4455
Comment:
|
3817
|
Deletions are marked like this. | Additions are marked like this. |
Line 41: | Line 41: |
* [purple] Modify the footgun feature flag to keep multi-tenancy for security bugs. * [purple] Enable footgun feature flag to reduce growing the number of private bugs with multiple projects * [mrevell]: Agree on the terminology and mutural exclusivity behaviour of security/propietary bugs. Respond to Curtis' email on the list. |
* [danhg] Announcement based on the language and introducing proprietary bugs and branches. |
Line 49: | Line 45: |
* [purple] Implement tweaked +manage-disclosure clickable mock-up * [danhg] User-test the tweaked clickable +managing-disclosure mock-ups |
* [purple] Produce tweaked +manage-sharing clickable mock-up * [danhg] User-test the tweaked clickable +managing-sharing mock-ups * [huwshimi] Review revised clickable mock-up and suggest any necessary changes. |
Line 52: | Line 49: |
* [huwshimi]: speak to sinzui about how to present embargoed security bugs in the UI | |
Line 54: | Line 50: |
* [EVERYONE!]: we will refer to "Sharing" rather than "Disclosure" * [purple]: replace references to "disclosure" with "sharing" |
* For later: record and warn the user about disclosing private teams to private projects. Precisely state that you are exposing your team to a project only. * [mrevell] When the warnings are ready (see above), test with stakeholders. |
Line 59: | Line 55: |
* [purple]: PPA subscribers should have access to only the archive itself * [purple]: Subscribers to a private team's branch should be permitted to see the branch and its merge proposals * [purple]: priv teams can be package maintainers * [purple]: priv teams can subscribe to blueprints * [purple]: priv teams can subscribe to bugs * [purple]: we will fix the situation where you can lose access to your private team * [purple]: warn in the picker when you're about to expose the name of a private team * [huwshimi]: speak to jcsackett about the design of the warning * [danhg]: test the warnings * [mrevell]: seek agreement from stakeholders on how adding a private team to a private team should work |
* [purple]: UI ready to be signed off * [mrevell]: UI signed off |
Line 71: | Line 59: |
=== Private projects === * [mrevell] Check with Danilo if private projects are still necessary to them. === Entitlement === * [wgrant] Dirt cheap entitlement coming |
Disclosure
See also disclosure tag
Squad started: 2011-05-23
Current week: 27
Next checkpoint: 2012-01-04
Scope
Out of scope
- Bug linking will now be a separate project
Deliverables
Item |
Owner |
Expected date |
Status |
Signed off LEPs |
jml |
|
DONE |
sinzui |
2011-09-21 |
DONE |
|
sinzui |
2011-10-13 |
DONE |
|
sinzui |
2012-01-04 |
DEVELOPMENT |
|
sinzui |
2012-01-18 |
DEVELOPMENT |
|
Harden bugs and teams |
sinzui |
2012-02-01 |
DEVELOPMENT |
|
|
|
|
|
|
|
|
|
|
|
|
Feature documentation |
danhg |
|
|
Blog post |
danhg |
|
|
Action items for next checkpoint
Harden bugs and teams
- [danhg] Announcement based on the language and introducing proprietary bugs and branches.
Manage disclosure
- [purple] Produce tweaked +manage-sharing clickable mock-up
- [danhg] User-test the tweaked clickable +managing-sharing mock-ups
- [huwshimi] Review revised clickable mock-up and suggest any necessary changes.
- [purple] Populating and maintaining the access policy data
- [danhg]: speak to sinzui to then rewrite the privacy ribbon messages to take account of the new situations it must handle
- For later: record and warn the user about disclosing private teams to private projects. Precisely state that you are exposing your team to a project only.
- [mrevell] When the warnings are ready (see above), test with stakeholders.
Social private teams
- [purple]: UI ready to be signed off
- [mrevell]: UI signed off
- [danhg]: what should someone who is not a member of a private team see when they visit that private team's overview page? Dan to gather data. (bug 904293)
Private projects
- [mrevell] Check with Danilo if private projects are still necessary to them.
Entitlement
- [wgrant] Dirt cheap entitlement coming
Actions for later
- [purple] Turn on +manage-disclosure and security through the access policy: LATER
Notes
- Projects/Disclosure/Checkpoint-2011-11-02
- Projects/Disclosure/Checkpoint-2011-11-16
- Projects/Disclosure/Checkpoint-2011-11-30
- Projects/Disclosure/Checkpoint-2011-12-14
- Projects/Disclosure/Checkpoint-2012-01-19
- Projects/Disclosure/Checkpoint-2012-02-01
- Projects/Disclosure/Checkpoint-2012-02-15
- Projects/Disclosure/Checkpoint-2012-02-29
- Projects/Disclosure/Checkpoint-2012-03-14
- Projects/Disclosure/Checkpoint-2012-03-29
- Projects/Disclosure/Checkpoint-2012-04-25
- Projects/Disclosure/Checkpoint-2012-06-06
- Projects/Disclosure/Checkpoint-2012-07-05
- Projects/Disclosure/Checkpoint-2012-08-29
- Projects/Disclosure/Checkpoint-2012-09-14
- Projects/Disclosure/Checkpoint-2012-09-26
- Projects/Disclosure/Checkpoint-2012-10-10
- Projects/Disclosure/Checkpoint-2012-11-07
- Projects/Disclosure/Checkpoint-2012-11-21
- Projects/Disclosure/Checkpoint-2012-12-05
Resources
User research
https://wiki.canonical.com/Launchpad/UserResearch/Disclosure/
https://wiki.canonical.com/Launchpad/UserResearch/Disclosure/CodySommerville
https://wiki.canonical.com/Launchpad/UserResearch/Disclosure/SteveMagoun
Dan's rough notes from +manage-disclosure with tags for policies paper prototyping research.