Skip to content

C
community

MindSpore / community

通知 0
Star 0
Fork 0
C
community

体验新版 GitCode,发现更多精彩内容 >>

提交 91d032f1 编写于 作者: L leonwanghui 提交者: leonwanghui
浏览文件
操作

initial version 

Signed-off-by: Nleonwanghui <leon.wanghui@huawei.com>
上级
隐藏空白更改
内联 并排
Showing with 1424 addition and 0 deletion
CCLA.pdf 0 → 100644
浏览文件 @ 91d032f1
文件已添加
ICLA.md 0 → 100644
浏览文件 @ 91d032f1
# Individual Contributor License Agreement ("Agreement") V2.0
Thank you for your interest in The MindSpore Project (the "Project"). In order to clarify the intellectual property license granted with Contributions from any person or entity, the Project must have a Contributor License Agreement ("CLA") on file that has been signed by each Contributor, indicating agreement to the license terms below. This license is for your protection as a Contributor as well as the protection of the MindSpore Project and its users; it does not change your rights to use your own Contributions for any other purpose.
Please read this document carefully before signing and keep a copy for your records.
You accept and agree to the following terms and conditions for Your present and future Contributions submitted to the Project. In return, the Project shall not use Your Contributions in a way that is contrary to the public benefit or inconsistent with its nonprofit status and bylaws in effect at the time of the Contribution. Except for the license granted herein to the Project and recipients of software distributed by the Project, You reserve all right, title, and interest in and to Your Contributions.
1. Definitions.
"You" (or "Your") shall mean the copyright owner or legal entity authorized by the copyright owner that is making this Agreement with the Project. For legal entities, the entity making a Contribution and all other entities that control, are controlled by, or are under common control with that entity are considered to be a single Contributor. For the purposes of this definition, "control" means (i) the power, direct or indirect, to cause the direction or management of such entity, whether by contract or otherwise, or (ii) ownership of fifty percent (50%) or more of the outstanding shares, or (iii) beneficial ownership of such entity.
"Contribution" shall mean any original work of authorship, including any modifications or additions to an existing work, that is intentionally submitted by You to the Project for inclusion in, or documentation of, any of the products owned or managed by the Project (the "Work"). For the purposes of this definition, "submitted" means any form of electronic, verbal, or written communication sent to the Project or its representatives, including but not limited to communication on electronic mailing lists, source code control systems, and issue tracking systems that are managed by, or on behalf of, the Project for the purpose of discussing and improving the Work, but excluding communication that is conspicuously marked or otherwise designated in writing by You as "Not a Contribution."
2. Grant of Copyright License. Subject to the terms and conditions of this Agreement, You hereby grant to the Project and to recipients of software distributed by the Project a perpetual, worldwide, non-exclusive, no-charge, royalty-free, irrevocable copyright license to reproduce, prepare derivative works of, publicly display, publicly perform, sublicense, and distribute Your Contributions and such derivative works.
3. Grant of Patent License. Subject to the terms and conditions of this Agreement, You hereby grant to the Project and to recipients of software distributed by the Project a perpetual, worldwide, non-exclusive, no-charge, royalty-free, irrevocable (except as stated in this section) patent license to make, have made, use, offer to sell, sell, import, and otherwise transfer the Work, where such license applies only to those patent claims licensable by You that are necessarily infringed by Your Contribution(s) alone or by combination of Your Contribution(s) with the Work to which such Contribution(s) was submitted. If any entity institutes patent litigation against You or any other entity (including a cross-claim or counterclaim in a lawsuit) alleging that your Contribution, or the Work to which you have contributed, constitutes direct or contributory patent infringement, then any patent licenses granted to that entity under this Agreement for that Contribution or Work shall terminate as of the date such litigation is filed.
4. You represent that you are legally entitled to grant the above license. If your employer(s) has rights to intellectual property that you create that includes your Contributions, you represent that you have received permission to make Contributions on behalf of that employer, that your employer has waived such rights for your Contributions to the Project, or that your employer has executed a separate Corporate CLA with the Project.
5. You represent that each of Your Contributions is Your original creation (see section 7 for submissions on behalf of others). You represent that Your Contribution submissions include complete details of any third-party license or other restriction (including, but not limited to, related patents and trademarks) of which you are personally aware and which are associated with any part of Your Contributions.
6. You are not expected to provide support for Your Contributions, except to the extent You desire to provide support. You may provide support for free, for a fee, or not at all. Unless required by applicable law or agreed to in writing, You provide Your Contributions on an "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied, including, without limitation, any warranties or conditions of TITLE, NON- INFRINGEMENT, MERCHANTABILITY, or FITNESS FOR A PARTICULAR PURPOSE.
7. Should You wish to submit work that is not Your original creation, You may submit it to the Project separately from any Contribution, identifying the complete details of its source and of any license or other restriction (including, but not limited to, related patents, trademarks, and license agreements) of which you are personally aware, and conspicuously marking the work as "Submitted on behalf of a third-party: [named here]".
8. You agree to notify the Project of any facts or circumstances of which you become aware that would make these representations inaccurate in any respect.
Please fill in the blanks.
<table id="individual-table">
<tr>
<td colspan="2">
I am an individual, and no other individual or legal entity, including my employer, has or will have rights with respect to My Contribution.
</td>
</tr>
<tr>
<td>
Name*:
</td>
<td>
<input type="text" id="individual-name" class = "require" maxlength="100" />
</td>
</tr>
<tr>
<td>
E-Mail*:
</td>
<td>
<input type="text" id="individual-email" class = "require" maxlength="100" />
</td>
</tr>
<tr>
<td>
Telephone:
</td>
<td>
<input type="text" id="individual-telephone" maxlength="100" />
</td>
</tr>
<tr>
<td>
Fax:
</td>
<td>
<input type="text" id="individual-fax" maxlength="100" />
</td>
</tr>
<tr>
<td>
Address*:
</td>
<td>
<input type="text" id="individual-address" class = "require" maxlength="100" />
</td>
</tr>
<tr>
<td>
Date*:
</td>
<td>
<input type="text" id="individual-date" class = "require" maxlength="100" />
</td>
</tr>
<tr>
<td colspan="2">
* require field. Please make sure the E-Mail is related with your gitee account.
</td>
</tr>
</table>
<table id="cla-table">
<tr>
<td>
<a href="#" id="sign-cla-button" class="btn btn-template-main" posturl="/cla/">
Sign
</a>
<a href="#" id="reset-cla-button" class="btn btn-template-main">
Reset
</a>
</td>
</tr>
<tr>
<td>
<label id="tip-cla-label"></label>
</td>
</tr>
</table>
LICENSE 0 → 100644
浏览文件 @ 91d032f1
Apache License
Version 2.0, January 2004
http://www.apache.org/licenses/
TERMS AND CONDITIONS FOR USE, REPRODUCTION, AND DISTRIBUTION
1. Definitions.
"License" shall mean the terms and conditions for use, reproduction,
and distribution as defined by Sections 1 through 9 of this document.
"Licensor" shall mean the copyright owner or entity authorized by
the copyright owner that is granting the License.
"Legal Entity" shall mean the union of the acting entity and all
other entities that control, are controlled by, or are under common
control with that entity. For the purposes of this definition,
"control" means (i) the power, direct or indirect, to cause the
direction or management of such entity, whether by contract or
otherwise, or (ii) ownership of fifty percent (50%) or more of the
outstanding shares, or (iii) beneficial ownership of such entity.
"You" (or "Your") shall mean an individual or Legal Entity
exercising permissions granted by this License.
"Source" form shall mean the preferred form for making modifications,
including but not limited to software source code, documentation
source, and configuration files.
"Object" form shall mean any form resulting from mechanical
transformation or translation of a Source form, including but
not limited to compiled object code, generated documentation,
and conversions to other media types.
"Work" shall mean the work of authorship, whether in Source or
Object form, made available under the License, as indicated by a
copyright notice that is included in or attached to the work
(an example is provided in the Appendix below).
