[wp-trac] [WordPress Trac] #51092: Create a JSON schema for Privacy and Other Related Disclosures
WordPress Trac
noreply at wordpress.org
Mon Aug 31 07:29:27 UTC 2020
#51092: Create a JSON schema for Privacy and Other Related Disclosures
----------------------------------+--------------------------------
Reporter: carike | Owner: (none)
Type: enhancement | Status: new
Priority: normal | Milestone: 5.6
Component: Privacy | Version: trunk
Severity: normal | Resolution:
Keywords: needs-privacy-review | Focuses: rest-api, privacy
----------------------------------+--------------------------------
Description changed by carike:
Old description:
> **Background:**
>
> The Disclosures Tab is an initiative that is underway in the Core Privacy
> Team.
> The aim is to help site owners / admins better understand what
> information their site (plugins, themes and Core) collects, where the
> information is stored and where it is sent - and in particular, who it is
> shared with.
> We hope to help site owners / admins make more informed privacy choices
> (e.g. when choosing which plugin to install) and to better understand
> their risk profile when it comes to privacy.
> For the most part, the actual "controlling" is planned for a sibling
> plugin, the Permissions Tab, which is not currently intended to be merged
> into Core, as this will contain more advanced settings.
> You can read more about the various privacy initiatives here:
> https://make.wordpress.org/core/2020/08/19/minutes-core-privacy-
> meeting-19-august-2020/
>
> **The Challenge:**
>
> Free-form disclosures in the readme.txt would create a lot of additional
> work for the plugins review team.
> Moreover, it makes it near impossible to compare across plugins, or to
> use the information in any sort of automated process.
> The Disclosures Tab seeks to standardize the way that plugin, theme
> authors and Core can disclose privacy and other related concerns to site
> owners / admins, by creating quasi-"headers" and limiting the acceptable
> values for each.
>
> **The Solution:**
>
> Each plugin, theme and core component can have a file called
> disclosures.json that could be read by Core (and Meta) using relatively
> simple REST API functionality.
>
> In its current form, the JSON schema does not set any fields as
> "required".
> As URLs are not one of the six data types accepted by JSON, these types
> have been set as "string"s.
> The format for internal URLs has been set to "uri-reference" to allow for
> relative URLs.
> Items are not marked as "uniqueItems" because we would rather warn (after
> validation in PHP) than reject the file because of duplicates.
>
> **Scope:**
>
> This ticket proposes the schema.
> [] will be created for the validation of the schema by Core (particularly
> the URLs using PHP).
> [] will be created for internationalization (WP CLI and WordPress.org).
> #51156 creates developer documentation.
> #51144 proposes a UI for site-level privacy disclosures and related
> settings.
>
> {{{#!php
> <?php
> {
> "$schema": "https://core.trac.wordpress.org/ticket/51092",
> "$id": "https://example.com/to.be.filled.in.later.disclosures.json",
> "description": "The vision of the Disclosures Tab is for site
> administrators to understand their site's privacy risk profile and to
> make more informed privacy-related choices as a result. The mission of
> the Disclosures Tab is to help site administrators understand what
> information their site collects, where it is stored and where it is sent
> - and in particular, with whom it is shared.",
> "type": "object",
> "properties": {
> "info": {
> "description": "This section provides information to help
> identify the code.",
> "type": "object",
> "properties": {
> "component": {
> "description": "One of the following values: plugin,
> theme, or the specific Core component (e.g. avatar).",
> "type": "string"
> },
> "slug": {
> "description": "The slug, if the code relates to a plugin
> or a theme.",
> "type": "string"
> },
> "version": {
> "description": "Which version of disclosures.json this
> represents for the individual component.",
> "type": "string"
> },
> "since": {
> "description": "The plugin or theme's version number, or
> the Core version, if the component is a Core component, which introduced
> the current version of this disclosures.json file. I.e. this should
> represent the since value.",
> "type": "string"
> }
> }
> },
> }}}
>
> {{{#!php
> <?php
> "licenses": {
> "description": "This section contains more information about
> licensing."
