iteration of the loop failed. +The idea is you should be able to see the +error message and figure out exactly what failed. +Here is an example check: + +```go + +for tcIndex, tc := range cases { + + resp, err := doSomething() + require.NoError(err) + require.Equal(t, tc.expected, resp, "should correctly perform X") +``` + +## Quality Assurance + +We are forming a QA team that will support the core Cosmos SDK team and collaborators by: +- Improving the Cosmos SDK QA Processes +- Improving automation in QA and testing +- Defining high-quality metrics +- Maintaining and improving testing frameworks (unit tests, integration tests, and functional tests) +- Defining test scenarios. +- Verifying user experience and defining a high quality. + - We want to have **acceptance tests**! Document and list acceptance lists that are implemented and identify acceptance tests that are still missing. + - Acceptance tests should be specified in `acceptance-tests` directory as Markdown files. +- Supporting other teams with testing frameworks, automation, and User Experience testing. +- Testing chain upgrades for every new breaking change. + - Defining automated tests that assure data integrity after an update. + +Desired outcomes: + +- QA team works with Development Team. +- QA is happening in parallel with Core Cosmos SDK development. +- Releases are more predictable. +- QA reports. Goal is to guide with new tasks and be one of the QA measures. + + +As a developer, you must help the QA team by providing instructions for User Experience (UX) and functional testing. diff --git a/CONTRIBUTING.md b/CONTRIBUTING.md index 7d07145fd0a..d29e23b2b8f 100644 --- a/CONTRIBUTING.md +++ b/CONTRIBUTING.md @@ -2,79 +2,100 @@ - [Contributing](#contributing) - [Architecture Decision Records (ADR)](#architecture-decision-records-adr) - - [Pull Requests](#pull-requests) + - [Development Procedure](#development-procedure) + - [Testing](#testing) + - [Pull Requests](#pull-requests) - [Pull Request Templates](#pull-request-templates) - [Requesting Reviews](#requesting-reviews) - - [Reviewing Pull Requests](#reviewing-pull-requests) - [Updating Documentation](#updating-documentation) - - [Forking](#forking) - [Dependencies](#dependencies) - [Protobuf](#protobuf) - - [Testing](#testing) - [Branching Model and Release](#branching-model-and-release) - [PR Targeting](#pr-targeting) - - [Development Procedure](#development-procedure) - - [Pull Merge Procedure](#pull-merge-procedure) - - [Release Procedure](#release-procedure) - - [Point Release Procedure](#point-release-procedure) + - [Major Release Procedure](#major-release-procedure) + - [Patch Release Procedure](#patch-release-procedure) - [Code Owner Membership](#code-owner-membership) + - [Concept & Feature Approval Process](#concept--feature-approval-process) -Thank you for considering making contributions to the Cosmos SDK and related -repositories! +Thank you for considering making contributions to the Cosmos SDK and related repositories! Contributing to this repo can mean many things such as participating in discussion or proposing code changes. To ensure a smooth workflow for all contributors, the general procedure for contributing has been established: -1. Either [open](https://github.com/cosmos/cosmos-sdk/issues/new/choose) or - [find](https://github.com/cosmos/cosmos-sdk/issues) an issue you'd like to help with -2. Participate in thoughtful discussion on that issue -3. If you would like to contribute: - 1. If the issue is a proposal, ensure that the proposal has been accepted +1. Start by browsing [new issues](https://github.com/cosmos/cosmos-sdk/issues) and [discussions](https://github.com/cosmos/cosmos-sdk/discussions). If you are looking for something interesting or if you have something in your mind, there is a chance it was has been discussed. + - Looking for a good place to start contributing? How about checking out some [good first issues](https://github.com/cosmos/cosmos-sdk/issues?q=is%3Aopen+is%3Aissue+label%3A%22good+first+issue%22)? +2. Determine whether a GitHub issue or discussion is more appropriate for your needs: + 1. If want to propose something new that requires specification or an additional design, or you would like to change a process, start with a [new discussion](https://github.com/cosmos/cosmos-sdk/discussions/new). With discussions, we can better handle the design process using discussion threads. A discussion usually leads to one or more issues. + 2. If the issue you want addressed is a specific proposal or a bug, then open a [new issue](https://github.com/cosmos/cosmos-sdk/issues/new/choose). + 3. Review existing [issues](https://github.com/cosmos/cosmos-sdk/issues) to find an issue you'd like to help with. +3. Participate in thoughtful discussion on that issue. +4. If you would like to contribute: + 1. Ensure that the proposal has been accepted. 