ort icon indicating copy to clipboard operation
ort copied to clipboard

Published 20 hours ago verified publisher icon oss-review-toolkit

Provide means to flag non-inclusive language

Open fviernau opened this issue 2 years ago • 5 comments

Flagging non-inclusive language in ORT can make it easy for companies to enforce their respective policy. ORT may examine the code as well as the VCS history (e.g. prior to open sourcing a project).

Details TBD, as starter see e.g. [1].

[1] https://github.com/dialpad/inclusive-language

fviernau avatar Aug 02 '22 14:08 fviernau

Woke is a tool that already exists to help with checking inclusive language. Also relevant the Inclusive Naming Initiative that facilitates discussion on inclusive language to hopefully come to a more definitive set of terms that should be avoided.

I dislike the ever expanding scope of ORT, but if this feature is desired it shouldn't be too hard to integrate the Woke software in ORT.

nicorikken avatar Aug 03 '22 06:08 nicorikken

@nicorikken Bit of background on this feature - for compliance purposes we always wanted to be able to check project's Git history and source code for internal (product) code names prior to open-sourcing. We also wanted to do inclusive naming checks and both of them needs a string-based search scanner.

Not sure if Woke can also check VCS commit history.

tsteenbe avatar Aug 03 '22 07:08 tsteenbe

At least it is possible via git bisect, which is a use-case that is discussed here: https://github.com/get-woke/woke/issues/85#issuecomment-864507254

nicorikken avatar Aug 03 '22 11:08 nicorikken

I dislike the ever expanding scope of ORT

I'm also a bit skeptical here... esp. when going as far as checking for things like inclusive language.

for compliance purposes we always wanted to be able to check project's Git history and source code for internal (product) code names prior to open-sourcing

I believe the whole "prior to open-sourcing" workflow is one that's different enough from our original / main "open source compliance" workflow that it at least justifies another tool in ORT (maybe something like a "publisher" / linter), and is probably not something that should be mangled into the advisor. Or, the existing advisor should be largely refactored to be explicitly designed to support very different kinds of advises (more than just vulnerabilities and defects currently).

sschuberth avatar Aug 13 '22 08:08 sschuberth

@sschuberth it would not be an advisor but more a new scanner plus new evaluator helper functions as non-inclusive language or "compliance string" checks are commonly only done on the source code / VCS history

tsteenbe avatar Aug 25 '22 07:08 tsteenbe

@fviernau, @tsteenbe, now that we have a ProjectSourceRule, would it be fair to close this very specialized use-case in favor of saying it's up to the user to write evaluator rules that use ProjectSourceRules to inspect the project's source code / VCS history?

sschuberth avatar Jan 26 '23 07:01 sschuberth

Closing this as agreed on in today's Community Meeting as it's too specific for a first-class feature and can already be implemented via Evaluator rules.

sschuberth avatar Jan 26 '23 10:01 sschuberth