[HTTPS-Everywhere] persistent user-generated rules

Yan Zhu yan at eff.org
Sun Jan 12 20:58:24 PST 2014 

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA512



On 01/12/2014 08:42 PM, John Stinson wrote:
> Is there a measure of how non-technical / easy the submission of
> new or changed rules should be? It's currently email, would a git
> repo which people could submit pull requests against be too far in
> the technical direction?
> 

Probably moderately-technical. We already assume that people who
submit rulesets have some basic understanding of regular expressions.
I think we also implicitly assume that they have some basic
understanding of git (ex: how to format a patch for email submission).

We already have a git repo where people can submit pull requests, and
it's used fairly often (more so than emailed patches).
https://github.com/EFForg/https-everywhere

Personally, as a ruleset library maintainer, I would prefer everyone
who submits rules to do so as pull requests or email-formatted
patches, both of which require some git knowledge.

> How well verified / "policed" (for lack of a better term) are the 
> current ruleset submissions? Is there anything that (in theory)
> prevents me from submitting rules for an arbitrary site, and
> perhaps subtly doing something nasty?
> 

Great question! I manually test every ruleset before merging.

pde also does a bunch of ruleset merges from a single contributor who
contributes a significant percentage of new rules (>50%, I think). I
doubt those get tested one-by-one anymore.

- -Yan
> -- - John K. Stinson
> 
> 
> _______________________________________________ HTTPS-Everywhere
> mailing list HTTPS-Everywhere at lists.eff.org 
> https://lists.eff.org/mailman/listinfo/https-everywhere
> 

- -- 
Yan Zhu                           yan at eff.org
Technologist                      Tel  +1 415 436 9333 x134
Electronic Frontier Foundation    Fax  +1 415 436 9993
-----BEGIN PGP SIGNATURE-----

iQEcBAEBCgAGBQJS03JtAAoJENC7YDZD/dns844H+gKal6SaTy7shmSp4EYewJNI
PVLAA18ZNQuXm4Ye9a2t4rCX/qu/oyo/1FmZK8fS1N+Z8yTi3KQqI2ATW0VWLtlX
fr+gRBf1FU62hTYdD39bdBwa9BS9pyG7B0VhE0ruoojQUbBFFAEisj2U90xWM9jW
eMcS6N/Gn/H2LEgWJAXfXG4AVzKcJ/COvnJuVh1CPrvvwl+VMgG/tfR1BV6F12/M
98LVxWlKEqHai1o2QouT9iEgb1ZP51WjClamW1QZXvrB0/24M318fOLRbD/N7CCp
5PT+bbEVkj2C00tCjQMklxBJQslnFA00hZ3vyPCdbUWXKUgskmiwKETJpLkCOtI=
=zCN6
-----END PGP SIGNATURE-----

More information about the HTTPS-Everywhere mailing list