> "type": "object",
> "properties": {
> "code": {
> "description": "A comma-separated list of URLs linking to
> the licenses that applies to this component (plugin, theme, or Core
> component)'s use.",
> "type": "array",
> "items": {
> "type": "string",
> "format": "uri"
> }
> },
> "localAssets": {
> "description": "A comma-separated list of URLs to the
> license that applies to the use of each asset that has been included
> locally. This should include the license of any bundled libraries, as
> well as the licenses of any images, fonts, etc.",
> "type": "array",
> "items": {
> "type": "string",
> "format": "uri"
> },
> },
> "remoteAssets": {
> "description": "A comma-separated list of URLs to the
> licenses that applies to the use of each asset that is accessed remotely.
> This should the licenses of any external libraries, as well as the
> licenses of any images, fonts, etc.",
> "type": "array",
> "items": {
> "type": "string",
> "format": "uri"
> },
> }
> }
> },
> }}}
>
> {{{#!php
> <?php
> "external": {
> "description": "This section provides more information relating
> to the Privacy Policies of the external network sites being called.",
> "type": "object",
> "properties": {
> "PHP": {
> "description": "A comma-separated list of URLs of links to
> the respective Privacy Policies of the sites to which the external
> network calls are being made in PHP.",
> "type": "array",
> "items": {
> "type": "string",
> "format": "uri"
> },
> },
> "JavaScript": {
> "description": "A comma-separated list of URLs linking to
> the respective Privacy Policies of the sites to which the external
> network calls are being made in JavaScript.",
> "type": "array",
> "items": {
> "type": "string",
> "format": "uri"
> },
> },
> "CSS": {
> "description": "A comma-separated list of URLs linking to
> the respective Privacy Policies of the sites to which the external
> network calls are being made in CSS.",
> "type": "array",
> "items": {
> "type": "string",
> "format": "uri"
> },
> }
> }
> },
> }}}
>
> {{{#!php
> <?php
> "terms": {
> "description": "This section contains more information about
> third party terms and conditions that may apply to use of the software.",
> "type": "object"
> "properties": {
> "SaaS": {
> "description": "A comma-separated list of URLs linking to
> the Terms of Service of any instances of Software as a Service.",
> "type": "array",
> "items": {
> "type": "string",
> "format": "uri"
> }
> },
> "externalAPIs": {
> "description": "A comma-separated list of URLs linking to
> the Terms of Service of any external API being used.",
> "type": "array",
> "items": {
> "type": "string",
> "format": "uri"
> }
> },
> "remoteAssets": {
> "description": "A comma-separated list of URLs linking to
> the Terms of Service that applies to the use of each remote asset. This
> relates to the use of CDNs for images, fonts, etc.",
> "type": "array",
> "items": {
> "type": "string",
> "format": "uri"
> }
> },
> "registration": {
> "description": "A comma-separated list of URLs linking to
> the Terms of Service that apply to any accounts that need to be
> registered in order to be able to make use of this component's code.",
> "type": "array",
> "items": {
> "type": "string",
> "format": "uri"
> }
> }
> }
> },
> }}}
>
> {{{#!php
> <?php
> "openWeb": {
> "description": "Details about mechanisms that allow others to
> obtain information from the site without browsing the website's front
> end.",
> "type": "object",
> "properties": {
> "apiEndpoints": {
> "description": "A comma-separated list of relative URLs
> for any internal API endpoints that are created by the code.",
> "type": "array",
> "items": {
> "type": "string",
> "format": "uri-reference"
> }
> },
> "feeds": {
> "description": "A comma-separated list of relative URLs
> for any internal feeds that are created by the code.",
> "type": "array",
> "items": {
> "type": "string",
> "format": "uri-reference"
> }
> }
> }
> },
> }}}
>
> {{{#!php
> <?php
> "clientSide": {
> "type": "object",
> "properties": {
> "setsCookiesPHP": {
> "description": "The names of any cookies that have been
> set using PHP.",
> "type": "array",
> "items": {
> "type": "string",
> }
> },
> "setsCookiesJavaScript": {
> "description": "The names of any cookies that have been
> set using JavaScript.",
> "type": "array",
> "items": {
> "type": "string",
> }
> },
> "usesLocalStorage": {
> "description": "Whether or not the code makes use of local
> storage.",
> "type": "boolean"
> }
> }
> },