2. Ensure that nobody else has already begun working on this issue. If they have, - make sure to contact them to collaborate + make sure to contact them to collaborate. 3. If nobody has been assigned for the issue and you would like to work on it, make a comment on the issue to inform the community of your intentions - to begin work - 4. Follow standard GitHub best practices: fork the repo, branch from the - HEAD of `master`, make some commits, and submit a PR to `master` - - For core developers working within the cosmos-sdk repo, to ensure a clear - ownership of branches, branches must be named with the convention - `{moniker}/{issue#}-branch-name` - 5. Be sure to submit the PR in `Draft` mode submit your PR early, even if - it's incomplete as this indicates to the community you're working on - something and allows them to provide comments early in the development process - 6. When the code is complete it can be marked `Ready for Review` - 7. Be sure to include a relevant change log entry in the `Unreleased` section - of `CHANGELOG.md` (see file for log format) - -Note that for very small or blatantly obvious problems (such as typos) it is + to begin work. +5. To submit your work as a contribution to the repository follow standard GitHub best practices. See [pull request guideline](#pull-requests) below. + +**Note: ** For very small or blatantly obvious problems such as typos, you are not required to an open issue to submit a PR, but be aware that for more complex problems/features, if a PR is opened before an adequate design discussion has taken place in a GitHub issue, that PR runs a high likelihood of being rejected. -Other notes: +## Architecture Decision Records (ADR) + +When proposing an architecture decision for the Cosmos SDK, please start by opening an [issue](https://github.com/cosmos/cosmos-sdk/issues/new/choose) or a [discussion](https://github.com/cosmos/cosmos-sdk/discussions/new) with a summary of the proposal. Once the proposal has been discussed and there is rough alignment on a high-level approach to the design, the [ADR creation process](https://github.com/cosmos/cosmos-sdk/blob/master/docs/architecture/PROCESS.md) can begin. We are following this process to ensure all involved parties are in agreement before any party begins coding the proposed implementation. If you would like to see examples of how these are written, please refer to the current [ADRs](https://github.com/cosmos/cosmos-sdk/tree/master/docs/architecture). -- Looking for a good place to start contributing? How about checking out some - [good first issues](https://github.com/cosmos/cosmos-sdk/issues?q=is%3Aopen+is%3Aissue+label%3A%22good+first+issue%22) -- Please make sure to run `make format` before every commit - the easiest way - to do this is have your editor run it for you upon saving a file. Additionally - please ensure that your code is lint compliant by running `make lint-fix`. +## Development Procedure + +- The latest state of development is on `master`. +- `master` must never fail `make lint test test-race`. +- No `--force` onto `master` (except when reverting a broken commit, which should seldom happen). +- Create a branch to start a wok: + - Fork the repo (core developers must create a branch directly in the Cosmos SDK repo), + branch from the HEAD of `master`, make some commits, and submit a PR to `master`. + - For core developers working within the `cosmos-sdk` repo, follow branch name conventions to ensure a clear + ownership of branches: `{moniker}/{issue#}-branch-name`. + - See [Branching Model](#branching-model-and-release) for more details. +- Be sure to run `make format` before every commit. The easiest way + to do this is have your editor run it for you upon saving a file (most of the editors + will do it anyway using a pre-configured setup of the programming language mode). + Additionally, be sure that your code is lint compliant by running `make lint-fix`. A convenience git `pre-commit` hook that runs the formatters automatically before each commit is available in the `contrib/githooks/` directory. +- Follow the [CODING GUIDELINES](CODING_GUIDELINES.md), which defines criteria for designing and coding a software. -## Architecture Decision Records (ADR) +Code is merged into master through pull request procedure. -When proposing an architecture decision for the Cosmos SDK, please start by opening an [issue](https://github.com/cosmos/cosmos-sdk/issues/new/choose) or a [discussion](https://github.com/cosmos/cosmos-sdk/discussions/new) with a summary of the proposal. Once the proposal has been discussed and there is rough alignment on a high-level approach to the design, the [ADR creation process](https://github.com/cosmos/cosmos-sdk/blob/master/docs/architecture/PROCESS.md) can begin. We are following this process to ensure all involved parties are in agreement before any party begins coding the proposed implementation. If you would like to see examples of how these are written, please refer to the current [ADRs](https://github.com/cosmos/cosmos-sdk/tree/master/docs/architecture). +### Testing -## Pull Requests +Tests can be executed by running `make test` at the top level of the Cosmos SDK repository. -PRs should be categorically broken up based on the type of changes being made (for example, `fix`, `feat`, -`refactor`, `docs`, and so on). The *type* must be included in the PR title as a prefix (for example, +### Pull Requests + +Before submitting a pull request: +- merge the latest master `git merge origin/master`, +- run `make lint test` to ensure that all checks and tests pass. + +Then: +1. If you have something to show, **start with a `Draft` PR**. It's good to have early validation of your work and we highly recommend this practice. A Draft PR also indicates to the community that the work is in progress. + Draft PRs also helps the core team provide early feedback and ensure the work is in the right direction. +2. When the code is complete, change your PR from `Draft` to `Ready for Review`. +3. Go through the actions for each checkbox present in the PR template description. The PR actions are automatically provided for each new PR. +4. Be sure to include a relevant changelog entry in the `Unreleased` section of `CHANGELOG.md` (see file for log format). + +PRs must have a category prefix that is based on the type of changes being made (for example, `fix`, `feat`, +`refactor`, `docs`, and so on). The *type* must be included in the PR title as a prefix (for example, `fix: `). This convention ensures that all changes that are committed to the base branch follow the [Conventional Commits](https://www.conventionalcommits.org/en/v1.0.0/) specification. Additionally, each PR should only address a single issue. +Pull requests are merged automatically using [`automerge` action](https://mergify.io/features/auto-merge). + +NOTE: when merging, GitHub will squash commits and rebase on top of the master. + ### Pull Request Templates There are three PR templates. The [default template](./.github/PULL_REQUEST_TEMPLATE.md) is for types `fix`, `feat`, and `refactor`. We also have a [docs template](./.github/PULL_REQUEST_TEMPLATE/docs.md) for documentation changes and an [other template](./.github/PULL_REQUEST_TEMPLATE/other.md) for changes that do not affect production code. When previewing a PR before it has been opened, you can change the template by adding one of the following parameters to the url: @@ -85,11 +106,12 @@ There are three PR templates. The [default template](./.github/PULL_REQUEST_TEMP ### Requesting Reviews In order to accommodate the review process, the author of the PR must complete the author checklist +(from the pull request template) to the best of their abilities before marking the PR as "Ready for Review". If you would like to receive early feedback on the PR, open the PR as a "Draft" and leave a comment in the PR indicating that you would like early feedback and tagging whoever you would like to receive feedback from. -### Reviewing Pull Requests +Codeowners are marked automatically as the reviewers. All PRs require at least two review approvals before they can be merged (one review might be acceptable in the case of minor changes to [docs](./.github/PULL_REQUEST_TEMPLATE/docs.md) or [other](./.github/PULL_REQUEST_TEMPLATE/other.md) changes that do not affect production code). Each PR template has a reviewers checklist that must be completed before the PR can be merged. Each reviewer is responsible @@ -105,7 +127,7 @@ items. In addition, use the following review explanations: - Code must live in a reasonable location, considering dependency structures (for example, not importing testing modules in production code, or including example code modules in production code). - If you approve the PR, you are responsible for any issues mentioned here and any issues that should have been addressed after thoroughly reviewing the reviewer checklist items in the pull request template. - If you sat down with the PR submitter and did a pairing review, add this information in