meta-ac icon indicating copy to clipboard operation
meta-ac copied to clipboard

Published 20 hours ago verified publisher icon ampproject

Horizontal reviews

Open tobie opened this issue 6 years ago • 15 comments

The TSC is currently organizing how to do horizontal reviews for security, privacy, and accessibility.

This is something where the input of the AC is really important.

tobie avatar Jan 19 '19 10:01 tobie

Should we split that up in three separate issues? LMK.

tobie avatar Jan 19 '19 10:01 tobie

Suggest we keep them together for the moment. Once we have a basic process, it might be worth splitting them out to focus on the differences, but for now we should get the basics in place.

I've had to request access to the thing about horizontal review you linked to BTW.

LJWatson avatar Jan 19 '19 11:01 LJWatson

I've had to request access to the thing about horizontal review you linked to BTW.

Tracking here: #9

tobie avatar Jan 19 '19 11:01 tobie

I've had to request access to the thing about horizontal review you linked to BTW.

Tracking here: #9

OK, so that's been solved for the minutes of every meeting but this one.

tobie avatar Jan 22 '19 22:01 tobie

Meeting notes are published here https://github.com/ampproject/meta-tsc/issues?utf8=%E2%9C%93&q=is%3Aissue+label%3A%22TSC+Meeting%22+ (for now not including the first meeting, because there we hadn't decided to publish them yet)

cramforce avatar Jan 29 '19 17:01 cramforce

I'm folding issue #8 into this one, as we've agreed during our 2019-01-29 call that both had similar enough process requirements to do so.

#8 is a request coming from the TSC to:

Make recommendation how to represent vertical concerns (publishing, e-commerce) in working groups.

There's two parts to this:

  1. input for the roadmap, and
  2. review of what's coming out of development (e.g. making sure that concerns of the different verticals are met or know to be out of scope when new features ship).

tobie avatar Jan 30 '19 09:01 tobie

A good first step here would be to figure out what is already being done in terms of horizontal reviews.

What process have been set up, if any?

What WG are in charge of them?

Are there specific labels applied to those issues? Pull request / issue templates? Etc.

@sumodas, @levidurfee can you split-up the work between you and report here?

tobie avatar Jan 30 '19 09:01 tobie

@sumodas: would love to assign you too 😈, but I can't until you accept to join the ampproject organization.

tobie avatar Jan 30 '19 20:01 tobie

Thanks, @tobie ! I'll spend some time on this issue over the weekend :)

levidurfee avatar Feb 01 '19 01:02 levidurfee

(Sorry for re-assigning you, @levidurfee. I wanted to add @sumodas, but he's not a member of the org yet. So there must be some weird UI-issue where that reset the assignees altogether.)

tobie avatar Feb 01 '19 08:02 tobie

Security

It looks like LGTM is used to for security analysis. I didn't see any labels for security.

Privacy

I couldn't find anything in regards to how privacy is handled. I didn't see any labels for privacy.

Accessibility

There is a label for accessibility. Requiring all amp-modules be tested by lighthouse is brought up in issue #19281.

levidurfee avatar Feb 02 '19 20:02 levidurfee

We discussed this issue on our last call, but don't have a lot of notes for it.

I think what we'd want to end-up with here, is state-of-the-art solution for making sure that these various horizontal and vertical concerns are formally brought up and addressed when new features are suggested (or important changes are made to existing ones).

This probably involves:

  • some process changes,
  • some related changes e.g. to pull request templates,
  • additions to the responsibilities of certain WG,
  • the creation of dedicated working groups for verticals (similar to W3C interest groups),
  • etc.

Good examples that come to mind of horizontal reviews occur in Chromium during Intent to Implement and Intent to Ship phases (see for example the bug template which includes a list of horizontal teams that need to approve it).

W3C also has similar solutions with:

  • TAG reviews,
  • reviews by interest groups (which tend to represent industries, e.g.: automotive, mobile, TV, etc.),
  • Accessibility reviews,
  • etc.

I believe our deliverable should be an "opinion" for the TSC in the form of a problem statement (ideal, reality, consequence, proposal).

We should set some time on the agenda in London to move forward with this.

tobie avatar Mar 18 '19 12:03 tobie

@sumodas can you join us by VC during the London F2F to discuss this? If so, could you please add this topic to one (or two?) agenda slots in https://github.com/ampproject/meta-ac/issues/22? All times are London times.

tobie avatar Mar 25 '19 23:03 tobie

Some updates to this issue in the London F2F minutes on the accessibility front in particular:

  • [x] reach out to TSC/Accessibility WG and ask for audit of existing components.
  • [ ] ~~reach out to TSC/Documentation WG to ask for related improvements to documentation.~~
  • [x] organize meeting with a11y WG. Either invite them to AC meeting or join one of their calls (@tobie).
  • [ ] ~~author review requirements for a11y. Share them with the TSC/a11y WG.~~
  • [ ] reach out to TSC to ask for list of privacy/security requirements required to ship a new feature.

tobie avatar May 11 '19 09:05 tobie

Additional updates from the London F2F on the verticals groups:

  • Vertical groups could be AC, while horizontal review is clearly TSC.
  • Goal is to be more inclusive
  • The AC suggests W3C-inspired "interest groups."
  • Open membership
  • Conversations are public (or Chatham House Rule)?
  • How do we create a group?
  • Non-binding advisory role
  • Similar creation requirements as working groups
  • AC responsible? Still TBD

@tobie to:

  • [ ] formalize proposal,
  • [ ] get it approved by AC, and
  • [ ] send it to TSC for consideration.

tobie avatar May 20 '19 16:05 tobie