> }}}
>
> {{{#!php
> <?php
> "communication": {
> "description": "This section provides more information about how
> the software communicates with external parties.",
> "type": "object",
> "properties": {
> "email": {
> "type": "object",
> "properties": {
> "sends": {
> "description": "Whether or not the code sends
> e-mails.",
> "type": "boolean"
> },
> "subscribed": {
> "description": "Whether e-mails are only sent to
> users that have subscribed for that particular e-mail (e.g. a
> newsletter).",
> "type": "boolean"
> }
> }
> }
> }
> },
> }}}
>
> {{{#!php
> <?php
> "database": {
> "description": "This section contains information about how the
> software interacts with the site's database (MySQL or MariaDB).",
> "type": "object",
> "properties": {
> "writesToDB": {
> "description": "Whether or not the code writes to the
> database.",
> "type": "object",
> "properties": {
> "auto": {
> "type": "array",
> "items": {
> "description": "Whether or not the code writes to
> the database in relation to information that is not explicitly input by a
> user.",
> "type": boolean
> },
> "additionalItems": false
> },
> "manual": {
> "type": "array",
> "items": {
> "description": "Whether or not the code writes
> information to the database that was explicitly input by the user.",
> "type": boolean
> },
> "additionalItems": false
> }
> }
> },
> "CPT": {
> "description": "Whether the component creates any Custom
> Post Types.",
> "type": "object",
> "properties": {
> "auto": {
> "type": "array",
> "items": {
> "description": "Whether or not the code
> automatically creates any Custom Post Types without user intervention.",
> "type": "boolean"
> "additionalItems": {
> "description": "The names of any Custom Post
> Types that are created automatically by the code without user
> intervention.",
> "type": "string",
> }
> },
> "manual": {
> "type": "array",
> "items": {
> "description": "Whether or not the code allows
> for users to generate Custom Post Types.",
> "type": "boolean",
> },
> "additionalItems": false
> }
> }
> },
> "customTables": {
> "description": "Whether or not the code creates any custom
> tables in the database.",
> "type": "object",
> "properties": {
> "auto": {
> "type": "array",
> "items": {
> "description": "Whether or not custom tables are
> automatically created by the code without user intervention.",
> "type": "boolean"
> },
> "additionalItems": {
> "description": "The names of any custom tables
> that are automatically created by the code without user intervention.",
> "type": "string"
> }
> },
> "manual": {
> "type": "array",
> "items": {
> "description": "Whether or not the code allows
> the user to create any custom tables.",
> "type": "boolean"
> },
> "additionalItems": false
> }
> }
> }
> }
> },
> }}}
>
> {{{#!php
> <?php
> "otherStorage": {
> "description": "Provides more information about where
> information may be stored, other than the database.",
> "type": "object",
> "properties": {
> "writesToFiles": {
> "description": "A comma-separated list of file types the
> code writes to (e.g. .txt).",
> "type": "array",
> "items": {
> "type": "string",
> }
> },
> "fileStructure": {
> "description": "Whether or not the code makes changes to
> the website's file structure.",
> "type": "object",
> "properties": {
> "auto": {
> "description": "Whether or not the code makes
> changes, or is capable of making changes, to the website's file structure
> that are not explicitly initiated by a user. This should not include
> files that are added directly from the repository, or in the original
> .zip file.",
> "type": "boolean"
> },
> "manual": {
> "description": "Whether or not the code makes
> changes, or is capable of making changes, to the website's file structure
> that are explicitly initiated by the user. This should not include files
> that are added directly from the repository, or in the original .zip
> file.",
> }
> }
> }
> }
> },
> }}}
>
> {{{#!php
> <?php
> "automation": {
> "description": "Provides more information with regards to action
> taken by the code without user input.",
> "type": "object",
> "properties": {
> "cron": {
> "description": "Whether the code makes use of scheduled
> tasks that do not require user input.",
> "type": "boolean"
> }
> }
> },
> }}}
>
> {{{#!php
> <?php
> "ppi": {
> "description": "Whether or not the code stores any Protected
> Personal Information.",
> "type": "boolean"
> },
> "compatibility": {
> "description": "Indicates whether or not the code is compatible