"Derivative Works" shall mean any work, whether in Source or Object
form, that is based on (or derived from) the Work and for which the
editorial revisions, annotations, elaborations, or other modifications
represent, as a whole, an original work of authorship. For the purposes
of this License, Derivative Works shall not include works that remain
separable from, or merely link (or bind by name) to the interfaces of,
the Work and Derivative Works thereof.
"Contribution" shall mean any work of authorship, including
the original version of the Work and any modifications or additions
to that Work or Derivative Works thereof, that is intentionally
submitted to Licensor for inclusion in the Work by the copyright owner
or by an individual or Legal Entity authorized to submit on behalf of
the copyright owner. For the purposes of this definition, "submitted"
means any form of electronic, verbal, or written communication sent
to the Licensor or its representatives, including but not limited to
communication on electronic mailing lists, source code control systems,
and issue tracking systems that are managed by, or on behalf of, the
Licensor for the purpose of discussing and improving the Work, but
excluding communication that is conspicuously marked or otherwise
designated in writing by the copyright owner as "Not a Contribution."
"Contributor" shall mean Licensor and any individual or Legal Entity
on behalf of whom a Contribution has been received by Licensor and
subsequently incorporated within the Work.
2. Grant of Copyright License. Subject to the terms and conditions of
this License, each Contributor hereby grants to You a perpetual,
worldwide, non-exclusive, no-charge, royalty-free, irrevocable
copyright license to reproduce, prepare Derivative Works of,
publicly display, publicly perform, sublicense, and distribute the
Work and such Derivative Works in Source or Object form.
3. Grant of Patent License. Subject to the terms and conditions of
this License, each Contributor hereby grants to You a perpetual,
worldwide, non-exclusive, no-charge, royalty-free, irrevocable
(except as stated in this section) patent license to make, have made,
use, offer to sell, sell, import, and otherwise transfer the Work,
where such license applies only to those patent claims licensable
by such Contributor that are necessarily infringed by their
Contribution(s) alone or by combination of their Contribution(s)
with the Work to which such Contribution(s) was submitted. If You
institute patent litigation against any entity (including a
cross-claim or counterclaim in a lawsuit) alleging that the Work
or a Contribution incorporated within the Work constitutes direct
or contributory patent infringement, then any patent licenses
granted to You under this License for that Work shall terminate
as of the date such litigation is filed.
4. Redistribution. You may reproduce and distribute copies of the
Work or Derivative Works thereof in any medium, with or without
modifications, and in Source or Object form, provided that You
meet the following conditions:
(a) You must give any other recipients of the Work or
Derivative Works a copy of this License; and
(b) You must cause any modified files to carry prominent notices
stating that You changed the files; and
(c) You must retain, in the Source form of any Derivative Works
that You distribute, all copyright, patent, trademark, and
attribution notices from the Source form of the Work,
excluding those notices that do not pertain to any part of
the Derivative Works; and
(d) If the Work includes a "NOTICE" text file as part of its
distribution, then any Derivative Works that You distribute must
include a readable copy of the attribution notices contained
within such NOTICE file, excluding those notices that do not
pertain to any part of the Derivative Works, in at least one
of the following places: within a NOTICE text file distributed
as part of the Derivative Works; within the Source form or
documentation, if provided along with the Derivative Works; or,
within a display generated by the Derivative Works, if and
wherever such third-party notices normally appear. The contents
of the NOTICE file are for informational purposes only and
do not modify the License. You may add Your own attribution
notices within Derivative Works that You distribute, alongside
or as an addendum to the NOTICE text from the Work, provided
that such additional attribution notices cannot be construed
as modifying the License.
You may add Your own copyright statement to Your modifications and
may provide additional or different license terms and conditions
for use, reproduction, or distribution of Your modifications, or
for any such Derivative Works as a whole, provided Your use,
reproduction, and distribution of the Work otherwise complies with
the conditions stated in this License.
5. Submission of Contributions. Unless You explicitly state otherwise,
any Contribution intentionally submitted for inclusion in the Work
by You to the Licensor shall be under the terms and conditions of
this License, without any additional terms or conditions.
Notwithstanding the above, nothing herein shall supersede or modify
the terms of any separate license agreement you may have executed
with Licensor regarding such Contributions.
6. Trademarks. This License does not grant permission to use the trade
names, trademarks, service marks, or product names of the Licensor,
except as required for reasonable and customary use in describing the
origin of the Work and reproducing the content of the NOTICE file.
7. Disclaimer of Warranty. Unless required by applicable law or
agreed to in writing, Licensor provides the Work (and each
Contributor provides its Contributions) on an "AS IS" BASIS,
WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or
implied, including, without limitation, any warranties or conditions
of TITLE, NON-INFRINGEMENT, MERCHANTABILITY, or FITNESS FOR A
PARTICULAR PURPOSE. You are solely responsible for determining the
appropriateness of using or redistributing the Work and assume any
risks associated with Your exercise of permissions under this License.
8. Limitation of Liability. In no event and under no legal theory,
whether in tort (including negligence), contract, or otherwise,
unless required by applicable law (such as deliberate and grossly
negligent acts) or agreed to in writing, shall any Contributor be
liable to You for damages, including any direct, indirect, special,
incidental, or consequential damages of any character arising as a
result of this License or out of the use or inability to use the
Work (including but not limited to damages for loss of goodwill,
work stoppage, computer failure or malfunction, or any and all
other commercial damages or losses), even if such Contributor
has been advised of the possibility of such damages.
9. Accepting Warranty or Additional Liability. While redistributing
the Work or Derivative Works thereof, You may choose to offer,
and charge a fee for, acceptance of support, warranty, indemnity,
or other liability obligations and/or rights consistent with this
License. However, in accepting such obligations, You may act only
on Your own behalf and on Your sole responsibility, not on behalf
of any other Contributor, and only if You agree to indemnify,
defend, and hold each Contributor harmless for any liability
incurred by, or claims asserted against, such Contributor by reason
of your accepting any such warranty or additional liability.
END OF TERMS AND CONDITIONS
APPENDIX: How to apply the Apache License to your work.
To apply the Apache License to your work, attach the following
boilerplate notice, with the fields enclosed by brackets "[]"
replaced with your own identifying information. (Don't include
the brackets!) The text should be enclosed in the appropriate
comment syntax for the file format. We also recommend that a
file or class name and description of purpose be included on the
same "printed page" as the copyright notice for easier
identification within third-party archives.
Copyright [yyyy] [name of copyright owner]
Licensed under the Apache License, Version 2.0 (the "License");
you may not use this file except in compliance with the License.
You may obtain a copy of the License at
http://www.apache.org/licenses/LICENSE-2.0
Unless required by applicable law or agreed to in writing, software
distributed under the License is distributed on an "AS IS" BASIS,
WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
See the License for the specific language governing permissions and
limitations under the License.
NOTICE 0 → 100644
浏览文件 @ 91d032f1
MindSpore Community
Copyright 2019-2020 Huawei Technologies Co., Ltd
README.md 0 → 100644
浏览文件 @ 91d032f1
![MindSpore Logo](MindSpore-logo.png "MindSpore logo")
============================================================
- [MindSpore Community](#mindspore-community)
- [Charter](#charter)
- [Code Of Conduct](#code-of-conduct)
- [Contributor License Agreement](#contributor-license-agreement)
- [Useful CI Commands](#useful-ci-commands)
- [Communications](#communications)
- [CVE Report](#cve-report)
- [Slide Template](#slide-template)
# MindSpore Community
This is the repo for all the community related materials. You can find the
following information.
## Charter
Community charter is documented in [governance.md](governance.md), this is
an initial draft and will need to be approved and updated by the TSC. We
also have [sig document](sigs.md) and [working group document](working-groups.md)
charter provided.
## Code Of Conduct
One of the most important community document, we provided both the
[Chinese version](code-of-conduct_zh_cn.md) and [English version](code-of-conduct_en.md)
based on CNCF Code Of Conduct.
## Contributor License Agreement
You can find both the [Individual Contributor License Agreement](ICLA.md)
and [Corporate Contributor License Agreement](CCLA.pdf).
## Useful CI Commands
Please check out some of the most useful [CI command](command.md)
you could use.
## Communications
Please find all the necessary information regarding how we use `IRC`, `Slack`,
and `mailing-list` for discussions in the community.
