Submodule restructure: Tracking Protection -> URL Classifier

[Gian-Carlo Pascutto]

Hi all,

currently SafeBrowsing is wedged into the (DOM) Content Security module,
even though the relevant code is unrelated and the relevant peers and
owners can't review each others' code. We also have a "Tracking
Protection" module, which is separate even though a lot of client side
code is shared with SafeBrowsing and the server-side code is essentially
a SafeBrowsing server. The module owner no longer works on it and the
peers are two managers which AFAIK aren't reviewing anything.

So, we'd like to pull SafeBrowsing out of Content Security and merge it
with Tracking Protection into a new module, URL Classifier, and set the
owners/peers to the people actually working on it.

Name: URL Classifier
Description: Database and list-based classification of URL resources,
such as Tracking Protection and SafeBrowsing.
Owner: Gian-Carlo Pascutto, Ryan Tilder
Peer(s): Francois Marier, Ryan Kelly
Source Dir(s):
toolkit/components/url-classifier
netwerk/base/src/nsChannelClassifier
https://github.com/mozilla-services/shavar
URL:
https://wiki.mozilla.org/Phishing_Protection
https://wiki.mozilla.org/Privacy/Roadmap/Tracking
https://wiki.mozilla.org/Security/Features/Application_Reputation
Discussion Group: mozilla.dev.platform

--
GCP

[Mike Connor]

So, my main question/concern is that you're combining the server and the
client code. Can either of the Ryans review Gecko code? (They're smart
people I like, I just don't know if this makes sense.)

Is this two modules, or should there be an overall module to cover stuff
like protocol/API changes, but the code is in submodules?

> _______________________________________________
> governance mailing list
> gover...@lists.mozilla.org
> https://lists.mozilla.org/listinfo/governance
>

[Gian-Carlo Pascutto]

On 09-07-15 17:57, Mike Connor wrote:

> So, my main question/concern is that you're combining the server and
> the client code.

I'm not doing this. It is already the case under Tracking Protection and
this part doesn't change.

> Can either of the Ryans review Gecko code? (They're
> smart people I like, I just don't know if this makes sense.)

No, I do not think that makes sense, although for obvious reasons it's
good if the two teams are aware of what the other is doing.

> Is this two modules, or should there be an overall module to cover
> stuff like protocol/API changes, but the code is in submodules?

I don't know. You can say these are two modules (server + client), but
at some point you have to stop making subdivisions and whoever made the
original module seemed to think this was a reasonable place - and I agree.

We could mention (server) or (client) next to the owners/peers to help
people figure out whom they need to talk to.

--
GCP

[Doug Turner]

I approve of this change.

[Francois Marier]

On 09/07/15 16:05, Gian-Carlo Pascutto wrote:
> URL:
> https://wiki.mozilla.org/Phishing_Protection
> https://wiki.mozilla.org/Privacy/Roadmap/Tracking
> https://wiki.mozilla.org/Security/Features/Application_Reputation

These are better URLs for the last two:

https://wiki.mozilla.org/Security/Tracking_protection
https://wiki.mozilla.org/Security/Application_Reputation

> Discussion Group: mozilla.dev.platform

Would mozilla.dev.security be more appropriate?

Francois

[Gian-Carlo Pascutto]

On 10/07/2015 16:27, Francois Marier wrote:

>> Discussion Group: mozilla.dev.platform
>
> Would mozilla.dev.security be more appropriate?

There's some signs that it will get users outside of security features,
so maybe not.

--
GCP