TRIAGING.md

Triage new issues/PRs on github

This document illustrates the steps the Hoodie community is taking to triage issues. The labels are used later on for planning releases. If you want to help by sorting issues please leave a comment here asking to join the triaging team.

Triaging Process

This process based on the idea of minimizing user pain from this blog post.

1. Open the list of non triaged issues

   • Sort by submit date, with the newest issues first
   • You don't have to do issues in order; feel free to pick and choose issues as you please.
   • You can triage older issues as well
   • Triage to your heart's content

2. Assign yourself: Pick an issue that is not assigned to anyone and assign it to you

3. Understandable? - verify if the description of the request is clear.

   • If not, close it according to the instructions below and go to the last step.

4. Duplicate?

   • If you've seen this issue before close it, and go to the last step.
   • Check if there are comments that link to a dupe. If so verify that this is indeed a dupe, close it, and go to the last step.

5. Bugs:

   • Label Type: Bug
   • Reproducible? - Steps to reproduce the bug are clear. If they are not, ask for a clarification. If there's no reply after a week, close it.
   • Reproducible on master?

6. Non bugs:

   • Label Type: Feature, Type: Chore, or Type: Perf
   • Belongs in core? – Often new features should be implemented as a plugin rather than an addition to the core. If this doesn't belong, close it, and go to the last step.
   • Label needs: breaking change - if needed
   • Label needs: public api - if the issue requires introduction of a new public API

7. Label browser: * - if the issue only affects a certain browser

8. Label frequency: * – How often does this issue come up? How many developers does this affect?

   • low - obscure issue affecting a handful of developers
   • moderate - impacts a common usage pattern
   • high - impacts most or all Hoodie apps

9. Label severity: * - How bad is the issue?

   • regression
   • memory leak
   • broken expected use - it's hard or impossible for a developer using Hoodie to accomplish something that Hoodie should be able to do
   • confusing - unexpected or inconsistent behavior; hard-to-debug
   • inconvenience - causes ugly/boilerplate code in apps

10. Label component: *

    • In rare cases, it's ok to have multiple components.

11. Label starter - These issues are good targets for PRs from the open source community. Apply to issues where the problem and solution are well defined in the comments, and it's not too complex.

12. Assign a milestone:

    • Backlog - triaged fixes and features, should be the default choice
    • Current x.y.z milestone (e.g. 0.3.0) - regressions and urgent bugs only

13. Unassign yourself from the issue

Tips

• Label resolution: *
  • these tags can be used for labeling a closed issue/PR with a reason why it was closed.
  • Right now there are only a few rejection reasons, but we can add more as needed. Feel free to suggest one to a core team member. We don't use this label for issues that were fixed or PRs that were merged.

Closing an Issue or PR

We're grateful to anyone who takes the time to submit an issue, even if we ultimately decide not to act on it. Be kind and respectful as you close issues. Be sure to follow the code of conduct.

1. Always thank the person who submitted it.
2. If it's a duplicate, link to the older or more descriptive issue that supersedes the one you are closing.
3. Let them know if there's some way for them to follow-up.
   • When the issue is unclear or reproducible, note that you'll reopen it if they can clarify or provide a better example. Mention plunker or fiddle for examples. Watch your notifications and follow-up if they do provide clarification. :)
   • If appropriate, suggest implementing a feature as a third-party module.

If in doubt, ask a core team member what to do.

Example:

Thanks for submitting this issue! Unfortunately, we don't think this functionality belongs in core. The good news is that you could easily implement this as a plugin and publish it to npm with the hoodie-plugin keyword.

Assigning Work

These criteria are then used to calculate a "user pain" score. Work is assigned weekly to core team members starting with the highest pain, descending down to the lowest.

pain = severity × frequency

severity:

• regression (5)
• memory leak (4)
• broken expected use (3)
• confusing (2)
• inconvenience (1)

frequency:

• low (1)
• moderate (2)
• high (3)

Note: Regressions and memory leaks should almost always be set to frequency: high.

Looks good.

We should have a slightly different procedure for security issues, people should not submit them to the public issue tracker in the first place. I have some ideas, but we don’t have to solve this here and now.

I love this. We are considering adopting the same idea for iScroll as well.
@janl I agree that security issues shouldn't be publicly disclosed. Because of that, Hoodie needs a clear statement and process in place about how vulnerabilities can be disclosed responsibly. As an example we can look at GitHub's responsible disclosure page. However, let's not get stuck because of the security issue. Rather, we should just remove security issues from this triaging process. A note that security issues shall not be disclosed in public issues can be at the top, but it really belongs in some kind of general contribution guidelines for the entire hoodiehq organisation. But again, just because that doesn't exist yet, we shouldn't be held back on adding this triaging process.

One last personal note: I'm trying to find low friction ways to get into the Hoodie universe and start contributing. This would be a huge benefit to everyone like me, who is trying to slowly work oneself into the project.

Use hoodiehq/discussion#50 to continue discussion