The audit happens completely in the version control platform and is designed to fit in to a regular agile software development process. When a contribution is presented for inclusion in the codebase, a Foundation for Public Code staff auditor familiar with the codebase will provide a review or certify the contribution.
The review or certification will happen within 2 business days to enable agile development and not block users and maintainers from making progress.
The codebase maintainers will be notified when a contribution passes the audit and is certified.
As a help to review a codebase, this template can be used.
List of assessments
For any codebase where there is not yet an explicit agreement to publish an assessment, or one in progress, add the link to the assessment to this spreadsheet (only accessible for staff).