Whether you are the contributor of a plugin, a maintainer or a developer and you use the JFrog CLI Plugins Registry (“Registry”), you are expected to abide by the following guidelines (“Guidelines”).
Violations may result in the removal of the plugin and/or its data from the Registry until the issues are resolved. Plugin data, such as user reviews and code, may not be restored depending on the nature of the violation.
It is your responsibility to make sure that your contact information in your GitHub user is accurate, in order for you to receive all notifications from us or support requests from other users.
-
Representation and Ownership. Any plugin that you upload to the Registry should adhere to and comply with the Developer's Certificate of Origin 1.1 which basically means that you are the owner of the plugin you upload or that you have all rights to do so.
-
Content of the Plugin. You are solely responsible for the content of your plugin and for its performance. You are required to ensure that all files distributed as part of your plugin or otherwise included therein are in compliance with these Guidelines and with any and all applicable third party licensing requirements.
-
Open Source License. All plugins that are uploaded to the Registry should be licensed under a license that meets the requirements of the Open Source Definition or the Free Software Definition. We recommend using Apache 2.0
-
Free. The plugins should not include any functions that are either locked or are otherwise restricted unless being paid for.
-
Security. All code and documentation you upload should be made as secure as possible and in accordance with industry best practices. Security of the plugin is your sole responsibility and we encourage you to remedy any vulnerabilities that are found therein, or we will have to remove it from the Registry.
-
Readable Code. We ask that each plugin that is being uploaded will also include a human readable code and without any features and techniques that obfuscate or mangle the code.
-
Users Privacy. As we strive to protect the privacy of our users, collecting and sending personal information outside of the users network is prohibited, unless users provide their consent (via an “opt-in” mechanism).
-
Running Additional Executable Software. The plugins should not execute or cause any other third party code to operate and run within the plugin without making it clear to the user.
-
Code of Conduct. You and your plugin should not do anything that is illegal, offensive or in any way disrespectful to others. We expect that you assist us in following these easy guidelines:
- a. Be respectful for others
- b. Be collaborative and assist others
- c. Don’t provide false representation and information regarding yourself or your plugins
- d. Don’t introduce malware and malicious code to users via the plugin
- e. Refrain from harassment of any kind
- f. You or your plugin should not do anything illegal.
-
Liability and Support. You acknowledge that JFrog will not take any liability in connection with the plugin and will not provide support to the plugin - end users will need to approach you in order to resolve issues with the plugin. Having said that, JFrog will assist if such issues are caused by the package built by JFrog