This is Department of Commerce (DOC) guidance for how DOC uses GitHub. We are using GitHub to share code and content in the spirit of collaboration and open government. Other agencies and organizations may use social media differently. This guidance covers DOC’s GitHub account and the accounts of DOC bureaus.
Remember that your official activities online are subject to applicable Federal law, ethics regulations, and agency policies. Existing policies and guidance for accessibility, privacy, external site links, cookies, and writing style apply to social media tools as well.
GitHub is a third-party website that offers code repositories that developers can use to collaborate on software development projects in real-time. Many users also use GitHub to publish and track documents, such as style guides and policies. In addition, GitHub provides social networking features that allow developers to follow open source projects, share code, and learn how code changes are made throughout the development process. The public can submit suggested changes to a developer’s content that the developer can accept and integrate. GitHub is so named because it uses the open source version control system called Git. Learn more about GitHub and how to use it.
GitHub offers free public repositories for open source projects as well as subscription-based private repositories for closed projects. DOC has created an organization account with GitHub, which includes a limited number of private repositories and unlimited public repositories. DOC staff interested in using GitHub to post content must create a repository in the DOC account that is applicable to the staff’s project. Project documents are grouped by GitHub repositories. If your project is a DOC-wide project, then you must create a repository on http://www.github.com/commercegov. If your project is a project owned by a bureau under the Department of Commerce, you may use the bureau’s GitHub account. Your bureau’s GitHub account must include at least two bureau employees as a part of the bureau's owners group. Questions can be directed to the DOC Office of Digital Engagement at webmaster@doc.gov, or to the Deputy Director of Digital Strategy, Alicia Sowah.
All users (from DOC and its bureaus) should
- Use a real picture as their GitHub profile pic.
- Enable two-factor authentication for their Github account.
Who May Have Administrative and Write Access to the Department of Commerce GitHub Account or Official DOC Bureau GitHub Accounts? Who may be team members?
DOC civil service staff may be account owners and team leaders with administrative level rights, giving them the ability to create repositories and assign team members to their GitHub projects. Both DOC civil service staff and authorized contractors may be team members able to contribute content to existing repositories. Under no circumstances may non-DOC staff, unauthorized contractors, or members of the public become team members. The public can make pull requests, comment, and make content suggested edits to your content. Pull requests are the heart of collaboration on GitHub. When GitHub members make a pull request, they are proposing their changes to your content and requesting that you pull in their contribution. They will not be allowed to make actual changes until you review and approve those changes.
- Get approval from your supervisor to proceed.
- Login to the DOC Social Media Application Tracking System and apply for permission to create a Github account. You must register with your work email, which should be independent from any personal account you may have on Github.
- Get approval from the information owner of the DOC software or code that you want to put on GitHub. Permission from the information owner ensures that DOC or the DOC bureau allows the information to be placed on GitHub private repositories for internal collaboration or on GitHub public repositories for internal collaboration, public comment, and public use.
- Forward your approval from your manager and the information owner to your bureau’s normal approvers for web content.
- Upon approval from the proper web content approving authority, post the code, and share the link with the data owner and the web content approving authority.
The DOC GitHub account can be used to publish DOC software, design patterns, style guides, documents, and code as open source, making the content available for developers to fork and build upon for their own projects. Developers also may help you by commenting on your content with suggested improvements and questions. In order to comply with the Department of Commerce’s Social Media Policy (intranet link), data and software code posted in a public repository on GitHub must be available on DOC’s public website or a DOC bureau’s public website. If you are publishing to a public repository on DOC’s main GitHub account or a DOC bureau's GitHub account, and this will be the only source of the code, then you must download a quarterly copy of that content from the GitHub repository and publish it on your agency or bureau official website. Your project plan must include quarterly download and publication for every quarter that there are changes made to the GitHub repository. Each project published on a GitHub repository must be recorded in the DOC Social Media Application Tracking System.
Bureaus may only post content in which the DOC has the right to share or distribute. Content that was created solely by DOC employees in the course of their employment may be shared subject to this policy. Before posting content, the bureau must determine whether any part of the content was created by a DOC contractor or a third party. If the content was created in whole or in part by a contractor, the bureau must determine whether the contractor has assigned all its rights in the content to DOC. If the bureau is either unable to determine whether the content was created by a contractor or unable to verify that the contractor has assigned its rights to DOC, then the bureau must not post the content that was created by or subject to the contractor’s contributions. Content created by third parties (not DOC employees or contractors) may not be shared except as permitted by the terms of the applicable license, including any open-source licenses.
