Clarify contribution guidelines
Opened this issue · 4 comments
The contribution guidelines in the B&A repo currently state that the project is not accepting contributions. At least from the Azure side, we would like to start contributing to add support for deployments in Azure. And I am sure there are other looking to contribute too.
One other thing that I think we'll need to do is to standardize the contribution policies across Privacy Sandbox repos - each of the BA, KV, and data-plane-shared repos have slightly different language about this right now and it's confusing.
I don't think that's deliberate, it's more that we haven't needed to figure this out until now and this is a good reason to prioritize doing that work.
There're a few related things that I think we should figure out (and which I'll put on the agenda for the next WICG call):
- As people are contributing code, what sort of support model should we use? (I'm wondering who'll be maintaining the code after it's merged, etc.)
- Code style guidelines. I think these are all enforced with the pre-commit scripts but I'd like to confirm that just so we don't run into differences of opinion later that're difficult to clear up.
- Design review processes. For bigger changes that might have privacy or security implications we should start talking about how we'll go through those.
Just so that I don't forget: we talked about design review processes in the call on the 17th January.
I'm going to follow up and do some research on how other Open Source projects handle doing design reviews (including privacy and security evaluations) in public and then come back to the group to see whether there's a process that we can borrow and customize.
As some background, this is how the Chromium Open Source project handles public design reviews:
- Changes to the rendering engine, Blink, go through this process.
- This is the design review doc template.
- Some things go to the W3C TAG group for review.
- This page has a good walkthrough of the overall process.