> with Privacy Tools.",
> "type": "object",
> "properties": {
> "ppiExport": {
> "description": "Does the developer, in good faith,
> consider the code to be compatible with the PPI Export Tool in
> WordPress?",
> "type": "array",
> "items": [
> {
> "type": "boolean"
> }
> ],
> "additionalItems": false
> },
> "ppiErasure": {
> "description": "Does the developer, in good faith,
> consider the code to be compatible with the PPI Erasure Tool in
> WordPress?",
> "type": "array",
> "items": [
> {
> "type": "boolean"
> }
> ],
> "additionalItems": false
> },
> "consentAPI": {
> "description": "Does the developer, in good faith,
> consider the code to be compatible with the WordPress Consent API?",
> "type": "array",
> "items": [
> {
> "type": "boolean"
> }
> ],
> "additionalItems": false
> },
> "disclosuresTab": {
> "description": "Does the developer, in good faith,
> consider the code to be compatible with the Disclosure Tab?",
> "type": "array",
> "items": [
> {
> "type": "boolean"
> }
> ],
> "additionalItems": false
> },
> "permissionsTab": {
> "description": "Does the developer, in good faith,
> consider the code to be compatible with the Permissions Tab?",
> "type": "array",
> "items": [
> {
> "type": "boolean"
> }
> ],
> "additionalItems": false
> }
> }
> },
> }}}
>
> {{{#!php
> <?php
> "monetization": {
> "type": "object",
> "description": "This section provides more information about
> monetization practices. It is included to help facilitate transparency
> and fair business dealings. Please note that disclosure here does not
> relieve a developer from any specific obligations that they may have
> under applicable statutes.",
> "properties": {
> "upsells": {
> "description": "More information about upselling in the
> code.",
> "type": "array",
> "items": [
> {
> "description": "Does this code promote a paid
> version, or extensions, or other products or services from the same
> author(s)?",
> "type": "boolean"
> }
> ],
> "additionalItems": {
> "description": "A comma-separate list of URLs linking
> to the Terms of Service that apply to any paid version, or extension, or
> other products or services from the same author(s).",
> "type": "string",
> "format": "uri"
> }
> },
> "donations": {
> "description": "More information about donations that are
> facilitated by the code.",
> "type": "array",
> "items": [
> {
> "description": "Does this code contain any request,
> or information in order to, donate to the plugin or its developer(s)?",
> "type": "boolean"
> }
> ],
> "additionalItems": {
> "description": "A comma-separated list of URLs linking
> to the Terms of Service that apply to the platform being used to
> facilitate donations.",
> "type": "string",
> "format": "uri"
> }
> },
> "backLinks": {
> "description": "More information about the code requesting
> credit.",
> "type": "array",
> "items": [
> {
> "description": "Does this code contain or generate,
> or ask the site owner / admin for permission to generate, backlinks?",
> "type": "boolean"
> }
> ],
> "additionalItems": {
> "type": "string",
> "format": "uri"
> }
> },
> "affiliates": {
> "description": "More information about affiliate networks
> that are promoted by the code.",
> "type": "array",
> "items": [
> {
> "description": "Does this code contain, or generate
> affiliate links - i.e. links from which the author may receive
> conditional compensation, whether in money, or in kind?",
> "type": "boolean"
> }
> ],
> "additionalItems": {
> "description": "A comma-separated list of URLs linking
> to the Terms of Service that apply to affiliate networks being promoted
> by the code.",
> "type": "string",
> "format": "uri"
> }
> },
> "advertising": {
> "description": "More information about advertising that is
> facilitated by the code.",
> "type": "array",
> "items": [
> {
> "description": "Does the code contain, or generate
> promotions or recommendations for any products or services not directly
> under the control of the author(s), for which the author(s) receive any
> compensation, whether in money, or in kind?",
> "type": "boolean"
> }
> ],
> "additionalItems": {
> "description": "A comma-separated list of URLs linking
> to the Terms of Service that apply to any products or services that are
> being advertised by the code.",
> "type": "string",
> "format": "uri"
> }
> }
> }
> }
> }
> }
> }}}
>
> **Acknowledgements:**
>
> Thanks to Timothy for suggesting that we use a .json file instead of
> plugin and theme headers.
