[wp-trac] [WordPress Trac] #51092: Create a JSON schema for Privacy and Other Related Disclosures
WordPress Trac
noreply at wordpress.org
Thu Sep 3 12:02:52 UTC 2020
#51092: Create a JSON schema for Privacy and Other Related Disclosures
----------------------------------------------+-----------------------
Reporter: carike | Owner: (none)
Type: feature request | Status: new
Priority: normal | Milestone: 5.6
Component: Privacy | Version: trunk
Severity: normal | Resolution:
Keywords: needs-privacy-review 2nd-opinion | Focuses: rest-api
----------------------------------------------+-----------------------
Comment (by carike):
Replying to [comment:21 TimothyBlynJacobs]:
> I think it'd probably be better to put the schema in either a GitHub
repo or at least a PR against wordpress/develop. In its current form,
providing comments on it is really difficult.
Thank you for the advice. Working on it :)
Replying to [comment:22 azaozz]:
> > For the most part, the actual "controlling" is planned for a sibling
plugin, the Permissions Tab, which is not currently intended to be merged
into Core.
>
> Two things:
>
> 1. Not sure what "controlling" means in this context? Control what
exactly?
> 2. Thinking this is not a good idea. A "feature" is either in core or it
isn't. Adding "something" to core that will need a plugin to become useful
is not the way to go imho.
The best way I can explain this is to compare it to Site Health.
Some Site Health features enhance what is already in Core, but they are
not necessary for a not-insignificant number of users, or more useful for
a limited amount of time, so they are intentionally kept in the plugin.
The Core implementation works - and is useful - in its own right, but it
is augmented by additional (debugging) features in a plugin.
The aim is to decide what constitutes sane defaults for Core and then to
provide extended **options** via a Permissions plugin.
In this case, the Core functionality is more focused on awareness /
education.
The aim is to help site owners / admins understand their privacy risk
profile.
Advanced options may need some sandboxing capabilities (to enforce site
owner / admin choices) that would not be ideal for Core, but may be in
high demand as a plugin.
> > Each plugin, theme and core component can have a file called
disclosures.json
>
> This makes sense for themes and plugins but perhaps not for core? In
this context what is "core component" and why "all" core components need
separate files? WP core is not build from "independent components".
To create a disclosures.json file for Core would be a large undertaking
(which would include documenting all external references in the code).
Breaking it up in to the various components make it more achievable and
also makes it more useful to the site owner / admin because it is
explained in more manage-able chunks.
> > ...using relatively simple REST API functionality
>
> Why this should be available (only?) through the API and not as a simple
text or HTML? How is this going to be used in core? Seems the "application
design" part of this is not formulated (yet).
Free-form disclosures would not be as useful as standardized disclosures,
which allow site owners / admins to compare plugins / themes' privacy
practices.
A JSON format helps with standardization and can be easier for developers.
The REST API is used to validate the JSON data and to make it accessible
in a format that is more friendly towards site owners and admins.
> (Also a quick note: multiple code examples in the ticket description are
hard to follow and not particularly useful.)
These are not multiple examples. They are intended to be a single schema.
I just split them into separate blocks because on the laptop, the vertical
scroll bar is at the bottom.
I am working on getting a copy up on GitHub though, as per Timothy's
suggestion, as I understand that it can be hard to read here.
Replying to [comment:23 azaozz]:
> On second thought, this is (inseparable) part of #51144, perhaps can be
closed as duplicate and handled there. The whole feature still needs
designing.
This ticket is intended for designing.
However, we need input from a very diverse group of people for this
initiative and they do not want to read through a lot of items that do not
apply to them, hence the separate (but highly related) tickets to allow
for multiple working groups.
--
Ticket URL: <https://core.trac.wordpress.org/ticket/51092#comment:24>
WordPress Trac <https://core.trac.wordpress.org/>
WordPress publishing platform
More information about the wp-trac
mailing list