the `Approval` or your PR comments. -- If you are only making "surface level" reviews, submit any notes as `Comments` without adding a review. +- If you are only making "surface level" reviews, submit notes as a `comment` review. ### Updating Documentation @@ -117,35 +139,9 @@ If you open a PR on the Cosmos SDK, it is mandatory to update the relevant docum When writing documentation, follow the [Documentation Writing Guidelines](./docs/DOC_WRITING_GUIDELINES.md). -## Forking - -Go requires code to live under absolute paths, and this requirement complicates forking. -While my fork lives at `https://github.com/rigeyrigerige/cosmos-sdk`, -the code should never exist at `$GOPATH/src/github.com/rigeyrigerige/cosmos-sdk`. -Instead, we use `git remote` to add the fork as a new remote for the original repo, -`$GOPATH/src/github.com/cosmos/cosmos-sdk`, and do all the work there. - -For instance, to create a fork and work on a branch of it, I would: - -- Create the fork on GitHub, using the fork button. -- Go to the original repo checked out locally (i.e. `$GOPATH/src/github.com/cosmos/cosmos-sdk`) -- `git remote rename origin upstream` -- `git remote add origin git@github.com:rigeyrigerige/cosmos-sdk.git` - -Now `origin` refers to my fork and `upstream` refers to the Cosmos-SDK version. -So I can `git push -u origin master` to update my fork, and make pull requests to Cosmos-SDK from there. -Of course, replace `rigeyrigerige` with your git handle. - -To pull in updates from the origin repo, run - -- `git fetch upstream` -- `git rebase upstream/master` (or whatever branch you want) - -Please don't make Pull Requests from `master`. - ## Dependencies -We use [Go 1.14 Modules](https://github.com/golang/go/wiki/Modules) to manage +We use [Go Modules](https://github.com/golang/go/wiki/Modules) to manage dependency versions. The master branch of every Cosmos repository should just build with `go get`, @@ -157,7 +153,7 @@ build, in which case we can fall back on `go mod tidy -v`. ## Protobuf -We use [Protocol Buffers](https://developers.google.com/protocol-buffers) along with [gogoproto](https://github.com/gogo/protobuf) to generate code for use in Cosmos-SDK. +We use [Protocol Buffers](https://developers.google.com/protocol-buffers) along with [gogoproto](https://github.com/gogo/protobuf) to generate code for use in Cosmos SDK. For determinstic behavior around Protobuf tooling, everything is containerized using Docker. Make sure to have Docker installed on your machine, or head to [Docker's website](https://docs.docker.com/get-docker/) to install it. @@ -184,125 +180,21 @@ For example, in vscode your `.vscode/settings.json` should look like: } ``` -## Testing - -Tests can be ran by running `make test` at the top level of the SDK repository. - -We expect tests to use `require` or `assert` rather than `t.Skip` or `t.Fail`, -unless there is a reason to do otherwise. -When testing a function under a variety of different inputs, we prefer to use -[table driven tests](https://github.com/golang/go/wiki/TableDrivenTests). -Table driven test error messages should follow the following format -`, tc #, i #`. -`` is an optional short description of whats failing, `tc` is the -index within the table of the testcase that is failing, and `i` is when there -is a loop, exactly which iteration of the loop failed. -The idea is you should be able to see the -error message and figure out exactly what failed. -Here is an example check: - -```go - -for tcIndex, tc := range cases { - - for i := 0; i < tc.numTxsToTest; i++ { - - require.Equal(t, expectedTx[:32], calculatedTx[:32], - "First 32 bytes of the txs differed. tc #%d, i #%d", tcIndex, i) -``` - ## Branching Model and Release -User-facing repos should adhere to the trunk based development branching model: https://trunkbaseddevelopment.com/. +User-facing repos should adhere to the trunk based development branching model: https://trunkbaseddevelopment.com/. User branches should start with a user name, example: `{moniker}/{issue#}-branch-name`. -Libraries need not follow the model strictly, but would be wise to. +The Cosmos SDK repository is a [multi Go module](https://github.com/golang/go/wiki/Modules#is-it-possible-to-add-a-module-to-a-multi-module-repository) repository. It means that we have more than one Go module in a single repository. -The SDK utilizes [semantic versioning](https://semver.org/). +The Cosmos SDK utilizes [semantic versioning](https://semver.org/). ### PR Targeting Ensure that you base and target your PR on the `master` branch. -All feature additions should be targeted against `master`. Bug fixes for an outstanding