--
You received this message because you are subscribed to the Google Groups "blink-api-owners-discuss" group.
To unsubscribe from this group and stop receiving emails from it, send an email to blink-api-owners-d...@chromium.org.
To view this discussion on the web visit https://groups.google.com/a/chromium.org/d/msgid/blink-api-owners-discuss/CA%2BN6QZs%3DGbNPpVPwJx%3DPSbn_KvWSJqZfUzz4MfpNT1wyXRQRuQ%40mail.gmail.com.
I think that ideally in such a case, the guidance should be to run the OT one more release with the additive change, ensure it's working well for partners, and by then, we would coalesce into the case of "we want to ship the OT as is".Is that not feasible in the case where this has come up?
That's a fair point. I guess that depends on the level of risk related to the additional API surface (and how likely we are to get it wrong).
In cases where that risk is low (e.g. API was tested by partners behind a flag or obvious addition to the API shape), it makes sense IMO to enable a "smooth launch" in order to reduce OT friction.
On Tue, Aug 25, 2020 at 8:24 AM Yoav Weiss <yoav...@google.com> wrote:That's a fair point. I guess that depends on the level of risk related to the additional API surface (and how likely we are to get it wrong).Origin Trials are not required for shipping features. We leave it up to the judgement of the feature owners and the spec communities they interact with to decide if the current feature is done right.I think the only considerations we should take into account here are ones about risks to interop/burn-in or mis-use of the purpose of Origin Trials.In cases where that risk is low (e.g. API was tested by partners behind a flag or obvious addition to the API shape), it makes sense IMO to enable a "smooth launch" in order to reduce OT friction.Ok. Perhaps we should just ask the feature owner to just consider these and state as such for the record in their request for a smooth rollout?
To view this discussion on the web visit https://groups.google.com/a/chromium.org/d/msgid/blink-api-owners-discuss/CAL5BFfXK3mxPTAiKrp4BhUFf6aPKbonhkibcu_KctKFHy%3DhR%3DQ%40mail.gmail.com.
Generally speaking, I'm ok with this direction. It seems reasonable to suggest that when we discover some missing method in an API through developers' usage and feedback that we should not punish developers for sharing their experience, but allow them to continue using the API along with its extensions. Perhaps a middle ground would be to turn off signups for the given origin trial while allowing existing keys to continue working until the feature hits stable.That said, a concern that I have with this proposal is that it might bias us towards strictly adding additional methods to APIs rather than changing the APIs in a breaking way, even if we learn that some other spelling of an API would be a better fit for its users. Given that folks signing up for origin trial are explicitly signing up for breakage and change, I wonder whether it might be reasonable to widen the proposal to include shifting straight into breaking changes without pause for existing OT users That entails some risk, insofar as existing OT users would need to update their code to account for the change. I'm not sure how to weigh that risk against the annoyance of a critical feature disappearing for a milestone between OT and shipping.
On Thu, Aug 27, 2020 at 9:43 PM Mike West <mk...@chromium.org> wrote:Generally speaking, I'm ok with this direction. It seems reasonable to suggest that when we discover some missing method in an API through developers' usage and feedback that we should not punish developers for sharing their experience, but allow them to continue using the API along with its extensions. Perhaps a middle ground would be to turn off signups for the given origin trial while allowing existing keys to continue working until the feature hits stable.That said, a concern that I have with this proposal is that it might bias us towards strictly adding additional methods to APIs rather than changing the APIs in a breaking way, even if we learn that some other spelling of an API would be a better fit for its users. Given that folks signing up for origin trial are explicitly signing up for breakage and change, I wonder whether it might be reasonable to widen the proposal to include shifting straight into breaking changes without pause for existing OT users That entails some risk, insofar as existing OT users would need to update their code to account for the change. I'm not sure how to weigh that risk against the annoyance of a critical feature disappearing for a milestone between OT and shipping.FWIW, what we heard from developers that signed up for OTs is that they are more than willing to take on breaking changes (as that puts cost on them), but less willing to account for a gap in support (which puts the cost on their users/customers).So to me, that seems like the right tradeoff.
--
You received this message because you are subscribed to the Google Groups "blink-api-owners-discuss" group.
To unsubscribe from this group and stop receiving emails from it, send an email to blink-api-owners-d...@chromium.org.
To view this discussion on the web visit https://groups.google.com/a/chromium.org/d/msgid/blink-api-owners-discuss/CALgRrLkV1pO71j17H%2BAqON6RZr3jCpoX5HUVtLgh_npG_b7V7Q%40mail.gmail.com.