> Thanks to Swissspidy for information on i18n - see comment below.
> Thanks to Apedog for suggesting improved phrasing for the "external"
> property's description.
New description:
**Background:**
The Disclosures Tab is an initiative that is underway in the Core Privacy
Team.
The aim is to help site owners / admins better understand what information
their site (plugins, themes and Core) collects, where the information is
stored and where it is sent - and in particular, who it is shared with.
We hope to help site owners / admins make more informed privacy choices
(e.g. when choosing which plugin to install) and to better understand
their risk profile when it comes to privacy.
For the most part, the actual "controlling" is planned for a sibling
plugin, the Permissions Tab, which is not currently intended to be merged
into Core, as this will contain more advanced settings.
You can read more about the various privacy initiatives here:
https://make.wordpress.org/core/2020/08/19/minutes-core-privacy-
meeting-19-august-2020/
**The Challenge:**
Free-form disclosures in the readme.txt would create a lot of additional
work for the plugins review team.
Moreover, it makes it near impossible to compare across plugins, or to use
the information in any sort of automated process.
The Disclosures Tab seeks to standardize the way that plugin, theme
authors and Core can disclose privacy and other related concerns to site
owners / admins, by creating quasi-"headers" and limiting the acceptable
values for each.
**The Solution:**
Each plugin, theme and core component can have a file called
disclosures.json that could be read by Core (and Meta) using relatively
simple REST API functionality.
In its current form, the JSON schema does not set any fields as
"required".
As URLs are not one of the six data types accepted by JSON, these types
have been set as "string"s.
The format for internal URLs has been set to "uri-reference" to allow for
relative URLs.
Items are not marked as "uniqueItems" because we would rather warn (after
validation in PHP) than reject the file because of duplicates.
**Scope:**
This ticket proposes the schema.
[] will be created for the validation of the schema by Core (particularly
the URLs using PHP).
[] will be created for internationalization (WP CLI and WordPress.org).
#51156 creates developer documentation.
#51144 proposes a UI for site-level privacy disclosures and related
settings.
{{{#!php
<?php
{
"$schema": "https://core.trac.wordpress.org/ticket/51092",
"$id": "https://example.com/to.be.filled.in.later.disclosures.json",
"description": "The vision of the Disclosures Tab is for site
administrators to understand their site's privacy risk profile and to make
more informed privacy-related choices as a result. The mission of the
Disclosures Tab is to help site administrators understand what information
their site collects, where it is stored and where it is sent - and in
particular, with whom it is shared.",
"type": "object",
"properties": {
"info": {
"description": "This section provides information to help
identify the code.",
"type": "object",
"properties": {
"component": {
"description": "One of the following values: plugin, theme,
or the specific Core component (e.g. avatar).",
"type": "string"
},
"slug": {
"description": "The slug, if the code relates to a plugin
or a theme.",
"type": "string"
},
"version": {
"description": "Which version of disclosures.json this
represents for the individual component.",
"type": "string"
},
"since": {
"description": "The plugin or theme's version number, or
the Core version, if the component is a Core component, which introduced
the current version of this disclosures.json file. I.e. this should
represent the since value.",
"type": "string"
}
}
},
}}}
{{{#!php
<?php
"licenses": {
"description": "This section contains more information about
licensing."