release candidate -should be targeted against the release candidate branch. - -### Development Procedure - -- the latest state of development is on `master` -- `master` must never fail `make lint test test-race` -- `master` should not fail `make lint` -- no `--force` onto `master` (except when reverting a broken commit, which should seldom happen) -- create a development branch either on github.com/cosmos/cosmos-sdk, or your fork (using `git remote add origin`) -- before submitting a pull request, begin `git rebase` on top of `master` - -### Pull Merge Procedure - -- ensure pull branch is rebased on `master` -- run `make test` to ensure that all tests pass -- merge pull request - -### Release Procedure - -- Start on `master` -- Create the release candidate branch `rc/v*` (going forward known as **RC**) - and ensure it's protected against pushing from anyone except the release - manager/coordinator - - **no PRs targeting this branch should be merged unless exceptional circumstances arise** -- On the `RC` branch, prepare a new version section in the `CHANGELOG.md` - - All links must be link-ified: `$ python ./scripts/linkify_changelog.py CHANGELOG.md` - - Copy the entries into a `RELEASE_CHANGELOG.md`, this is needed so the bot knows which entries to add to the release page on GitHub. -- Kick off a large round of simulation testing (e.g. 400 seeds for 2k blocks) -- If errors are found during the simulation testing, commit the fixes to `master` - and create a new `RC` branch (making sure to increment the `rcN`) -- After simulation has successfully completed, create the release branch - (`release/vX.XX.X`) from the `RC` branch -- Create a PR to `master` to incorporate the `CHANGELOG.md` updates -- Tag the release (use `git tag -a`) and create a release in GitHub -- Delete the `RC` branches - -### Point Release Procedure - -At the moment, only a single major release will be supported, so all point releases will be based -off of that release. - -In order to alleviate the burden for a single person to have to cherry-pick and handle merge conflicts -of all desired backporting PRs to a point release, we instead maintain a living backport branch, where -all desired features and bug fixes are merged into as separate PRs. - -Example: - -Current release is `v0.38.4`. We then maintain a (living) branch `sru/release/v0.38.N`, given N as -the next patch release number (currently `0.38.5`) for the `0.38` release series. As bugs are fixed -and PRs are merged into `master`, if a contributor wishes the PR to be released as SRU into the -`v0.38.N` point release, the contributor must: - -1. Add `0.38.N-backport` label -2. Pull latest changes on the desired `sru/release/vX.X.N` branch -3. Create a 2nd PR merging the respective SRU PR into `sru/release/v0.38.N` -4. Update the PR's description and ensure it contains the following information: - - **[Impact]** Explanation of how the bug affects users or developers. - - **[Test Case]** section with detailed instructions on how to reproduce the bug. - - **[Regression Potential]** section with a discussion how regressions are most likely to manifest, or might - manifest even if it's unlikely, as a result of the change. **It is assumed that any SRU candidate PR is - well-tested before it is merged in and has an overall low risk of regression**. - -It is the PR's author's responsibility to fix merge conflicts, update changelog entries, and -ensure CI passes. If a PR originates from an external contributor, it may be a core team member's -responsibility to perform this process instead of the original author. -Lastly, it is core team's responsibility to ensure that the PR meets all the SRU criteria. - -Finally, when a point release is ready to be made: - -1. Create `release/v0.38.N` branch -2. Ensure changelog entries are verified - 1. Be sure changelog entries are added to `RELEASE_CHANGELOG.md` -3. Add release version date to the changelog -4. Push release branch along with the annotated tag: **git tag -a** -5. Create a PR into `master` containing ONLY `CHANGELOG.md` updates - 1. Do not push `RELEASE_CHANGELOG.md` to `master` - -Note, although we aim to support only a single release at a time, the process stated above could be -used for multiple previous versions. +All feature additions and all bug fixes must be targeted against `master`. Exception is for bug fixes which are only related to a released version. In that case, the related bug fix PRs must target against the release branch. + +If needed, we backport a commit from `master` to a release branch (excluding consensus breaking feature, API breaking and similar). ## Code Owner Membership @@ -338,10 +230,10 @@ Other potential removal criteria: * Violation of Code of Conduct Earning this privilege should be considered to be no small feat and is by no -means guaranteed by any quantifiable metric. It is a symbol of great trust of +means guaranteed by any quantifiable metric. Serving as a code owner is a symbol of great trust from the community of this project. -## Concept & Release Approval Process +## Concept & Feature Approval Process The process for how Cosmos SDK maintainers take features and ADRs from concept to release is broken up into three distinct stages: **Strategy Discovery**, **Concept Approval**, and @@ -349,7 +241,7 @@ is broken up into three distinct stages: **Strategy Discovery**, **Concept Appro ### Strategy Discovery -* Develop long term priorities, strategy and roadmap for the SDK +* Develop long term priorities, strategy and roadmap for the Cosmos SDK * Release committee not yet defined as there is already a roadmap that can be used for the time being ### Concept Approval @@ -393,7 +285,7 @@ Members must: * Participate in all or almost all ADR discussions, both on GitHub as well as in bi-weekly Architecture Review meetings -* Be active contributors to the SDK, and furthermore should be continuously making substantial contributions +* Be active contributors to the Cosmos SDK, and furthermore should be continuously making substantial contributions to the project's codebase, review process, documentation and ADRs * Have stake in the Cosmos SDK project, represented by: * Being a client / user of the Comsos SDK @@ -417,6 +309,6 @@ well as for PRs made as part of a release process: * Code reviewers should have more senior engineering capability * 1/2 approval is required from the **primary repo maintainers** in `CODEOWNERS` -*Note: For any major or minor release series denoted as a "Stable Release" (e.g. v0.39 "Launchpad"), a separate release +**Note**: For any major release series denoted as a "Stable Release" (e.g. v0.42 "Stargate"), a separate release committee is often established. Stable Releases, and their corresponding release committees are documented -separately in [STABLE_RELEASES.md](./STABLE_RELEASES.md)* +separately in [Stable Release Policy](./RELEASE_PROCESS.md#stable-release-policy)* diff --git a/STABLE_RELEASES.md b/RELEASE_PROCESS.md similarity index 60% rename from STABLE_RELEASES.md rename to RELEASE_PROCESS.md index 0e1509dbd18..245a7bc866c 100644 --- a/STABLE_RELEASES.md +++ b/RELEASE_PROCESS.md @@ -1,24 +1,82 @@ -# Stable Releases +# Release Process -*Stable Release Series* continue to receive bug fixes until they reach **End Of Life**. +This document outlines the process for releasing a new version of Cosmos SDK, which involves major release and patch releases as well as maintenance for the major release. -Only the following release series are currently supported and receive bug fixes: +## Major Release Procedure -* **0.42 «Stargate»** will be supported until 6 months after **0.43.0** is published. A fairly strict **bugfix-only** rule applies to pull requests that are requested to be included into a stable point-release. -* **0.43 «Stargate»** is the latest stable release. +A _major release_ is an increment of the first number (eg: `v1.2` → `v2.0.0`) or the _point number_ (eg: `v1.1 → v1.2.0`, also called _point release_). Each major release opens a _stable release series_ and receives updates outlined in the [Major Release Maintenance](#major-release-maintenance)_section. -The **0.43 «Stargate»** release series is maintained in compliance with the **Stable Release Policy** as described in this document. +Before making a new _major_ release we do beta and release candidate releases. For example, for release 1.0.0: +``` +v1.0.0-beta1 → v1.0.0-beta2 → ... → v1.0.0-rc1 → v1.0.0-rc2 → ... → v1.0.0 +``` -## Stable Release Policy +- Release a first beta version on the `master` branch and freeze `master` from receiving any new features. After beta is released, we focus on releasing the release candidate: + - finish audits and reviews + - kick off a large round of simulation testing (e.g. 400 seeds for 2k blocks) + - perform functional tests + - add more tests + - release new beta version as the bugs are discovered and fixed. +- After the team feels that the `master` works fine we create a `release/vY` branch (going forward known a release branch), where `Y` is the version number, with the patch part substituted to `x` (eg: 0.42.x, 1.0.x). Ensure the release branch is protected so that pushes against the release branch are permitted only by the release manager or release coordinator. + - **PRs targeting this