## CVE Report
If you want to file a CVE report, please refer to information in the `security`
folder.
## Slide Template
MindSpore community themed slide templates if you need to make a presentation.
code-of-conduct_en.md 0 → 100644
浏览文件 @ 91d032f1
## MindSpore Community Code of Conduct v1.0
The MindSpore Community CoC is a direct adaption of [CNCF Code Of Conduct v1.0](https://github.com/cncf/foundation/blob/master/code-of-conduct.md) with minor modifications for the MindSpore Community specific conditions.
### Contributor Code of Conduct
As contributors and maintainers of this project, and in the interest of fostering
an open and welcoming community, we pledge to respect all people who contribute
through reporting issues, posting feature requests, updating documentation,
submitting pull requests or patches, and other activities.
We are committed to making participation in this project a harassment-free experience for
everyone, regardless of level of experience, gender, gender identity and expression,
sexual orientation, disability, personal appearance, body size, race, ethnicity, age,
religion, or nationality.
Examples of unacceptable behavior by participants include:
* The use of sexualized language or imagery
* Personal attacks
* Trolling or insulting/derogatory comments
* Public or private harassment
* Publishing others' private information, such as physical or electronic addresses,
without explicit permission
* Other unethical or unprofessional conduct.
Project maintainers have the right and responsibility to remove, edit, or reject
comments, commits, code, wiki edits, issues, and other contributions that are not
aligned to this Code of Conduct. By adopting this Code of Conduct, project maintainers
commit themselves to fairly and consistently applying these principles to every aspect
of managing this project. Project maintainers who do not follow or enforce the Code of
Conduct may be permanently removed from the project team.
This code of conduct applies both within project spaces and in public spaces
when an individual is representing the project or its community.
Instances of abusive, harassing, or otherwise unacceptable behavior in MindSpore may be reported via <contact@mindspore.cn>.
This Code of Conduct is adapted from the Contributor Covenant
(http://contributor-covenant.org), version 1.2.0, available at
http://contributor-covenant.org/version/1/2/0/.
code-of-conduct_zh_cn.md 0 → 100644
浏览文件 @ 91d032f1
MindSpore社区行为准则 1.0 版本
---------------------------------------------
* MindSpore社区行为准则是对[CNCF社区行为准则](https://github.com/cncf/foundation/blob/master/code-of-conduct-languages/zh.md)的直接继承。原文本基础上有少许应对MindSpore社区具体情况的改动。
### 贡献者行为准则
作为这个项目的贡献者和维护者,为了建立一个开放和受欢迎的社区,我们保证尊重所有通过报告问题、发布功能请求、更新文档、提交拉取请求或补丁以及其他活动做出贡献的人员。
我们致力于让参与此项目的每个人都不受骚扰,无论其经验水平、性别、性别认同和表达、性取向、残疾、个人外貌、体型、人种、种族、年龄、宗教或国籍等。
不可接受的参与者行为包括:
- 使用性语言或图像
- 人身攻击
- 挑衅、侮辱或贬低性评论
- 公开或私下骚扰
- 未经明确许可,发布他人的私人信息,比如地址或电子邮箱
- 其他不道德或不专业的行为
项目维护者有权利和责任删除、编辑或拒绝评论、提交、代码、维基编辑、问题和其他不符合本行为准则的贡献。通过采用本行为准则,项目维护者承诺将这些原则公平且一致地应用到这个项目管理的各个方面。不遵守或不执行行为准则的项目维护者可能被永久地从项目团队中移除。
当个人代表项目或其社区时,本行为准则适用于项目空间和公共空间。
如需举报侮辱、骚扰或其他不可接受的行为,您可发送邮件至 <conduct@mindspore.cn>
本行为准则改编自《贡献者契约》( http://contributor-covenant.org )1.2.0 版本,可在 http://contributor-covenant.org/version/1/2/0/ 查看。
command.md 0 → 100644
浏览文件 @ 91d032f1
## MindSpore Community Command Help
All of the projects in MindSpore Community are maintained by Bot.
That means the developers can comment below every Pull Request or Issue to trigger Bot Commands.
The Commands incluing as follows:
<table class="command">
<thead>
<tr>
<th>Command</th>
<th width="25%">Example</th>
<th>Description</th>
<th>Who Can Use</th>
</tr>
</thead>
<tbody>
<tr>
<td>
/check-cla
</td>
<td style="white-space:nowrap;">
/check-cla
</td>
<td>
Forces rechecking of the CLA status of a Pull Request.
If the Pull Request author has already signed CLA,
the label `mindspore-cla/yes` will be added in the Pull Request,
If not, the label `mindspore-cla/no` will be added.
</td>
<td>
Anyone
</td>
</tr>
<tr>
<td>
/lgtm [cancel]
</td>
<td style="white-space:nowrap;">
/lgtm
<br/>
/lgtm cancel
</td>
<td>
Adds or removes the `lgtm` label which is typically used to gate merging.
</td>
<td>
Collaborators on the repository. `/lgtm cancel` can be used additionally by the Pull Request author.
</td>
</tr>
<tr>
<td>
/approve [cancel]
</td>
<td style="white-space:nowrap;">
/approve
<br/>
/approve cancel
</td>
<td>
Adds or removes the `approved` label which is typically used to gate merging.
</td>
<td>
Collaborators on the repository.
</td>
</tr>
<tr>
<td>
/[remove-]kind
</td>
<td style="white-space:nowrap;">
/kind bug
<br/>
/remove-kind bug
</td>
<td>
Applies or removes a kind label from one of the recognized types of labels.
For example, the label is more like `kind/bug`.
</td>
<td>
Anyone can trigger this command on a Pull Request or Issue.
</td>
</tr>
<tr>
<td>
/[remove-]priority
</td>
<td style="white-space:nowrap;">
/priority high
<br/>
/remove-priority high
</td>
<td>
Applies or removes a priority label from one of the recognized types of labels.
For example, the label is more like `priority/high`.
</td>
<td>
Anyone can trigger this command on a Pull Request or Issue.
</td>
</tr>
<tr>
<td>
/[remove-]sig
</td>
<td style="white-space:nowrap;">
/sig kernel
<br/>
/remove-sig kernel
</td>
<td>
Applies or removes a sig label from one of the recognized types of labels.
For example, the label is more like `sig/kernel`.
</td>
<td>
Anyone can trigger this command on a Pull Request or Issue.
</td>
</tr>
<tr>
<td>
/close
</td>
<td style="white-space:nowrap;">
/close
</td>
<td>
Closes a Pull Request or an Issue.
</td>
<td>
Authors and collaborators on the repository can trigger this command.
</td>
</tr>
<tr>
<td>
/reopen
</td>
<td style="white-space:nowrap;">
/reopen
</td>
<td>
Reopens an Issue.
</td>
<td>
Authors and collaborators on the repository can trigger this command.
</td>
</tr>
<tr>
<td>
/retest
</td>
<td style="white-space:nowrap;">
/retest
</td>
<td>
Rerun test jobs that have failed.
</td>
<td>
Anyone can trigger this command on a Pull Request.
</td>
</tr>
<tr>
<td>
/assign [[@]...]
</td>
<td style="white-space:nowrap;">
/assign
<br/>
/assign @mindspore-ci-bot
</td>
<td>
Assigns an assignee to an Issue.
</td>
<td>
Anyone can use this command on an Issue,
but the target user must be a member of the org that owns the repository.
If no target user is specified, that means this Issue will be assigned to yourself.
</td>
</tr>
<tr>
<td>
/unassign [[@]...]
</td>
<td style="white-space:nowrap;">
/unassign
<br/>
/unassign @mindspore-ci-bot
</td>
<td>
UnAssigns an assignee from an Issue.
</td>
<td>
Anyone can use this command on an Issue,
but the target user must be a member of the org that owns the repository.
If no target user is specified, that means this Issue will be unassigned from yourself.
