[HTTPS-E Rulesets] Improving the ruleset merging process

Peter Eckersley pde at eff.org
Fri Mar 2 12:21:25 PST 2012 

Currently, rulesets are submitted to HTTPS Everywere by two main methods:

- Emailing the ruleset inline or as a patch to this mailing list.  Some but
  not all contributors are also subscribed here.

- Pushing the rulesets to a git remote and then sending a pull request to this
  list (in fact, the pull request is often not necessary the second time you
  contribute via git -- I regularly do a "git remote update" to scan a large
  number of known remote repositories for contributions).

In general, the second method works much faster than the first one (the
exception is large collections of rules from HTTPS Finder, which often
produces rulesets that are buggy and not safe to ship).

The first method tends to work in the end: Seth is able to sweep the archives
eventually but it can take a while and submissions are sometimes missed.

However it seems that we would offer a better experience to non-git
contributors if we merge their submissions faster.  It seems there are a few
different ways we could try to do this:

1. Do a better job of teaching most contributors to use git.  Perhaps a very
tuned guide to making a github account and using it for https everywhere could
achieve this, but I'm not very optimistic.

2. Find some more volunteer Ruleset Librarians to grab rulesets from the
list, look them over, and commit to a git repo that we will pull from
quickly.

3. Create some other submission / review process.  Perhaps a web form where
anyone can submit a ruleset, and any developer can come along and sign off on
it, and it then gets robo-committed to a repository branch.

4. Make a web form that robo-commits valid XML rulesets to a git branch
somewhere, and then any git-using developer can merge, edit, reject (git rm?),
or cherry pick things from that branch.

What do people think about the merits of these options?

-- 
Peter Eckersley                            pde at eff.org
Technology Projects Director      Tel  +1 415 436 9333 x131
Electronic Frontier Foundation    Fax  +1 415 436 9993

More information about the HTTPS-Everywhere-Rules mailing list