To add to that, per my original understanding of the purpose of the breakage period, cases where the API has changed in a breaking way would potentially be allowed to skip the breakage period, while APIs that haven't changed would require the period. But this thread sounds like it's the exact opposite of that now?
On Tue, Sep 15, 2020 at 3:21 PM Marijn Kruisselbrink <m...@chromium.org> wrote:Not entirely related to this thread, but are these "requirements" for when a breakage period is or isn't required written down anywhere? The only thing I could find mentioning this breakage period at all is the warning at the end of https://web.dev/origin-trials/, but the stated rationale there seems to be the exact opposite of the start of this thread. I.e. web.dev says that the breakage period is needed to not bias toward avoiding breakages in the API surface, yet the original post in this thread says " if the shipping form of a feature is identical to the form it takes during an Origin Trial " which seems to very much bias towards avoiding breakages in the API surface. Am I misunderstanding either of these?
On Tue, Sep 15, 2020 at 3:23 PM Marijn Kruisselbrink <m...@chromium.org> wrote:To add to that, per my original understanding of the purpose of the breakage period, cases where the API has changed in a breaking way would potentially be allowed to skip the breakage period, while APIs that haven't changed would require the period. But this thread sounds like it's the exact opposite of that now?I hadn't considered the former, but the latter does not require a break anymore as long as the API does not change at all in its shipped form. We already allowed that in at least one intent.
On Tue, Sep 15, 2020 at 3:21 PM Marijn Kruisselbrink <m...@chromium.org> wrote:Not entirely related to this thread, but are these "requirements" for when a breakage period is or isn't required written down anywhere? The only thing I could find mentioning this breakage period at all is the warning at the end of https://web.dev/origin-trials/, but the stated rationale there seems to be the exact opposite of the start of this thread. I.e. web.dev says that the breakage period is needed to not bias toward avoiding breakages in the API surface, yet the original post in this thread says " if the shipping form of a feature is identical to the form it takes during an Origin Trial " which seems to very much bias towards avoiding breakages in the API surface. Am I misunderstanding either of these?By bias, are you saying the API owner policy is over-optimized for one scenario, or are you saying there are perverse incentives for developers?
I think we did document the change about allowing no breaking period if absolutely nothing changed in the API, but perhaps I am wrong.
On Tue, Sep 15, 2020 at 4:22 PM Chris Harrelson <chri...@chromium.org> wrote:On Tue, Sep 15, 2020 at 3:23 PM Marijn Kruisselbrink <m...@chromium.org> wrote:To add to that, per my original understanding of the purpose of the breakage period, cases where the API has changed in a breaking way would potentially be allowed to skip the breakage period, while APIs that haven't changed would require the period. But this thread sounds like it's the exact opposite of that now?I hadn't considered the former, but the latter does not require a break anymore as long as the API does not change at all in its shipped form. We already allowed that in at least one intent.Any thoughts about the former? Specifically for the case of the native file system API where the API changed significantly between the OT and shipping to stable, yet we have partners asking if we can extend the origin trial till after the stable release (currently the OT expires one week before the planned stable release). I'm not sure what to answer since I can't actually find any documentation about the breakage period, and what I thought I understood about the reason for it appears to not be correct.
On Tue, Sep 15, 2020 at 3:21 PM Marijn Kruisselbrink <m...@chromium.org> wrote:Not entirely related to this thread, but are these "requirements" for when a breakage period is or isn't required written down anywhere? The only thing I could find mentioning this breakage period at all is the warning at the end of https://web.dev/origin-trials/, but the stated rationale there seems to be the exact opposite of the start of this thread. I.e. web.dev says that the breakage period is needed to not bias toward avoiding breakages in the API surface, yet the original post in this thread says " if the shipping form of a feature is identical to the form it takes during an Origin Trial " which seems to very much bias towards avoiding breakages in the API surface. Am I misunderstanding either of these?By bias, are you saying the API owner policy is over-optimized for one scenario, or are you saying there are perverse incentives for developers?That there are perverse incentives for feature developers to ship suboptimal API shapes to avoid the breakage period.I think we did document the change about allowing no breaking period if absolutely nothing changed in the API, but perhaps I am wrong.I can't find any documentation about the breaking period either way, so I would be happy if you could point me to whatever documentation exists.