It is your responsibility to ensure your content contains only content that DOC has a right to share. It is also your responsibility to ensure that any content we share pursuant to a license comports with the terms of the license, including open-source licenses. Failure to do so could lead to legal ramifications for your project and the Department. If you have questions about whether DOC has been assigned all rights in content created by a contractor, please first consult the contracting officer responsible for the contract under which the content was created. If there remain outstanding legal questions about DOC’s legal rights in the content and the ability to share the content, please consult the Office of General Counsel’s General Law Division.
All projects posted to a DOC or DOC bureau GitHub public repository must include a link to the location where the project code resides on the DOC or DOC bureau public website, as well as the following disclaimer in a README file:
“The United States Department of Commerce (DOC) GitHub project code is provided on an ‘as is’ basis and the user assumes responsibility for its use. DOC has relinquished control of the information and no longer has responsibility to protect the integrity, confidentiality, or availability of the information. Any claims against the Department of Commerce stemming from the use of its GitHub project will be governed by all applicable Federal law. Any reference to specific commercial products, processes, or services by service mark, trademark, manufacturer, or otherwise, does not constitute or imply their endorsement, recommendation or favoring by the Department of Commerce. The Department of Commerce seal and logo, or the seal and logo of a DOC bureau, shall not be used in any manner to imply endorsement of any commercial product or activity by DOC or the United States Government.” After you have published your content to a DOC bureau’s public GitHub repository, you must email the DOC Office of Digital Engagement at webmaster@doc.gov, or the Deputy Director of Digital Strategy, Alicia Sowah, with the link to your repository so that the DOC GitHub account can “watch” your repository and be notified of updates. DOC will do this by selecting the “Watch” button at the top of your repository. All DOC bureau public repositories should be “watched” by DOC GitHub administrators so that they appear on the administrators’ dashboards.
When new code is posted to a DOC or DOC bureau GitHub public repository, they should be accompanied by the following statement, in a LICENSE file in the repository:
“Software code created by U.S. Government employees is not subject to copyright in the United States (17 U.S.C. §105). The United States/Department of Commerce reserve all rights to seek and obtain copyright protection in countries other than the United States for Software authored in its entirety by the Department of Commerce. To this end, the Department of Commerce hereby grants to Recipient a royalty-free, nonexclusive license to use, copy, and create derivative works of the Software outside of the United States.”
By publishing your government content to a public GitHub repository, you are making it freely available to the public for download and use.
If you wish to allow those outside of the federal government to offer their own contributions (such as code improvements or bug fixes), then you must include in the repository a CONTRIBUTING file containing the following language: “By submitting a pull request, you grant to the U.S. Department of Commerce lifelong, paid-up, worldwide, non-exclusive permission to reproduce, use for Governmental purposes, and further disseminate your contributions in all media now existing or to be created in the future, including posting to the U.S. Department of Commerce’s GitHub or the Github repositories of Commerce’s component bureaus.”
When considering what content to post on GitHub, no distinction should be made between the public and private GitHub repositories. The private repositories are only meant to provide a closed environment for working projects not yet ready for public use and should never contain sensitive code. All DOC projects hosted on GitHub should be suitable for eventual public access. For questions about DOC's GitHub account or this guidance document, please contact the DOC Office of Digital Engagement at webmaster@doc.gov, or the Deputy Director of Digital Strategy, Alicia Sowah.
Social Media tools, like other web-based applications, whether inside the DOC network or in the other areas of the Web, must make every effort to comply with Section 508 and other policies on accessibility, privacy, and record keeping. In some rare instances, it's not possible to redesign an outside system to be accessible, but it's usually possible to link back to equivalent information on a DOC website. A DOC email address must always be visible on a DOC or DOC bureau GitHub site for users who require alternative methods of accessing the information posted.
The Department of Commerce’s Privacy Policy applies to any DOC or DOC bureau GitHub site or repository.
When applicable, GitHub publications made by DOC should comply with The Plain Writing Act of 2010, which requires federal agencies to write "clear Government communication that the public can understand and use."
GitHub comments from and to the public will adhere to DOC’s Comment Policy.
If you do not see your official DOC GitHub account listed, please contact the DOC Office of Digital Engagement at webmaster@doc.gov, or the Deputy Director of Digital Strategy at webmaster@doc.gov, Alicia Sowah.