Code Signing Policy

DCOR-Aid uses free code signing provided by SignPath.io, certificate by SignPath Foundation. These binaries can be downloaded from the release page.

Project Integrity

To verify the integrity of DCOR-Aid, we manage access to the DCOR-Aid repository via GitHub Team roles:

  • Triage: The Members team of DCOR-dev has permission to triage (e.g. modify issues).

  • Core: The Core team of DCOR-dev consists of people who are trusted to modify the source code in the project’s version control system without additional reviews.

  • There is no special role for Commiters. External contributors or members of the Triage team must create a pull request which is reviewed by a Core team member.

  • Furthermore, we enforce 2FA for every member of the DCOR-dev GitHub organization.

Privacy Policy

You can find the privacy policy for the default DCOR instance hosted by the Max Planck Gesellschaft at https://dcor.mpl.mpg.de/privacy. If you are connecting to a different DCOR instance, please contact the corresponding provider.