On Tue, Sep 15, 2020 at 4:26 PM Marijn Kruisselbrink <m...@chromium.org> wrote:On Tue, Sep 15, 2020 at 4:22 PM Chris Harrelson <chri...@chromium.org> wrote:On Tue, Sep 15, 2020 at 3:23 PM Marijn Kruisselbrink <m...@chromium.org> wrote:To add to that, per my original understanding of the purpose of the breakage period, cases where the API has changed in a breaking way would potentially be allowed to skip the breakage period, while APIs that haven't changed would require the period. But this thread sounds like it's the exact opposite of that now?I hadn't considered the former, but the latter does not require a break anymore as long as the API does not change at all in its shipped form. We already allowed that in at least one intent.Any thoughts about the former? Specifically for the case of the native file system API where the API changed significantly between the OT and shipping to stable, yet we have partners asking if we can extend the origin trial till after the stable release (currently the OT expires one week before the planned stable release). I'm not sure what to answer since I can't actually find any documentation about the breakage period, and what I thought I understood about the reason for it appears to not be correct.You raise a good point. The purpose of the process is to prevent burn in of an API that is not shipped that prevents us from changing it... other owners, WDYT?
On Tue, Sep 15, 2020 at 3:21 PM Marijn Kruisselbrink <m...@chromium.org> wrote:Not entirely related to this thread, but are these "requirements" for when a breakage period is or isn't required written down anywhere? The only thing I could find mentioning this breakage period at all is the warning at the end of https://web.dev/origin-trials/, but the stated rationale there seems to be the exact opposite of the start of this thread. I.e. web.dev says that the breakage period is needed to not bias toward avoiding breakages in the API surface, yet the original post in this thread says " if the shipping form of a feature is identical to the form it takes during an Origin Trial " which seems to very much bias towards avoiding breakages in the API surface. Am I misunderstanding either of these?By bias, are you saying the API owner policy is over-optimized for one scenario, or are you saying there are perverse incentives for developers?That there are perverse incentives for feature developers to ship suboptimal API shapes to avoid the breakage period.I think we did document the change about allowing no breaking period if absolutely nothing changed in the API, but perhaps I am wrong.I can't find any documentation about the breaking period either way, so I would be happy if you could point me to whatever documentation exists.Right now there is a required breaking period unless the API is completely unchanged. We agreed in response to an earlier state of this thread to allow additional exceptions on a case-by-case basis, but the intent author has to explicitly ask for it and say why. If you want to you can ask for it in your case on blink-dev and supply reasoning. Otherwise I am happy to bring it up at the next API owners meeting this Thursday.
On Tue, Sep 15, 2020 at 4:30 PM Chris Harrelson <chri...@chromium.org> wrote:On Tue, Sep 15, 2020 at 4:26 PM Marijn Kruisselbrink <m...@chromium.org> wrote:On Tue, Sep 15, 2020 at 4:22 PM Chris Harrelson <chri...@chromium.org> wrote:On Tue, Sep 15, 2020 at 3:23 PM Marijn Kruisselbrink <m...@chromium.org> wrote:To add to that, per my original understanding of the purpose of the breakage period, cases where the API has changed in a breaking way would potentially be allowed to skip the breakage period, while APIs that haven't changed would require the period. But this thread sounds like it's the exact opposite of that now?I hadn't considered the former, but the latter does not require a break anymore as long as the API does not change at all in its shipped form. We already allowed that in at least one intent.Any thoughts about the former? Specifically for the case of the native file system API where the API changed significantly between the OT and shipping to stable, yet we have partners asking if we can extend the origin trial till after the stable release (currently the OT expires one week before the planned stable release). I'm not sure what to answer since I can't actually find any documentation about the breakage period, and what I thought I understood about the reason for it appears to not be correct.You raise a good point. The purpose of the process is to prevent burn in of an API that is not shipped that prevents us from changing it... other owners, WDYT?That sounds like the case where a API hasn't changed is exactly the case where skipping the breakage period should not be allowed... Changing an API significantly seems like a much stronger way of preventing burn in rather than having this breakage period (requiring breaking API changes was actually one of the options we originally discussed as an alternative for this breaking period when we designed the origin trial framework/process way back).