</td>
</tr>
</tbody>
</table>
\ No newline at end of file
communication/irc-guidelines_en.md 0 → 100644
浏览文件 @ 91d032f1
## IRC guidelines
### Brief
MindSpore community holds its various public meetings on **[IRC](https://en.wikipedia.org/wiki/Internet_Relay_Chat)**, in the following channels:
* #mindspore-discuss
* #mindspore-sc
on Freenode. Everyone is encouraged to attend, [Connect to IRC via webclient](https://webchat.freenode.net/?randomnick=1&channels=%23mindspore-discuss%2C%23mindspore-sc&prompt=1&uio=d4)
webclient recommended:
* [freenode-chat](https://webchat.freenode.net/)
* [irccloud](https://www.irccloud.com/)
IRC channels and logged. You can find all channels and all logs here:
[IRC Channel Logs](http://meeting.mindspore.cn/)
### Use Case
The meeting channel can be managed by meeting chair with bot command, which is used by # prefix character. The basic commands are shown below:
#startmeeting - (chair) Start the meeting on channel. the meeting topic should be given on the rest. e.g. ``#startmeeting infra``
#topic - (chair) - (chair) Start a topic on channel to make sure all partners focus on a special topic.
#endmeeting - (chair) End the whole meeting.
For more other commands, please step into next section.
### Commands
All commands are case-insensitive, and use the ``#`` prefix character. Not all commands have output. The commands are.
#startmeeting
Start a meeting. The calling nick becomes the chair. If any text is given on the rest of the line, this becomes the meeting topic.
#endmeeting
End a meeting, save logs, restore previous topic, give links to logs. You know the drill. (Chairs only.)
#topic
Set the current topic of discussion, the rest of the line will become the topic, change the topic in the channel (saving the original topic to be restored at the end of the meeting). (Chairs only.)
#agreed (alias #agree)
Mark something as agreed on. The rest of the line is the details. (Chairs only.) All the rest text will be recorded by system after the meeting end.
#chair and #unchair
Add new chairs to the meeting. The rest of the line is a list of nicks, separated by commas and/or spaces. The nick which started the meeting is the ``owner`` and can't be de-chaired. The command replies with a list of the current chairs, for verification (Chairs only.) Example::
```
<freesky-edward> #chair MrGreen MsAlizarin
<mindspore-ci-bot> Current chairs are: freesky-edward MsAlizarin MrGreen
```
#action
Add an ``ACTION`` item to the minutes. Provide irc nicks of people involved, and will be both a complete listing of action items, and a listing of action items sorted by nick at the end of the meeting. This is very useful for making sure this gets done. Example::
```
<freesky-edward> #action MrGreen will read the entire Internet to determine why the hive cluster is under attack.
```
#info
Add an ``INFO`` item to the minutes. Example::
```
<freesky-edward> #info We need much effort before the next release.
```
#link
Add a link to the minutes. The URL will be properly detected within the line in most cases - the URL can't contain spaces. This command is automatically detected if the line starts with http:, https:. Examples::
```
<freesky-edward> #link [http://wiki.debian.org/MeetBot/](http://wiki.debian.org/MeetBot/) is the main page
<freesky-edward> [http://wiki.debian.org/MeetBot/](http://wiki.debian.org/MeetBot/) is the main page
<freesky-edward> #link the main page is [http://wiki.debian.org/MeetBot/](http://wiki.debian.org/MeetBot/)
so go there
```
communication/irc-guidelines_zh_cn.md 0 → 100644
浏览文件 @ 91d032f1
## IRC指引
### 简要介绍
MindSpore社区在**[IRC](https://zh.wikipedia.org/wiki/IRC)**举行相关的会议,频道有:
* #mindspore-discuss
* #mindspore-sc
在Freenode上,每个人都鼓励去参与,[连接到webclient](https://webchat.freenode.net/?randomnick=1&channels=%23mindspore-discuss%2C%23mindspore-sc&prompt=1&uio=d4)
webclient推荐:
* [freenode-chat](https://webchat.freenode.net/)
* [irccloud](https://www.irccloud.com/)
IRC频道与日志,您可以在这里找到所有的频道和记录[IRC Channel Logs](http://meeting.mindspore.cn/)
### 用户场景
会议主持者能通过bot命令管理会议频道,命令是采用`#作为前缀的字符,常用的命令有:
#startmeeting - (主持人) 开始一个会议,命令后面需要跟随一个会议的主题。例如:`#startmeeting infra`
#topic - (主持人) 开始一个议题讨论,命令后面的字符就是该议题的简要描述。例如:`#topic next release time`
#endmeeting -(主持人)结束当前的会议。
### 命令
所有的命令使用`#`字符前缀,但是并不是所有命令系统都有响应输出,具体的单个命令集有:
#startmeeting
开始一个会议,键入这个命令的人将成为该会议的主持人,命令后面的文字将成为该会议的主题。
#endmeeting
结束当前的会议,系统会记录会议日志,并给出相应的会议纪要地址。
#topic
设置当前会议的讨论主题,命令后面的文字将成为议题主题,当前会议结束后,系统将在会议记录中高亮会议主题以方便查看。
#agreed (alias #agree)
表示与会人达成一定的结论,命令行后面即是结论内容。会议结束后,系统将在会议结论中记录该结论。
#chair and #unchair
用于增加或者移除会议主持人,命令后跟IRC的昵称,开始会议的人将是会议的所有者,在会议过程中是不能被移除,命令将对执行结果给出回应信息,例如:
```
<freesky-edward> #chair MrGreen MsAlizarin
<mindspore-ci-bot> Current chairs are: freesky-edward MsAlizarin MrGreen
```
#action
用于记录会议讨论后下一步需要某人采取的动作,命令后面的第一串字符表示动作的执行人,后续文字将是对动作的描述,待会议结束后,会议纪要将把该后续动作记录下来。命令样例:
```
<freesky-edward> #action MrGreen 查找整个网络了解为啥集群受到攻击。
```
#info
用于在会议记录中高亮显示一个记录,例如:
```
<freesky-edward> #info 在下一个版本发布前,我们还有很多工作需要做。
```
#link
用于添加一个网络连接,命令后即是该连接的地址,连接不能有空格,如果敲入的文字以http或者https开头,系统会默认执行该命令,例如:
```
<freesky-edward> #link [http://wiki.debian.org/MeetBot/](http://wiki.debian.org/MeetBot/) 是主页
<freesky-edward> [http://wiki.debian.org/MeetBot/](http://wiki.debian.org/MeetBot/) 是主页
<freesky-edward> #link the main page is [http://wiki.debian.org/MeetBot/](http://wiki.debian.org/MeetBot/)
浏览这里
```
communication/mailing-list-guidelines_en.md 0 → 100644
浏览文件 @ 91d032f1
## Mailing list guidelines
### How Do I Subscribe to the Mail List?
Welcome to participate in the discussion through the mail list.
If you have never subscribed to the mail list, do as follows:
1. Open [mailweb service](https://mailweb.mindspore.cn/), and click the name of the mail list that you want to subscribe to.
2. Wait until the browser goes to the subscription page of the mail list, which provides instructions on how to subscribe.
3. Read the subscription instructions and provide an email address that you want to use to subscribe to the mail list.
4. Enter your email address and click Subscribe. You will receive an email asking you to confirm the subscription.
5. Reply the email to confirm your subscription.
6. At last, you will receive a welcome email from the email list.
| List name | Post address | Description |
| :-------- | :----------- | :---------- |
| Contact | contact@mindspore.cn | |
| MindSpore-infra | mindspore-infra@mindspore.cn | |
| MindSpore-discuss | mindspore-discuss@mindspore.cn | |
| MindSpore-research | mindspore-research@mindspore.cn | |
| MindSpore-tsc | mindspore-tsc@mindspore.cn | |
| MindSpore-security | mindspore-security@mindspore.cn | |
### How Do I Send an Email to the Mail List?
To send an email to a specified mail list, send your email to the address listed after the mail list.
All community memberships in this mail list will receive your email.