"type": "object",
"properties": {
"code": {
"description": "A comma-separated list of URLs linking to
the licenses that applies to this component (plugin, theme, or Core
component)'s use.",
"type": "array",
"items": {
"type": "string",
"format": "uri"
}
},
"localAssets": {
"description": "A comma-separated list of URLs to the
license that applies to the use of each asset that has been included
locally. This should include the license of any bundled libraries, as well
as the licenses of any images, fonts, etc.",
"type": "array",
"items": {
"type": "string",
"format": "uri"
},
},
"remoteAssets": {
"description": "A comma-separated list of URLs to the
licenses that applies to the use of each asset that is accessed remotely.
This should the licenses of any external libraries, as well as the
licenses of any images, fonts, etc.",
"type": "array",
"items": {
"type": "string",
"format": "uri"
},
}
}
},
}}}
{{{#!php
<?php
"external": {
"description": "This section provides more information relating
to the Privacy Policies of the external network sites being called.",
"type": "object",
"properties": {
"PHP": {
"description": "A comma-separated list of URLs of links to
the respective Privacy Policies of the sites to which the external network
calls are being made in PHP.",
"type": "array",
"items": {
"type": "string",
"format": "uri"
},
},
"JavaScript": {
"description": "A comma-separated list of URLs linking to
the respective Privacy Policies of the sites to which the external network
calls are being made in JavaScript.",
"type": "array",
"items": {
"type": "string",
"format": "uri"
},
},
"CSS": {
"description": "A comma-separated list of URLs linking to
the respective Privacy Policies of the sites to which the external network
calls are being made in CSS.",
"type": "array",
"items": {
"type": "string",
"format": "uri"
},
}
}
},
}}}
{{{#!php
<?php
"terms": {
"description": "This section contains more information about
third party terms and conditions that may apply to use of the software.",
"type": "object"
"properties": {
"SaaS": {
"description": "A comma-separated list of URLs linking to
the Terms of Service of any instances of Software as a Service.",
"type": "array",
"items": {
"type": "string",
"format": "uri"
}
},
"externalAPIs": {
"description": "A comma-separated list of URLs linking to
the Terms of Service of any external API being used.",
"type": "array",
"items": {
"type": "string",
"format": "uri"
}
},
"remoteAssets": {
"description": "A comma-separated list of URLs linking to
the Terms of Service that applies to the use of each remote asset. This
relates to the use of CDNs for images, fonts, etc.",
"type": "array",
"items": {
"type": "string",
"format": "uri"
}
},
"registration": {
"description": "A comma-separated list of URLs linking to
the Terms of Service that apply to any accounts that need to be registered
in order to be able to make use of this component's code.",
"type": "array",
"items": {
"type": "string",
"format": "uri"
}
}
}
},
}}}
{{{#!php
<?php
"openWeb": {
"description": "Details about mechanisms that allow others to
obtain information from the site without browsing the website's front
end.",
"type": "object",
"properties": {
"apiEndpoints": {
"description": "A comma-separated list of relative URLs for
any internal API endpoints that are created by the code.",
"type": "array",
"items": {
"type": "string",
"format": "uri-reference"
}
},
"feeds": {
"description": "A comma-separated list of relative URLs for
any internal feeds that are created by the code.",
"type": "array",
"items": {
"type": "string",
"format": "uri-reference"
}
}
}
},
}}}
{{{#!php
<?php
"clientSide": {
"type": "object",
"properties": {
"setsCookiesPHP": {
"description": "The names of any cookies that have been set
using PHP.",
"type": "array",
"items": {
"type": "string",
}
},
"setsCookiesJavaScript": {
"description": "The names of any cookies that have been set
using JavaScript.",
"type": "array",
"items": {
"type": "string",
}
},
"usesLocalStorage": {
"description": "Whether or not the code makes use of local
storage.",
"type": "boolean"
}
}
},
}}}
{{{#!php
<?php
"communication": {
"description": "This section provides more information about how
the software communicates with external parties.",
"type": "object",
"properties": {
"email": {
"type": "object",
"properties": {
"sends": {