branch can be merged _only_ when exceptional circumstances arise** + - update the GitHub mergify integration by adding instructions for automatically backporting commits from `master` to the `release/vY` using the `backport/Y` label. +- In the release branch, prepare a new version section in the `CHANGELOG.md` + - All links must be link-ified: `$ python ./scripts/linkify_changelog.py CHANGELOG.md` + - Copy the entries into a `RELEASE_CHANGELOG.md`, this is needed so the bot knows which entries to add to the release page on GitHub. +- Create a new annotated git tag for a release candidate (eg: `git tag -a v1.1.0-rc1`) in the release branch. + - from this point we unfreeze master. + - the SDK teams collaborate and do their best to run testnets in order to validate the release. + - when bugs are found, create a PR for `master`, and backport fixes to the release branch. + - create new release candidate tags after bugs are fixed. +- After the team feels the release branch is stable and everything works, create a full release: + - update `CHANGELOG.md`. + - create a new annotated git tag (eg `git -a v1.1.0`) in the release branch. + - Create a GitHub release. + +Following _semver_ philosophy, point releases after `v1.0`: +- must not break API +- can break consensus + +Before `v1.0`, point release can break both point API and consensus. + +## Patch Release Procedure + +A _patch release_ is an increment of the patch number (eg: `v1.2.0` → `v1.2.1`). + +**Patch release must not break API nor consensus.** + +Updates to the release branch should come from `master` by backporting PRs (usually done by automatic cherry pick followed by a PRs to the release branch). The backports must be marked using `backport/Y` label in PR for master. +It is the PR author's responsibility to fix merge conflicts, update changelog entries, and +ensure CI passes. If a PR originates from an external contributor, a core team member assumes +responsibility to perform this process instead of the original author. +Lastly, it is core team's responsibility to ensure that the PR meets all the SRU criteria. -This policy presently applies *only* to the following release series: +Point Release must follow the [Stable Release Policy](#stable-release-policy). -* **0.43 «Stargate»** +After the release branch has all commits required for the next patch release: +- update `CHANGELOG.md`. +- create a new annotated git tag (eg `git -a v1.1.0`) in the release branch. +- Create a GitHub release. + + +## Major Release Maintenance + +Major Release series continue to receive bug fixes (released as a Patch Release) until they reach **End Of Life**. +Major Release series is maintained in compliance with the **Stable Release Policy** as described in this document. +Note: not every Major Release is denoted as stable releases. + +Only the following major release series have a stable release status: + +* **0.42 «Stargate»** will be supported until 6 months after **0.43.0** is published. A fairly strict **bugfix-only** rule applies to pull requests that are requested to be included into a stable point-release. +* **0.44** is the latest major release. + + +## Stable Release Policy -### Point Releases +### Patch Releases Once a Cosmos-SDK release has been completed and published, updates for it are released under certain circumstances -and must follow the [Point Release Procedure](CONTRIBUTING.md). +and must follow the [Patch Release Procedure](CONTRIBUTING.md#patch-release-procedure)[Point Release Procedure]. ### Rationale @@ -47,9 +105,9 @@ ways in stable releases and `master` branch. ### Migrations -To smoothen the update to the latest stable release, the SDK includes a set of CLI commands for managing migrations between SDK versions, under the `migrate` subcommand. Only migration scripts between stable releases are included. For the current release, **0.42 «Stargate»** and later migrations are supported. +To smoothen the update to the latest stable release, the SDK includes a set of CLI commands for managing migrations between SDK versions, under the `migrate` subcommand. Only migration scripts between stable releases are included. For the current major release, and later, migrations are supported. -### What qualifies as a Stable Release Update (SRU) +### What qualifies as a Stable Release Update (SRU)? * **High-impact bugs** * Bugs that may directly cause a security vulnerability. @@ -63,7 +121,7 @@ To smoothen the update to the latest stable release, the SDK includes a set of C features to smoothen the migration to successive releases. * Relatively small yet strictly non-breaking CLI improvements. -### What does not