### How Can I View the Previous Mail List?
To view previous emails, visit the following archive addresses:
- **[Contact](https://mailweb.mindspore.cn/hyperkitty/list/contact@mindspore.cn/)**
- **[MindSpore-infra](https://mailweb.mindspore.cn/hyperkitty/list/mindspore-infra@mindspore.cn/)**
- **[MindSpore-discuss](https://mailweb.mindspore.cn/hyperkitty/list/mindspore-discuss@mindspore.cn/)**
- **[MindSpore-research](https://mailweb.mindspore.cn/hyperkitty/list/mindspore-research@mindspore.cn/)**
- **[MindSpore-tsc](https://mailweb.mindspore.cn/hyperkitty/list/mindspore-tsc@mindspore.cn/)**
- **[MindSpore-security](https://mailweb.mindspore.cn/hyperkitty/list/mindspore-security@mindspore.cn/)**
communication/mailing-list-guidelines_zh_cn.md 0 → 100644
浏览文件 @ 91d032f1
## 邮件列表指引
### 如何订阅邮件列表?
欢迎参与邮件列表讨论!
如果您以前从未订阅过邮件列表,请参照下面的操作步骤。
1. 打开[邮件订阅服务](https://mailweb.mindspore.cn/),点击您想要订阅的邮件列表的名称。
2. 浏览器将跳转到该邮件列表的订阅页面,那里将提供有关如何订阅的说明。
3. 阅读订阅说明,您需要提供一个您希望用来订阅邮件列表的电子邮件地址。
4. 输入您的电子邮件地址并点击订阅,您将收到一封电子邮件,要求您确认订阅。
5. 回复您收到的电子邮件以确认您的订阅。
6. 最后您将收到来自一封来自邮件列表的欢迎邮件。
| 列表名称 | 邮件地址 | 描述 |
| :------ | :------ | :--- |
| Contact | contact@mindspore.cn | |
| MindSpore-infra | mindspore-infra@mindspore.cn | |
| MindSpore-discuss | mindspore-discuss@mindspore.cn | |
| MindSpore-research | mindspore-research@mindspore.cn | |
| MindSpore-tsc | mindspore-tsc@mindspore.cn | |
| MindSpore-security | mindspore-security@mindspore.cn | |
### 如何发送邮件到邮件列表?
要将邮件发送到指定的邮件列表,请向上表中列出的邮件地址发送您的电子邮件。
这样所有在这个邮件列表中的社区成员都能收到您的电子邮件。
### 如何查看以前的邮件列表?
要查看邮件列表中以前发布的电子邮件,请访问以下存档地址:
- **[Contact](https://mailweb.mindspore.cn/hyperkitty/list/contact@mindspore.cn/)**
- **[MindSpore-infra](https://mailweb.mindspore.cn/hyperkitty/list/mindspore-infra@mindspore.cn/)**
- **[MindSpore-discuss](https://mailweb.mindspore.cn/hyperkitty/list/mindspore-discuss@mindspore.cn/)**
- **[MindSpore-research](https://mailweb.mindspore.cn/hyperkitty/list/mindspore-research@mindspore.cn/)**
- **[MindSpore-tsc](https://mailweb.mindspore.cn/hyperkitty/list/mindspore-tsc@mindspore.cn/)**
- **[MindSpore-security](https://mailweb.mindspore.cn/hyperkitty/list/mindspore-security@mindspore.cn/)**
communication/slack-guidelines.md 0 → 100644
浏览文件 @ 91d032f1
## Slack guidelines
Slack is the main communication platform for MindSpore outside of our mailing lists. It’s important that conversation stays on topic in each channel, and that everyone abides by the [Code of Conduct](../code-of-conduct_en.md). Community members should all expect to have a positive experience.
Chat is searchable and public. Do not make comments that you would not say on a video recording or in another public space. Please be courteous to others.
*`@here`* and *`@channel`* should be used rarely. Members will receive notifications from these commands and we are a global project - please be kind. Note: *`@all`* is only to be used by admins.
You can join the [MindSpore Slack](https://mindspore.slack.com/) instance at [https://mindspore.slack.com/](https://join.slack.com/t/mindspore/shared_invite/enQtOTcwMTIxMDI3NjM0LTNkMWM2MzI5NjIyZWU5ZWQ5M2EwMTQ5MWNiYzMxOGM4OWFhZjI4M2E5OGI2YTg3ODU1ODE2Njg1MThiNWI3YmQ).
governance.md 0 → 100644
浏览文件 @ 91d032f1
# MindSpore Open Governance
## Overview
MindSpore is embracing open governance to build a truly open source ecosystem
and developer friendly atmosphere. The governance model adopted here is heavily
influenced by the [onnx governance](https://github.com/onnx/onnx/blob/master/community/readme.md)
which drew reference from the [kubernetes governance](https://github.com/kubernetes/community/blob/master/governance.md).
*For similar structures some of the same wordings from onnx governance are
borrowed to adhere to the originally construed meaning.*
MindSpore open governance adopts three types of governance structures: Technical
Steering Committee, Special Interest Groups (SIGs) and Working Groups (WG).
MindSpore also defines two roles for development: *Contributor* and *Approver*.
*Contributors* are the developers who have contributed code which got merged and
*Approvers* are those who have the right to merge code. *Contributors* can vote
and run for the *Approver* role. The Technical Steering Committee charters
SIGs/WGs and appoints SIG/WG chairs. Every piece of MindSpore belongs to some
SIG. Contributors and Approvers participate in one or more SIGs.
The effort is bootstrapped with an initial Technical Steering Committee and set
of SIGs with the first elections to occur after 1 year.
## Principles
The MindSpore community adheres to the following principles:
* __Open__: MindSpore is open source. See repository guidelines and CLA, below.
* __Welcoming and respectful__: See Code of Conduct, below.
* __Transparent and accessible__: Work and collaboration should be done in
public. See SIG governance, below.
* __Merit__: Ideas and contributions are accepted according to their technical
merit and alignment with project objectives, scope and design principles.
* __Speed__: Contributing the time and effort to ensure fast decision-making is
key to ensuring that the specifications produced is aligned to the fast
iteration of machine learning technologies.
## Community Roles
### Contributors
Contributors are the developers who have contributed code and got merged. They
can have issues and PRs assigned to them. They also have voting privileges.
Contributors can be active in many ways including but not limited to:
* Authoring or reviewing PRs, but do not have right to merge
* Filing or commenting on issues
* Contributing to SIG, WG, or community discussions (e.g. IRC, meetings,
email discussion forums, Stack Overflow, etc)
* Creator of content, promoting and advocating the MindSpore community.
The first group of Contributors will be appointed and more Contributors will be
added accordingly.
### Approvers
Approvers are *Contributors* who have the right to merge code. Approvers are
responsible for reviewing contributions for acceptance by considering not just
code quality but also holistic impact of the contribution including
compatibility, performance, and interactions with other areas.
Approvers need to be active *Contributors* for at least 3 months and will be
selected in a voting process within a SIG/WG by all the related *Contributors*.
The first group of Approvers will be appointed for an one-year term.
After the first year all the Approvers need to be qualified through open
elections.
### Community Partners
Community Partners are organizations (include but not limited to companies,
universities, research institutes, industrial associations, open source
foundations/communities/projects, etc.) that support MindSpore in one or more
of the following ways:
* Having employees participate in SIGs, Working Groups, or the Technical
Steering Committee
* Hosting a workshop or meetup for MindSpore
* Providing resources for building or hosting MindSpore assets
* Doing media or PR activities to promote MindSpore
* Shipping a product that supports MindSpore
* Collaborating in open source development with MindSpore
Community Partners do not have any voting rights, except via their employees
who are *Contributors*. Affiliates and subsidiaries are considered as separate
organizations. Being a Community Partner does not by itself confer any
compliance or certification to the Community Partner's products.
### Community Manager
Community manager is the people who help run day to day MindSpore governance
operations. The role is appointed by the Technical Steering Committee and does
not have any code or voting related privileges by its own right. The role does
not have a term limit and its duration depends only upon the governance charter
approved by the Technical Steering Committee.
## Organizational Structure
The MindSpore community is organized in the following manner, with all
governance and execution being planned and coordinated as follows:
* **Technical Steering Committee** is made up of a set number of people whose
charter it is to define and iterate on the vision, goals, and governance process
of the MindSpore community.