"description": "Whether or not the code sends
e-mails.",
"type": "boolean"
},
"subscribed": {
"description": "Whether e-mails are only sent to
users that have subscribed for that particular e-mail (e.g. a
newsletter).",
"type": "boolean"
}
}
}
}
},
}}}
{{{#!php
<?php
"database": {
"description": "This section contains information about how the
software interacts with the site's database (MySQL or MariaDB).",
"type": "object",
"properties": {
"writesToDB": {
"description": "Whether or not the code writes to the
database.",
"type": "object",
"properties": {
"auto": {
"type": "array",
"items": {
"description": "Whether or not the code writes to
the database in relation to information that is not explicitly input by a
user.",
"type": boolean
},
"additionalItems": false
},
"manual": {
"type": "array",
"items": {
"description": "Whether or not the code writes
information to the database that was explicitly input by the user.",
"type": boolean
},
"additionalItems": {
"description": "A comma-separated list of
capabilities that authorize a user to write information to the database
within the code.",
"type": "string"
}
}
},
"CPT": {
"description": "Whether the component creates any Custom
Post Types.",
"type": "object",
"properties": {
"auto": {
"type": "array",
"items": {
"description": "Whether or not the code
automatically creates any Custom Post Types without user intervention.",
"type": "boolean"
"additionalItems": {
"description": "The names of any Custom Post Types
that are created automatically by the code without user intervention.",
"type": "string",
}
},
"manual": {
"type": "array",
"items": {
"description": "Whether or not the code allows for
users to generate Custom Post Types.",
"type": "boolean",
},
"additionalItems": {
"description": "A comma-separated list of
capabilities that authorize a user to create Custom Post Types within the
code.",
"type": "string"
}
}
}
},
"customTables": {
"description": "Whether or not the code creates any custom
tables in the database.",
"type": "object",
"properties": {
"auto": {
"type": "array",
"items": {
"description": "Whether or not custom tables are
automatically created by the code without user intervention.",
"type": "boolean"
},
"additionalItems": {
"description": "The names of any custom tables
that are automatically created by the code without user intervention.",
"type": "string"
}
},
"manual": {
"type": "array",
"items": {
"description": "Whether or not the code allows the
user to create any custom tables.",
"type": "boolean"
},
"additionalItems": {
"description": "A comma-separated list of
capabilities that authorize a user to create custom tables within the
code.",
"type": "string"
}
}
}
}
},
}}}
{{{#!php
<?php
"otherStorage": {
"description": "Provides more information about where information
may be stored, other than the database.",
"type": "object",
"properties": {
"writesToFiles": {
"description": "A comma-separated list of file types the
code writes to (e.g. .txt).",
"type": "array",
"items": {
"type": "string",
}
},
"fileStructure": {
"description": "Whether or not the code makes changes to
the website's file structure.",
"type": "object",
"properties": {
"auto": {
"description": "Whether or not the code makes
changes, or is capable of making changes, to the website's file structure
that are not explicitly initiated by a user. This should not include files
that are added directly from the repository, or in the original .zip
file.",
"type": "boolean"
},
"manual": {
"description": "Whether or not the code makes
changes, or is capable of making changes, to the website's file structure
that are explicitly initiated by the user. This should not include files
that are added directly from the repository, or in the original .zip
file.",
}
}
}
}
},
}}}
{{{#!php
<?php
"automation": {
"description": "Provides more information with regards to action
taken by the code without user input.",
"type": "object",
"properties": {
"cron": {
"description": "Whether the code makes use of scheduled
tasks that do not require user input.",
"type": "boolean"
}
}
},
}}}
{{{#!php
<?php
"ppi": {
"description": "Whether or not the code stores any Protected
Personal Information.",
"type": "boolean"
},
"compatibility": {
"description": "Indicates whether or not the code is compatible
with Privacy Tools.",
"type": "object",
"properties": {
"ppiExport": {