qualify as SRU +### What does not qualify as SRU? * State machine changes. * Breaking changes in Protobuf definitions, as specified in [ADR-044](./docs/architecture/adr-044-protobuf-updates-guidelines.md). @@ -72,7 +130,7 @@ To smoothen the update to the latest stable release, the SDK includes a set of C * CLI-breaking changes. * Cosmetic fixes, such as formatting or linter warning fixes. -## What pull requests will be included in stable point-releases +### What pull requests will be included in stable point-releases? Pull requests that fix bugs and add features that fall in the following categories do not require a **Stable Release Exception** to be granted to be included in a stable point-release: @@ -83,7 +141,7 @@ Pull requests that fix bugs and add features that fall in the following categori * Non-breaking features that are strongly requested by the community. * Non-breaking CLI improvements that are strongly requested by the community. -## What pull requests will NOT be automatically included in stable point-releases +### What pull requests will NOT be automatically included in stable point-releases? As rule of thumb, the following changes will **NOT** be automatically accepted into stable point-releases: @@ -95,7 +153,7 @@ As rule of thumb, the following changes will **NOT** be automatically accepted i In some circumstances, PRs that don't meet the aforementioned criteria might be raised and asked to be granted a *Stable Release Exception*. -## Stable Release Exception - Procedure +### Stable Release Exception - Procedure 1. Check that the bug is either fixed or not reproducible in `master`. It is, in general, not appropriate to release bug fixes for stable releases without first testing them in `master`. Please apply the label [v0.43](https://github.com/cosmos/cosmos-sdk/milestone/26) to the issue. 2. Add a comment to the issue and ensure it contains the following information (see the bug template below): @@ -106,7 +164,7 @@ As rule of thumb, the following changes will **NOT** be automatically accepted i 3. **Stable Release Managers** will review and discuss the PR. Once *consensus* surrounding the rationale has been reached and the technical review has successfully concluded, the pull request will be merged in the respective point-release target branch (e.g. `release/v0.43.x`) and the PR included in the point-release's respective milestone (e.g. `v0.43.5`). -### Stable Release Exception - Bug template +#### Stable Release Exception - Bug template ``` #### Impact @@ -124,7 +182,7 @@ It is assumed that stable release fixes are well-tested and they come with a low It's crucial to make the effort of thinking about what could happen in case a regression emerges. ``` -## Stable Release Managers +### Stable Release Managers The **Stable Release Managers** evaluate and approve or reject updates and backports to Cosmos-SDK Stable Release series, according to the [stable release policy](#stable-release-policy) and [release procedure](#stable-release-exception-procedure). diff --git a/SECURITY.md b/SECURITY.md index ecaa150ff4a..67de1f1d56c 100644 --- a/SECURITY.md +++ b/SECURITY.md @@ -52,14 +52,14 @@ the code. - HD key derivation, local and Ledger, and all key-management functionality - Side-channel attack vectors with our implementations - e.g. key exfiltration based on time or memory-access patterns when decrypting privkey - + ## Disclosure Process The Cosmos SDK team uses the following disclosure process: 1. After a security report is received, the Cosmos SDK team works to verify the issue and confirm its severity level using Common Vulnerability Scoring System (CVSS). 1. The Cosmos SDK team collaborates with the Tendermint and Gaia teams to determine the vulnerability’s potential impact on the Cosmos Hub and partners. -1. Patches are prepared in private repositories for eligible releases of Cosmos SDK. See [Stable Releases](https://github.com/cosmos/cosmos-sdk/blob/master/STABLE_RELEASES.md) for a list of eligible releases. +1. Patches are prepared in private repositories for eligible releases of Cosmos SDK. See [Stable Release Policy](https://github.com/cosmos/cosmos-sdk/blob/master/RELEASE_PROCESS.md#stable-release-policy) for a list of eligible releases. 1. If it is determined that a CVE-ID is required, we request a CVE through a CVE Numbering Authority. 1. We notify the community that a security release is coming to give users time to prepare their systems for the update. Notifications can include forum posts, tweets, and emails to partners and validators. 1. 24 hours after the notification, fixes are applied publicly and new releases are issued.