[HTTPS-Everywhere] Avira wants to contribute
Jacob Hoffman-Andrews
jsha at eff.org
Wed Feb 25 09:53:13 PST 2015
Hi Thorsten! Thanks for writing, I appreciate the help.
On 02/25/2015 01:19 AM, Thorsten Sick wrote:
> We are planning to ship a (more) secure browser soonish. I see it as a
> distribution.
Great! I'm sure you know, but the most important part of shipping a more
secure browser is making sure you have a good update mechanism and
shipping security fixes in a very timely manner once they are fixed
upstream. This has been a stumbling point in the past for similar
projects like WhiteHat Aviator:
https://plus.google.com/+JustinSchuh/posts/69qw9wZVH8z
> - Developing of the Chromium part of HTTPS-everywhere
This already exists, but could definitely use more work. In particular
we have two high-priority bugs on the Chromium port that I haven't been
able to get to:
https://github.com/EFForg/https-everywhere/issues/741
https://github.com/EFForg/https-everywhere/issues/760
> - Modifying Chromium to fit the needs of HTTPs-everywhere (i've been
> told there are issues....maybe someone has details)
It's fairly good. There are some low-level APIs we are missing. This
probably isn't the most useful area of contribution.
> - Internationalisation
This would be really great! We already have internationalization for the
Firefox version, so if you add internationalization to the Chrome port
you should try and use the same input files, since there are a lot of
shared strings.
> - Maybe some usability testing ?
This would also be good.
The other useful thing to help with: I recently incorporated automated
ruleset testing into our process. You can read more about it at
https://github.com/EFForg/https-everywhere/blob/master/ruleset-testing.md and
https://github.com/EFForg/https-everywhere/blob/master/ruleset-style.md.
As a result, I disabled a large number of rules:
https://github.com/EFForg/https-everywhere/pull/1036
In the comments on that pull request I listed some relatively
high-ranked sites that I automatically disabled for failing the tests.
If you have time to fix those rulesets so they pass the automated tests
for both coverage and fetching, that would be great.
> How do we best contribute ? How to best post Pull Requests and how is in
> charge of merging them in ? Is this repo
> https://github.com/EFForg/https-everywhere the one to fork and
> contribute to ?
Yes, that's the right repo. The easiest way to contribute is to send
pull requests and I or someone else with access will merge them.
> What is the best communication channel ?
This list is good.
More information about the HTTPS-Everywhere
mailing list