This is a list of Mozilla community governance issues. Please add suggestions to the scratchpad.
We also have a page listing existing policies.
Most of these issues are being tackled by Gerv.
Discussion Forums Changes
Issue: There are several issues with the current technical implementation of our discussion forums - primarily spam, but also the unresponsiveness of Google re: Google Groups and so on.
Proposal: We should look at alternative technical options.
Status: There have been plans in the past, which have got derailed by lack of IT time. Community IT is now standing up an instance of Discourse which we hope to evaluate and use as a gradual replacement for the current system.
Next Steps: Test Discourse instance.
Mozilla Code Not In Our Repos
Issue: recently, Mozilla community members have been storing Mozilla code in repos other than ours (e.g. github, Google Code). Is this a concern from a community, technical or a legal point of view?
Proposal: Require people with direct access to our Github repos to sign the Committer's Agreement (who haven't signed it already).
Status: Gerv has access to the necessary Github APIs (for Github committers) and LDAP dump information (for existing Hg committers).
Next Steps: Gerv needs to write code to reconcile and match people across those two data sources. Then we need to contact all the people who haven't signed the agreement yet and ask them to.
Issue: Some review requests remain open and unloved in Bugzilla. This is bad for the (often new) contributors who make patches and see them ignored.
- Spreadsheet mapping Bugzilla components to modules, prepared by Dirkjan Ochtman.
Status: Bugzilla started whining about outstanding requests on a weekly basis, and data was captured to see if this has significant effect on the queue. It had some effect, but we then levelled off and have since been slowly creeping back upwards. Bugzilla now bans reviews requested "of the wind", and suggests appropriate reviewers for review requests.
On 24th August 2013, a patch was committed to Bugzilla so that Bugzilla now tracks the day a person was last seen. That will allow us to implement bug 751862 (ban requests from requestees who haven't been around for ages) and bug 751863 (cancel requests of requestees who have not been around for ages).
Next Steps: Implement those two bugs.
Issue: various parts of Mozilla have started using non-MPL licenses for new codebases.
Proposal: Have discussion about formally permitting this, and then work out if we want to make the effort to switch over legacy codebases.
Status: after consultation and discussion, it was agreed that the Apache License 2.0 would be an option maintainers could choose in some circumstances for new codebases. The licensing policy was updated accordingly.
Next Steps: Decide if we want to try and get some existing BSD-using codebases or frameworks switched over. There's a list of which projects use what. The Playdoh framework is an obvious candidate.
Community Governance Reboot
Issue: the Module Ownership system does not cover all of the activities that Mozilla now engages in. This means that the MoCo org chart is the de facto governance structure, which makes it impossible for non-employees to take on positions of responsibility.
Status: An Activity_Map was built in January and February to map out all the things Mozilla does, so we can see where community governance needs to be put in place. (It may need reviewing and updating when this project restarts.)
Next Steps: We need to decide what the future governance structure will look like, in broad terms, before we go ahead and try and create it. It will, at heart, involve Putting People In Charge Of Stuff, but there are a number of ways that can be achieved.
Commit Access Levels and GitHub
Issue: How do we map our ideas of commit access levels onto the model used by GitHub, if at all? bug 760153.
Proposal: We don't; let's just make sure everyone with direct commit access has signed the Committer's Agreement.
Change Bugzilla Workflow
Issue: the current Bugzilla workflow may not be optimal for the Mozilla project. Now that it's configurable in Bugzilla, we could have a discussion about what is best, implement it in the software, and educate the community to use the new workflow.
Other suggestions: open up EXPIRED, or collapse EXPIRED, WONTFIX and INVALID into INACTIVE or some other word.
Shouldn't-Be-Private Mailing Lists
Issue: Mozilla runs a large number of mailing lists, as well as our public discussion forums. We should audit that list to make sure no project discussion is private when it should be (at least) read-only public.
Actions: Gerv wrote a small script to extract a list of possibly-concerning mailing lists from mailman. He has had several iterations of the list from mzeier, refining the script each time.
Status: an initial look suggested that this was not a big problem. Although the analysis was not exhaustive, it was sufficient.
Improve Module Owners List
Issue: it's often out of date, because it's maintained through despot, which takes a lot of work. We would like to make it hackable, parseable, easier to maintain and therefore more accurate.
- Current, despot-generated list
- Module Owners List Action Plan from mitchell (July 2008 :-( - some objections were raised)
- document from Dan on the MailNews review system, which include modules and owners.
Status: new system built, data migrated, owners.html redirected.
Retire Incubator Program
Issue: the incubator program, for creating new Hg repos for collaborating with outside coders, was useful when getting access to our tree was hard. Due to the new Commit Access Policy, it's now much easier, so Stuart agreed with my suggestion that we could wind this program down.
Status: program retired.
Trim Super-Reviewers List
It has been suggested that there remain some people on the super-reviewers list who do not have sufficient recent activity on the project to continue in that role. So, in consultation with Brendan, the list could be trimmed (further; it was trimmed a bit recently).
Status: list reviewed, candidates identified, checked with Brendan, 2 people removed.
Harmonize and Simplify Commit Access Policy
Issue: Our commit access policies are currently very diverse. We should harmonize them and make them consistent, understandable and easy to implement.
Status: new Commit Access Policy written and implemented, and infrastructure updated to match.
Switch To New Committer's Agreement
Issue: Transition to the new agreement by nagging those who have not signed and eventually disabling accounts.
- There is a private Google Docs spreadsheet tracking the progress.
Status: List of people made; big efforts over the past two years to get people to sign; ultimatum issued and deadline passed. List of delinquents made and accounts disabled.
Governance Bug Triage
Issue: There are numerous open bugs in the Governance component in Bugzilla, which need to be triaged and, where possible, resolved.
Status: Open bug count reduced from 24 to 3. This is no longer an "issue"; the remaining bugs have owners, and Gerv will triage incoming ones.
Disable Dormant SCM Accounts
Issue: We have many source code management system accounts which are no longer used. This increases our security attack surface.
Status: Done; 400+ accounts disabled, only a couple erroneously :-)
Issue: the Monday meeting is having an identity crisis. Clarify the purpose and most useful content of the meeting, and determine whether the current timing is optimal.
- thread in mozilla.dev.planning on moving the meeting time
- Community Calendar
- dria's summary of the meeting's purpose
Status: Done; timing has been changed; Ten Forward has been rearranged; Gerv has written guidance; Jono is the new host and is making many other changes. Meetings are now fairly awesome.
Create More Non-Code ("Activities") Modules
Issue: Do we need any more Activities modules? Who might own them? We should work out what makes a good module, and who makes a good module owner. Possible examples: SFX, mozilla.org (content vs. technical split?). Do we need to separate policy creation and implementation?
"We should create modules when there is a specific level of responsibility, authority and decision making that it would be helpful to invest in a person." - Mitchell
"We should make modules to unambiguously place an activity in the arena of stuff which we apply open source and transparent principles to." - Gerv
Status: A number of modules have been proposed and created; Mitchell will create more as she feels the need.
Update Super-Review Policy
Issue: super-review policy is out of date. mconnor is updating it.
Resolution: mconnor updated the super-review policy.
Regular Governance Tasks
Some issues need revisiting on a regular basis, perhaps once a year. This is a (doubtless incomplete) list:
- Update super-reviewers list
- Check for shouldn't-be-private mailing lists
- Disable dormant SCM accounts (note: last-used dates for SCM accounts are tracked by IT in LDAP)