* **Special Interest Groups (SIGs)** are persistent groups that are responsible
for specific parts of the project. SIGs must have open and transparent
proceedings. Anyone is welcomed to participate and contribute provided they
follow the [Code of Conduct](code-of-conduct_en.md). The purpose of a SIG is to
develop a set of goals to be achieved over a set period of time, and then to
gather input, drive consensus and closure, implement code contributions, and
other related activities to achieve the goal. SIGs are also responsible for
ongoing maintenance of the code in their areas.
* **Working Groups** are groups that are formed to address issues that cross SIG
boundaries. Working groups do not own any feature code ownership or other long
term artifacts. Working groups can report back and act through involved SIGs.
## Language
The working language in MindSpore community is English, this applies to things
like code notation, documentation, ISSUE, PR and so forth. International
language support for documentation translation and localized presentations are
highly encouraged. An i18n WG could be formed to address multi-lang support.
### Technical Steering Committee
#### Role
The Technical Steering Committee has a set of rights and responsibilities
including the following:
* Define, evolve, and defend the vision, values, mission, and scope of the
community.
* Define, evolve, and defend a [Code of Conduct](code-of-conduct_en.md), which
must include a neutral and unbiased process for resolving conflicts.
* Define and evolve project governance structures and policies,
including how members become Contributors, approvers, SIG chairs, etc.
* Charter and refine policy for defining new community groups (Special Interest
Groups, Working Groups, and any future possible defined structure), and
establish transparency and accountability policies for such groups.
* Decide, for the purpose of elections, who is a member of standing of the
MindSpore community, and what privileges that entails.
* Decide which functional areas and scope are part of the MindSpore community,
including accepting new or pruning old SIGs and Working Groups.
* Decide how and when official releases of MindSpore artifacts are made and what
they include.
* Declare releases when quality/feature/other requirements are met.
* Control access to, establish processes regarding, and provide a final
escalation path for any MindSpore repository, which currently includes all
repositories under the MindSpore organizations
* Control and delegate access to and establish processes regarding other project
resources/assets, including artifact repositories, build and test infrastructure,
web sites and their domains, blogs, social-media accounts, etc.
* Define any certification process.
* Manage the MindSpore brand and any outbound marketing.
* Make decisions by majority vote if consensus cannot be reached.
#### Structure
The Technical Steering Committee (TSC) consists of representatives from the
community. The first group of TSC members will consist of representatives from
the founding members. The chairperson of the TSC will be appointed for the first
term. No single member entity may have more than 1 representative. TSC chair and
members all serve 1 year terms.
TSC Chair is the chairperson of the Technical Steering Committee that fulfills
the duties include hosting TSC meetings, organizing elections and participating
promotion related publicities. TSC Chair is a member of the sitting TSC and has
the same voting right as any other TSC member.
After the initial term, TSC members will elect the new TSC Chair for the next
term. The TSC member seat itself will constitute representative from the same
founding member entity, unless alterations occurs to that membership which
leads to either new TSC member appointed by the newly TSC-approved member entity,
or the vacancy of the seat if the TSC votes to shrink the size of the committee.
Additionally, TSC might create new Contributor representative seats which could be
open for any *Contributor* in the community to be elected into the seat via a
community vote. Only Contributors may vote, but would be restricted to no more
than one representative elected per member entity.
If a representative of the Technical Steering Committee changes affiliations,
by default the original member entity should appoint a new TSC representative.
If the employment change results in a single member entity having more than one
representative, then one of them must resign. If the
founding member entity fails to appoint a new TSC representative, the TSC will
decide the new seat. Elections will be held for the seat which is elected.
A Technical Steering Committee representative can be removed due to
[Code of Conduct](code-of-conduct_en.md) violations by a super majority vote in
the TSC.
#### Decision
The Technical Steering Committee (TSC) requires quorum of the member to be
present for any type of decision making process. An official TSC decision will
be carried through by a majority vote (i.e more than half of the TSC vote yes).
During the first year of the TSC term, in order to ensure the smooth progress
of the community, if TSC meeting does not get quorum in live attendance, then
an email quorum voting procedure will be initiated. If email voting does not get
quorum in a week, then the motion will be treated as approved if there is no
outstanding objection from any of the TSC member.
### SIG - Special Interest Groups
#### Role
The MindSpore project is organized primarily into Special Interest Groups, or
SIGs. Each SIG is comprised of individuals from multiple companies and
organizations, with a common purpose of advancing the project with respect to a
specific topic.
Our goal is to enable a distributed decision structure and code ownership,
as well as providing focused forums for getting work done, making decisions,
and on-boarding new Contributors. Every identifiable part of the project
(e.g., repository, subdirectory, API, test, issue, PR, IRC) is intended to be
owned by some SIG. At the time of inception of this organizational structure,
the following SIGs will be present:
| SIG name | Responsibilities |
| :------- | :--------------- |
| FrontEnd | This SIG is responsible for the development of MindSpore front-end expression. |
| Compiler | This SIG is responsible for the development of MindSpore high level graph compilation. |
| Executor | This SIG is responsible for the development of MindSpore back-end support for pipeline. |
| ModelZoo | This SIG is responsible for the development of MindSpore modelzoo and additional ops. |
| Data | This SIG is responsible for the development of MindSpore data processing and data format transformation. |
| GraphEngine | This SIG is responsible for the development of MindSpore graph engine for Ascend AI processor. |
| Visualization | This SIG is responsible for the development of MindSpore visualization tools. |
| Security | This SIG is responsible for the development of MindSpore security related tools. |
#### Structure
SIGs must have at least one, and may have up to two SIG chairs at any given
time. SIG chairs are intended to be organizers and facilitators, responsible for
the operation of the SIG and for communication and coordination with the other
SIGs, the Technical Steering Committee, and the broader community. All SIG
chairs are appointed by the Technical Steering Committee. If there are more
than two *Contributors* being considered for a particular SIG, the Technical
Steering Committee will vote on and resolve who the chairs would be. Candidates
need to be *Approvers*.
Each SIG must have a charter that specifies its scope (topics, sub-systems,
code repos and directories), responsibilities, and areas of authority. Charters
are submitted to the MindSpore community via PR for review and approval by the
Technical Steering Committee who will be looking to ensure the scope of the SIG
as represented in the charter is reasonable. All SIGs are expected to follow
the standards established by the Technical Steering Committee for how
*Contributors* are roles of authority/leadership are selected/granted, how
decisions are made, and how conflicts are resolved.
A primary reason that SIGs exist is as forums for collaboration. Much work in a
SIG should stay local within that SIG. However, SIGs must communicate in the
open, ensure other SIGs and community members can find meeting notes,
discussions, designs, and decisions, and periodically communicate a high-level
summary of the SIG's work to the community. SIGs are also responsible to:
* Meet regularly, at least monthly
* Keep up-to-date meeting notes, linked from the SIG's page in the community
repo
* Announce meeting agenda and minutes after each meeting, on the
mindspore-discuss mailing list and/or IRC or slack or other channel.
* Ensure the SIG's decision making is archived (i.e on IRC meeting log)
* Report activity in overall MindSpore community meetings
* Participate in release planning meetings, retrospective, etc (if relevant)
* Actively triage issues, PRs, test failures, etc. related to code and tests
owned by the SIG
* Use the above forums as the primary means of working, communicating, and
collaborating, as opposed to private emails and meetings
#### Decision making
When it is time to formalize the work-product from a SIG, votes are taken from
every *Contributor* who participates in the SIG. The list of active
*Contributors* is determined by the one (or two) SIG leads to ensure that only
those who have actively participated in the SIG can vote. At this time there is
no restrictions on how many *Contributors* from any one member entity can
participate (and hence vote). The Technical Steering Committee will monitor how
the community behaves and apply constraints if needed in the future.
While most work shouldn’t require expensive coordination with other SIGs, there
will be efforts (features, refactoring, etc.) that cross SIG boundaries. In this
case, it is expected that the SIGs coordinate with each other and come to
mutually agreed solutions. In some cases, it may make sense to form a Working
Group for joint work. Cross-SIG coordination will naturally require more time
and implies a certain amount of overhead. This is intentional to encourage
changes to be well encapsulated whenever possible.