On Tue, Sep 15, 2020 at 3:21 PM Marijn Kruisselbrink <m...@chromium.org> wrote:Not entirely related to this thread, but are these "requirements" for when a breakage period is or isn't required written down anywhere? The only thing I could find mentioning this breakage period at all is the warning at the end of https://web.dev/origin-trials/, but the stated rationale there seems to be the exact opposite of the start of this thread. I.e. web.dev says that the breakage period is needed to not bias toward avoiding breakages in the API surface, yet the original post in this thread says " if the shipping form of a feature is identical to the form it takes during an Origin Trial " which seems to very much bias towards avoiding breakages in the API surface. Am I misunderstanding either of these?By bias, are you saying the API owner policy is over-optimized for one scenario, or are you saying there are perverse incentives for developers?That there are perverse incentives for feature developers to ship suboptimal API shapes to avoid the breakage period.I think we did document the change about allowing no breaking period if absolutely nothing changed in the API, but perhaps I am wrong.I can't find any documentation about the breaking period either way, so I would be happy if you could point me to whatever documentation exists.Right now there is a required breaking period unless the API is completely unchanged. We agreed in response to an earlier state of this thread to allow additional exceptions on a case-by-case basis, but the intent author has to explicitly ask for it and say why. If you want to you can ask for it in your case on blink-dev and supply reasoning. Otherwise I am happy to bring it up at the next API owners meeting this Thursday.So I'd just ask this in the intent-to-ship thread?
Now that we have features following this revised process, I realized a potential issue that I missed in my earlier read.The gapless process explicitly calls out "existing tokens" for continuation. I interpret that to mean that we should block new registrations for the trial, once the continuation has been approved?If so, that's not currently supported by the registration/renewal functionality in the OT console. Origin trial tokens are write-once - set to expire no later than the trial end date when issued, and cannot be updated. Any extension to a trial will require developers to renew, and be issued new tokens. Currently, the OT console has the ability to disable a trial, blocking tokens from being issued. However, it does not distinguish between new registrations and renewal of existing registrations.
It would be straightforward to add functionality to the OT console limit token issuance to renewals/existing registrations. But, I'm wondering about the rationale behind the limitation? Is there a specific risk to new developers joining the trial, given the feature is approved to ship shortly? Is it to prevent "soft launch" expectations from growing? I can imagine edge cases around such a limitation that might be counter to the intent. For example, new developers signup for trial when the I2S is sent, before the trial is changed in the OT console, skirting the limitation. Or conversely, an already registered partner needs to register a new origin after I2S, due some change in serving infrastructure.
On Friday, September 18, 2020 at 9:36:48 PM UTC-4 Alex Russell wrote
- To be approved for a gapless I2S, the API OWNERS will look for strong evidence from Origin Trial feedback (as referenced from the I2E thread or provided directly in the I2S) that developers are not requesting potentially breaking changes and are extraordinarily supportive of the feature launching as-is. Feedback from OT surveys, public blog posts, or testimonials from external developers in the thread about their experience with the API will all be considered
To view this discussion on the web visit https://groups.google.com/a/chromium.org/d/msgid/blink-api-owners-discuss/cef83caf-5348-421b-aea9-1767183440bdn%40chromium.org.
On Fri, Sep 25, 2020 at 8:15 AM Jason Chase <cha...@chromium.org> wrote:Now that we have features following this revised process, I realized a potential issue that I missed in my earlier read.The gapless process explicitly calls out "existing tokens" for continuation. I interpret that to mean that we should block new registrations for the trial, once the continuation has been approved?If so, that's not currently supported by the registration/renewal functionality in the OT console. Origin trial tokens are write-once - set to expire no later than the trial end date when issued, and cannot be updated. Any extension to a trial will require developers to renew, and be issued new tokens. Currently, the OT console has the ability to disable a trial, blocking tokens from being issued. However, it does not distinguish between new registrations and renewal of existing registrations.I thought we were planning to decouple the token itself from its expiry, so that sites don't need to re-deploy to get a refreshed token and instead just need to "ask to extend" on our dashboard. If we do that work would it solve this issue also?
It would be straightforward to add functionality to the OT console limit token issuance to renewals/existing registrations. But, I'm wondering about the rationale behind the limitation? Is there a specific risk to new developers joining the trial, given the feature is approved to ship shortly? Is it to prevent "soft launch" expectations from growing? I can imagine edge cases around such a limitation that might be counter to the intent. For example, new developers signup for trial when the I2S is sent, before the trial is changed in the OT console, skirting the limitation. Or conversely, an already registered partner needs to register a new origin after I2S, due some change in serving infrastructure.I think the rationale is to limit the scope of a "soft launch" yes. If it takes a little while to upgrade OT tech to match I don't think that is the end of the world.