"description": "Does the developer, in good faith, consider
the code to be compatible with the PPI Export Tool in WordPress?",
"type": "array",
"items": [
{
"type": "boolean"
}
],
"additionalItems": false
},
"ppiErasure": {
"description": "Does the developer, in good faith, consider
the code to be compatible with the PPI Erasure Tool in WordPress?",
"type": "array",
"items": [
{
"type": "boolean"
}
],
"additionalItems": false
},
"consentAPI": {
"description": "Does the developer, in good faith, consider
the code to be compatible with the WordPress Consent API?",
"type": "array",
"items": [
{
"type": "boolean"
}
],
"additionalItems": false
},
"disclosuresTab": {
"description": "Does the developer, in good faith, consider
the code to be compatible with the Disclosure Tab?",
"type": "array",
"items": [
{
"type": "boolean"
}
],
"additionalItems": false
},
"permissionsTab": {
"description": "Does the developer, in good faith, consider
the code to be compatible with the Permissions Tab?",
"type": "array",
"items": [
{
"type": "boolean"
}
],
"additionalItems": false
}
}
},
}}}
{{{#!php
<?php
"monetization": {
"type": "object",
"description": "This section provides more information about
monetization practices. It is included to help facilitate transparency and
fair business dealings. Please note that disclosure here does not relieve
a developer from any specific obligations that they may have under
applicable statutes.",
"properties": {
"upsells": {
"description": "More information about upselling in the
code.",
"type": "array",
"items": [
{
"description": "Does this code promote a paid
version, or extensions, or other products or services from the same
author(s)?",
"type": "boolean"
}
],
"additionalItems": {
"description": "A comma-separate list of URLs linking to
the Terms of Service that apply to any paid version, or extension, or
other products or services from the same author(s).",
"type": "string",
"format": "uri"
}
},
"donations": {
"description": "More information about donations that are
facilitated by the code.",
"type": "array",
"items": [
{
"description": "Does this code contain any request,
or information in order to, donate to the plugin or its developer(s)?",
"type": "boolean"
}
],
"additionalItems": {
"description": "A comma-separated list of URLs linking
to the Terms of Service that apply to the platform being used to
facilitate donations.",
"type": "string",
"format": "uri"
}
},
"backLinks": {
"description": "More information about the code requesting
credit.",
"type": "array",
"items": [
{
"description": "Does this code contain or generate,
or ask the site owner / admin for permission to generate, backlinks?",
"type": "boolean"
}
],
"additionalItems": {
"type": "string",
"format": "uri"
}
},
"affiliates": {
"description": "More information about affiliate networks
that are promoted by the code.",
"type": "array",
"items": [
{
"description": "Does this code contain, or generate
affiliate links - i.e. links from which the author may receive conditional
compensation, whether in money, or in kind?",
"type": "boolean"
}
],
"additionalItems": {
"description": "A comma-separated list of URLs linking
to the Terms of Service that apply to affiliate networks being promoted by
the code.",
"type": "string",
"format": "uri"
}
},
"advertising": {
"description": "More information about advertising that is
facilitated by the code.",
"type": "array",
"items": [
{
"description": "Does the code contain, or generate
promotions or recommendations for any products or services not directly
under the control of the author(s), for which the author(s) receive any
compensation, whether in money, or in kind?",
"type": "boolean"
}
],
"additionalItems": {
"description": "A comma-separated list of URLs linking
to the Terms of Service that apply to any products or services that are
being advertised by the code.",
"type": "string",
"format": "uri"
}
}
}
}
}
}
}}}
**Acknowledgements:**
Thanks to Timothy for suggesting that we use a .json file instead of
plugin and theme headers.
Thanks to Swissspidy for information on i18n - see comment below.
Thanks to Apedog for suggesting improved phrasing for the "external"
property's description.
--
--
Ticket URL: <https://core.trac.wordpress.org/ticket/51092#comment:19>
WordPress Trac <https://core.trac.wordpress.org/>
WordPress publishing platform
More information about the wp-trac
mailing list