### WG - Working Groups
Working Groups (WGs) are primarily used to facilitate topics of discussion that
cross SIG lines, or are topics which are short-lived and require a limited set
of decisions to be agreed upon. Working groups:
* do not own feature code that will be included in a certain release (document
not applied here)
* have a clear goal measured through specific deliverables
* could choose to be retired after most of the goals are achieved
Working Groups can create glue code, specifications, recommendations, or
implementations for submission to the relevant SIGs for approval and acceptance.
At time of inception of this organizational structure, the following WGs will be
present initially:
* Doc
* Infra
Working Groups are formed by submitting a proposal via PR to the Technical
Steering Committee. The proposal should cover:
* what is the exact problem being worked on
* what is the exit criteria
* who are the chairs (up to 2)
* what are the meeting and discussion mechanics
## Repository Guidelines
All repositories under the MindSpore org:
* Must adopt the MindSpore [Code of Conduct](code-of-conduct_en.md).
* All code projects use the Apache 2.0 license. Documentation repositories must
use the Creative Commons License version 4.0.
* Must adopt the MindSpore CI bot
* Repository must be approved by the Technical Steering Committee
Repositories can be removed when they are inactive by archiving them.
## CLA
All Contributors must either sign the [MindSpore ICLA](https://www.mindspore.cn/icla),
or download and sign the [MindSpore CCLA](CCLA.pdf) and sent a scan
copy to <contact@mindspore.cn>. The Technical Steering Committee will update the
CLA to reflect the MindSpore organization/ownership as needed.
meetings/README.md 0 → 100644
浏览文件 @ 91d032f1
## MindSpore community meeting
Coming soon...
security/cve-report_en.md 0 → 100644
浏览文件 @ 91d032f1
# MindSpore Security
MindSpore is a training and inference framework that supports device, edge, and cloud scenarios. It is widely used in various fields, such as terminals, edge computing, cloud services, network devices, storage devices, and 5G, and needs to meet application security requirements in preceding scenarios.
As a general-purpose computing framework, MindSpore can run on different chip platforms such as the CPU, GPU, and Ascend. Users provide data or models as the input and obtain training models or inference results. As core assets in the AI field, data and models are necessary for continuous security protection of AI systems.
We also provide suggestions on secure running of key components:
+ [MindSpore Security Usage Suggestions](https://gitee.com/mindspore/mindspore/blob/master/SECURITY.md)
+ [MindInsight Security Usage Suggestions](https://gitee.com/mindspore/mindinsight/blob/master/SECURITY.md)
To build a more secure AI framework, we sincerely invite you to join us.
## How to Report Security Issues to the MindSpore Community
If you find a suspected security issue, use [Suspected Security Issue Reporting Template](https://gitee.com/mindspore/community/blob/master/security/template/report-template_en.md) to report it so that the community vulnerability management team (VMT) is able to confirm and fix the issue as soon as possible with sufficient details. Your email will be confirmed within one working day. Within seven days, we will provide more detailed replies to your suspected security issues and provide the next-step handling policy.
To ensure security, please use the PGP public key to encrypt your email before sending it.
+ Security email address: <mindspore-security@mindspore.cn>
+ PGP public key:
```
-----BEGIN PGP PUBLIC KEY BLOCK-----
iQG2BCABCgAgFiEEwUbNw8zaTIe27U8lt42TVbzPfREFAl58v18CHQAACgkQt42T
VbzPfRGVswwAnSIi1fE0CzIkxPrhfcnfF+vx5y+qpk6ssFr5iFuepBSbA+ZGhaDn
ULYOkBMnGfrgzjw8OzMK7vKIgR2ymmuTJt9qpFH4OIXRX1OXoMYnkPxrQJFpNZpP
BvnxmEey0VOvz9Y3Fa4mHMjvA3I2pbSlH+T2wkGQRO5zhKN7NhQfRFgyFNQT2l5m
pPBdm+sAs5ty6eQuSZF1wECIW17WB53o171DTNbAPySEfOLvq0orNAJWjT4sR1jn
9M20t3DpjC5dZuMCUuZTbCgHkaLOo0ZkwMXV+dPkm/4hMWLVPxRvlkH02PI++KBl
N8cW+TZb1YN/va9Nrjh+Ah50Px2nmQ/fk60VHKj5hTb8U+PSPGlvWUALwb6ckm55
nUcBvFiDpe7uAtX88sv2kBR6gIbr0pW9JwOnBLjxGoM3lgfrIot1qFWdBGJrRnIo
bgMtm0PEcwRfHefJY//4BiDgg2ef9DIX7VSSb6rV0HJpNz0IAxyzG41BdSG+3dSb
ns0y2L0F2M+N
=HPa4
-----END PGP PUBLIC KEY BLOCK-----
```
## MindSpore Community Security Issue Disclosure Process
After receiving the issues, we will handle the security issues according to the following process:
+ After receiving suspected security issues, the vulnerability management team (VMT) immediately confirms the integrity of reported information and issue severity.
+ Organize community teams to carry out technical analysis, confirm issue details, and provide analysis reports.
+ Confirm the vulnerability and apply for CVE, communicate with the vulnerability reporter about the issue, align the subsequent fixing and release plan, and prepare the security advisory (SA).
+ Complete vulnerability patch development/verification and initiate restricted disclosure.
+ Publicly release patches and security advisory (SA).
## MindSpore Community Vulnerability Management Team (VMT)
The VMT consists of vulnerability management experts in the community. The team is responsible for coordinating the entire process from vulnerability receiving to disclosure, including:
+ Vulnerability collection: Suspected security vulnerabilities discovered by community members and external researchers can be reported to the VMT through <mindspore-security@mindspore.cn>.
+ Vulnerability tracking and handling: The VMT will record the confirmed vulnerabilities in the MindSpore community, confirm and fix the vulnerabilities, and keep effective communication with the reporter during the process.
+ Responsible disclosure: After vulnerabilities are properly fixed, the VMT will release vulnerability information to the community in the form of SA.
## MindSpore Security Advisory (SA)
None
## MindSpore Security Note (SN)
+ Some vulnerabilities of third-party open-source components need to be fixed by users.