On Friday, September 25, 2020 at 12:31:37 PM UTC-4 Chris Harrelson wrote:On Fri, Sep 25, 2020 at 8:15 AM Jason Chase <cha...@chromium.org> wrote:Now that we have features following this revised process, I realized a potential issue that I missed in my earlier read.The gapless process explicitly calls out "existing tokens" for continuation. I interpret that to mean that we should block new registrations for the trial, once the continuation has been approved?If so, that's not currently supported by the registration/renewal functionality in the OT console. Origin trial tokens are write-once - set to expire no later than the trial end date when issued, and cannot be updated. Any extension to a trial will require developers to renew, and be issued new tokens. Currently, the OT console has the ability to disable a trial, blocking tokens from being issued. However, it does not distinguish between new registrations and renewal of existing registrations.I thought we were planning to decouple the token itself from its expiry, so that sites don't need to re-deploy to get a refreshed token and instead just need to "ask to extend" on our dashboard. If we do that work would it solve this issue also?Not exactly, the plan is to decouple token expiry from the renewal feedback requirement, so new tokens aren't required every 6 weeks. The plan is that tokens can last the length of the trial, but still expire on the end date. That preserves the limited duration property of trials, without needing to change the client-side infrastructure in Chromium. (We have an internal design doc with details, I'll follow up on getting that shared publicly). As planned, it would not address the issue.We could explore alternatives that would remove the need to issue new tokens for a gapless extension. However, if the goal is to limit the "soft launch" aspect, it seems reasonable to keep the extra friction of requiring developers to get/deploy new tokens to cover the period until the feature ships. That friction is once per trial, and I believe we expect/hope that gapless extensions are the exception, not the rule.It would be straightforward to add functionality to the OT console limit token issuance to renewals/existing registrations. But, I'm wondering about the rationale behind the limitation? Is there a specific risk to new developers joining the trial, given the feature is approved to ship shortly? Is it to prevent "soft launch" expectations from growing? I can imagine edge cases around such a limitation that might be counter to the intent. For example, new developers signup for trial when the I2S is sent, before the trial is changed in the OT console, skirting the limitation. Or conversely, an already registered partner needs to register a new origin after I2S, due some change in serving infrastructure.I think the rationale is to limit the scope of a "soft launch" yes. If it takes a little while to upgrade OT tech to match I don't think that is the end of the world.Ok, sounds good. I'll come up with a plan for the OT console to handle gapless extensions, and limit to existing registrations.
On Fri, Sep 25, 2020 at 8:15 AM Jason Chase <cha...@chromium.org> wrote:Now that we have features following this revised process, I realized a potential issue that I missed in my earlier read.The gapless process explicitly calls out "existing tokens" for continuation. I interpret that to mean that we should block new registrations for the trial, once the continuation has been approved?If so, that's not currently supported by the registration/renewal functionality in the OT console. Origin trial tokens are write-once - set to expire no later than the trial end date when issued, and cannot be updated. Any extension to a trial will require developers to renew, and be issued new tokens. Currently, the OT console has the ability to disable a trial, blocking tokens from being issued. However, it does not distinguish between new registrations and renewal of existing registrations.I thought we were planning to decouple the token itself from its expiry, so that sites don't need to re-deploy to get a refreshed token and instead just need to "ask to extend" on our dashboard. If we do that work would it solve this issue also?It would be straightforward to add functionality to the OT console limit token issuance to renewals/existing registrations. But, I'm wondering about the rationale behind the limitation? Is there a specific risk to new developers joining the trial, given the feature is approved to ship shortly? Is it to prevent "soft launch" expectations from growing? I can imagine edge cases around such a limitation that might be counter to the intent. For example, new developers signup for trial when the I2S is sent, before the trial is changed in the OT console, skirting the limitation. Or conversely, an already registered partner needs to register a new origin after I2S, due some change in serving infrastructure.I think the rationale is to limit the scope of a "soft launch" yes. If it takes a little while to upgrade OT tech to match I don't think that is the end of the world.On Friday, September 18, 2020 at 9:36:48 PM UTC-4 Alex Russell wrote
- To be approved for a gapless I2S, the API OWNERS will look for strong evidence from Origin Trial feedback (as referenced from the I2E thread or provided directly in the I2S) that developers are not requesting potentially breaking changes and are extraordinarily supportive of the feature launching as-is. Feedback from OT surveys, public blog posts, or testimonials from external developers in the thread about their experience with the API will all be considered
I don't think this is quite what we agreed. An OT that has a breaking change can still request gapless; the key is only to show evidence of OT partner engagement and feedback. Other API owners, WDYT?