+ Python 3.7.5 has the following vulnerabilities:
+ [CVE-2019-18348](https://nvd.nist.gov/vuln/detail/CVE-2019-18348)
+ [CVE-2020-8315](https://nvd.nist.gov/vuln/detail/CVE-2020-8315)
+ [CVE-2020-8492](https://nvd.nist.gov/vuln/detail/CVE-2020-8492)
+ Pillow 6.2.0 has the following vulnerabilities:
+ [CVE-2019-19911](https://nvd.nist.gov/vuln/detail/CVE-2019-19911)
+ [CVE-2020-5310](https://nvd.nist.gov/vuln/detail/CVE-2020-5310)
+ [CVE-2020-5311](https://nvd.nist.gov/vuln/detail/CVE-2020-5311)
+ [CVE-2020-5312](https://nvd.nist.gov/vuln/detail/CVE-2020-5312)
+ [CVE-2020-5313](https://nvd.nist.gov/vuln/detail/CVE-2020-5313)
security/cve-report_zh_cn.md 0 → 100644
浏览文件 @ 91d032f1
# MindSpore安全
MindSpore作为一个同时支持端/边缘/云场景的训练推理框架,在终端/边缘计算/云服务/网络设备/存储设备/5G等各个领域广泛使用,需要满足各场景下的应用安全性。
作为通用的计算框架,MindSpore可以运行在CPU/GPU/Ascend等不同的芯片平台上,用户提供数据/模型作为输入,并得到训练模型或者推理结果。数据和模型作为AI领域的核心资产,对AI系统持续开展安全防护,是非常必要的。
我们也提供了关键组件的安全运行建议:
+ [MindSpore安全使用建议](https://gitee.com/mindspore/mindspore/blob/master/SECURITY.md)
+ [MindInsight安全使用建议](https://gitee.com/mindspore/mindinsight/blob/master/SECURITY.md)
为了构建更安全的AI框架,需要您一起来参与。
## 如何向MindSpore社区上报安全问题
如果您发现了疑似安全问题,请您使用[疑似安全问题上报模板](https://gitee.com/mindspore/community/blob/master/security/template/report-template_zh_cn.md)进行反馈,以便社区漏洞管理团队在能够获得足够详细信息的条件下,尽快确认并修复问题。您的邮件将在1个工作日内得到确认,在7天内对您反馈的疑似安全问题提供更详细的回复,并给出下一步的处理策略。
鉴于安全问题的敏感性,请使用PGP公钥加密后发送。
+ 安全邮箱:<mindspore-security@mindspore.cn>
+ PGP公钥:
```
-----BEGIN PGP PUBLIC KEY BLOCK-----
iQG2BCABCgAgFiEEwUbNw8zaTIe27U8lt42TVbzPfREFAl58v18CHQAACgkQt42T
VbzPfRGVswwAnSIi1fE0CzIkxPrhfcnfF+vx5y+qpk6ssFr5iFuepBSbA+ZGhaDn
ULYOkBMnGfrgzjw8OzMK7vKIgR2ymmuTJt9qpFH4OIXRX1OXoMYnkPxrQJFpNZpP
BvnxmEey0VOvz9Y3Fa4mHMjvA3I2pbSlH+T2wkGQRO5zhKN7NhQfRFgyFNQT2l5m
pPBdm+sAs5ty6eQuSZF1wECIW17WB53o171DTNbAPySEfOLvq0orNAJWjT4sR1jn
9M20t3DpjC5dZuMCUuZTbCgHkaLOo0ZkwMXV+dPkm/4hMWLVPxRvlkH02PI++KBl
N8cW+TZb1YN/va9Nrjh+Ah50Px2nmQ/fk60VHKj5hTb8U+PSPGlvWUALwb6ckm55
nUcBvFiDpe7uAtX88sv2kBR6gIbr0pW9JwOnBLjxGoM3lgfrIot1qFWdBGJrRnIo
bgMtm0PEcwRfHefJY//4BiDgg2ef9DIX7VSSb6rV0HJpNz0IAxyzG41BdSG+3dSb
ns0y2L0F2M+N
=HPa4
-----END PGP PUBLIC KEY BLOCK-----
```
## MindSpore社区安全问题披露流程
收到问题后,我们将会按照如下流程处理安全问题:
+ 收到疑似安全问题后,漏洞管理团队(VMT)立即确认上报信息完整性和问题严重性;
+ 组织社区团队开展技术分析,确认问题细节,并给出分析报告;
+ 确认漏洞并申请CVE,与漏洞上报者开展问题沟通,对齐后续修复&发布计划,准备安全公告(SA);
+ 完成漏洞补丁开发/验证,启动受限披露;
+ 公开发布补丁和安全公告(SA)。
## MindSpore社区漏洞管理团队(VMT)
漏洞管理团队(Vulnerability Management Team)由社区内的漏洞管理专家组成,工作职责为协调漏洞从接收到披露的整个过程,包括:
+ 漏洞收集:社区成员和外部研究者发现的疑似安全漏洞,都可以通过<mindspore-security@mindspore.cn>上报给VMT;
+ 漏洞跟踪处置:VMT会将确认的漏洞录入MindSpore社区,并负责漏洞的确认/修复,期间会与上报者保持有效沟通;
+ 负责任的披露:漏洞得到妥善的修复后,VMT将会以SA的形式将漏洞信息发布到社区。
## MindSpore安全公告(SA)
## MindSpore安全说明(SN)
+ 第三方的开源组件部分漏洞需要用户自行修复:
+ Python 3.7.5存在如下漏洞:
+ [CVE-2019-18348](https://nvd.nist.gov/vuln/detail/CVE-2019-18348)
+ [CVE-2020-8315](https://nvd.nist.gov/vuln/detail/CVE-2020-8315)
+ [CVE-2020-8492](https://nvd.nist.gov/vuln/detail/CVE-2020-8492)
+ Pillow 6.2.0 存在如下漏洞:
+ [CVE-2019-19911](https://nvd.nist.gov/vuln/detail/CVE-2019-19911)
+ [CVE-2020-5310](https://nvd.nist.gov/vuln/detail/CVE-2020-5310)
+ [CVE-2020-5311](https://nvd.nist.gov/vuln/detail/CVE-2020-5311)
+ [CVE-2020-5312](https://nvd.nist.gov/vuln/detail/CVE-2020-5312)
+ [CVE-2020-5313](https://nvd.nist.gov/vuln/detail/CVE-2020-5313)
security/template/report-template_en.md 0 → 100644
浏览文件 @ 91d032f1
## Suspected Security Issue Reporting Template
| Content | Related Information |
| :------ | :------------------ |
| Reporter | |
| Contact | |
| Organization Info | Individual/Team/Company |
| Version Info | |
| Severity | Critical/Major/Minor |
| Problem Description | |
| Scenario | Platform information such as the operating system and business scenario. |
| Impact Scope | |
| Details | If it is a known public vulnerability, provide the CVE number. If it is not disclosed, provide the attack method and result, and attach necessary information such as related code and log. |
| Suggestions | |
security/template/report-template_zh_cn.md 0 → 100644
浏览文件 @ 91d032f1
## 疑似安全问题上报模板
| 内容 | 相关信息 |
| :--- | :------ |
| 上报人 | |
| 联系方式 | |
| 组织信息 | 个人/团队/公司 |
| 版本信息 | |
| 问题级别 | 致命问题/严重问题/一般问题 |
| 问题描述 | |
| 发生场景 | 操作系统等平台信息,业务场景信息等 |
| 影响范围 | |
| 详细信息 | 如果是已知公开漏洞,请提供CVE编号;如果是未公开问题,请提供攻击方法,攻击结果,并附上相关代码和日志说明等必要信息。 |
| 修复建议 | |
sigs.md 0 → 100644
浏览文件 @ 91d032f1
# SIGs - Special Interest Groups
As described in the MindSpore [governance](governance.md), Special
Interest Groups (SIGs) are persistent groups responsible for specific parts of
the project. SIGs have open and transparent proceedings to develop goals and
implement code contributions. SIGs are also responsible for ongoing maintenance
of the code in their areas.
## Joining a SIG
If you are interested in participating, please [join the discussion](https://mailweb.mindspore.cn/postorious/lists/)
in the respective list. Details about any upcoming meetings will also be shared
in the mailing list. SIG artifacts can be found in the [sigs repository](sigs).
## Current SIGs
| SIG name | Responsibilities |
| :------- | :--------------- |
| FrontEnd | This SIG is responsible for the development of MindSpore front-end expression. |
| Compiler | This SIG is responsible for the development of MindSpore high level graph compilation. |
| Executor | This SIG is responsible for the development of MindSpore back-end support for pipeline. |
| ModelZoo | This SIG is responsible for the development of MindSpore modelzoo and additional ops. |
| Data | This SIG is responsible for the development of MindSpore data processing and data format transformation. |
| GraphEngine | This SIG is responsible for the development of MindSpore graph engine for Ascend AI processor. |
| Visualization | This SIG is responsible for the development of MindSpore visualization tools. |
| Security | This SIG is responsible for the development of MindSpore security related tools. |
working-groups.md 0 → 100644
浏览文件 @ 91d032f1
# Working Groups
As described in the MindSpore [governance](governance.md), Working
Groups (WGs) are temporary groups formed to address issues that cross SIG
boundaries. Working Groups have a have a clear goal measured through specific
deliverables and disband after the goal is achieved. Working groups do not own
artifacts or feature code in the long term; they create glue codes,
specifications, recommendations, and/or code implementations for submission to
the relevant SIGs for approval and acceptance.
## Proposing a new working group
New Working Groups are created when there is sufficient interest in a topic area
and someone volunteers to be the chair for the group and submits a proposal to
the steering committee. The chair facilitates the discussion and helps
synthesize proposals and decisions.
## Joining a working group
Working Groups have most of their discussions on mailing list. If you are
interested in participating, please join the discussion in the respective list.
Details about any upcoming meetings will also be shared in the mailing list.
Working Group artifacts can be found in the [working-groups repository](working-groups).
Markdown is supported
0% .
You are about to add 0 people to the discussion. Proceed with caution.
先完成此消息的编辑!
想要评论请 注册