Purpose
This page is intended as a tool for reviewers (or applicants) to request a second opinion with regards to any issues, conflicts, or differences of opinions which may arise during the code review process.
Process
To request a second opinion, please add a comment to this page, along with a link to the Project Application in question and a brief description of the the situation for which you are requesting input from a second reviewer. Adding this as a comment should cause the 'new' tag to appear next to the page title in the Group's main page, thus alerting reviewers that a new request has been submitted.
If the situation is one that can be resolved easily, then the second reviewer should respond in the project application issue queue; and either reviewer should add a response to the comment thread on this page indicating that the issue has been resolved.
If the situation is more complex (ie. a situation for which no previous precedent has been set), then in the interest of not taking over this page for a single issue, please start a new thread in the g.d.o group to host the actual discussion until a resolution has been identified; and add a link to that g.d.o thread below the request on this page. Once the resolution has been determined, update both the project application issue and the thread on this page to indicate that the issue has been resolved.
TODO: Confirm whether updating a wiki page results in the 'updated' tag ... would editing the actual page serve as a cleaner alternative to multiple comment threads?
Requests
Post your 'second opinion requests' below. Be concise, but be sure to include enough information that other reviewers can understand the context of your request.
Example:
Project Application: IPv4 Address Entity
Link: http://drupal.org/node/1172058#comment-4623134
Issue: Looking for a second opinion regarding whether this passes the module duplication test.
Comments
Taxonomy based
Taxonomy based ACL
http://drupal.org/node/1098072
Looking for another opinion regarding module duplication.
CafePress Import
CafePress Import
http://drupal.org/node/1193896
Looking for another opinion regarding module duplication, especially with cafepress in mind.
Closing. Thank you, greggles.
Closing. Thank you, greggles.
Node Tasklist
Hello, I've been in the queue for 3.5 months. I finally got an updated review last night and the reviewer recommended I get a second opinion on putting my name down as the Copyright owner. At this point I'm not getting any code change requests that are not formatting or documentation related.
http://drupal.org/node/1090582
This is closed.
This is closed.
Application for someone else?
Here's an odd situation:
http://drupal.org/node/1189724
The application was submitted by alexreinhart, who also did every commit on the sandbox project. But the sandbox project was originally created by another account, Digett, which appears to be the employer of alexreinhart. Now that the application is RTBC, alexreinhart is asking that Digett get the access.
It seems wrong to give one account access based on another account's application, but I'm not sure the best way to resolve this. Thoughts?
So, the request is basically
So, the request is basically for a shared account to have commit access? Does drupal.org have a policy regarding sharing an account? I didn't see one.
Not sure it's shared
It's not clear to me whether alexreinhart has access to the Digett account or not, but I got the impression that Digett is controlled by another person at the same organization. I'll ask in the application thread.
Whether it's documented or
Whether it's documented or not, the policy is strong: accounts are for individuals and are not to be shared.
knaddison blog | Morris Animal Foundation
I found this on the account
I found this on the account registration page, so it is pretty clear.
Resolved
alexreinhart took control of the project by moving it to a new sandbox, so I went ahead and granted the access to the account that completed the application process. alexreinhart also clarified that it's not a shared account, rather two people with separate accounts under the same company.
Privative code
Requesting a double opinion about what I understand as an intrusive privative code.
http://drupal.org/node/1804878#comment-6598634
cube inspire - web design and web development solutions !
Shared library code
The 51degrees.mobi module currently contains a shared library written by the author but also hosted on SourceForge:
http://drupal.org/node/1845192#comment-6776294
http://sourceforge.net/projects/fiftyone/?source=directory
It was previously uploaded using a non GPL license. The author of the module has now dual licensed it here.
My argument is that in general shared libraries shouldn't be hosted on drupal.org - but the policy here also seems to allow libraries written by the author themselves:
http://drupal.org/node/422996
It's not clear to me what the author should do - can they post the code in multiple places? It would mean the d.o version would need keeping up to date. Or should the author use libraries as I would recommend?
No, "In general 3rd party
No, "In general 3rd party libraries are forbidden, so do not commit any. Document for your users how to find and install it."
Exceptions only apply to modified versions of a library.
In this case though
Cheers Klausi,
In this case though, the author of the module is also the author of the library - are they still considered third party? Just want to be clear.
Yes, as the library has a
Yes, as the library has a home other than the drupal module it is considered third party.
I disagree
I don't think that's what "3rd party" means on Drupal.org. I don't get that from http://drupal.org/node/422996 at all, and there are plenty of examples of high-profile projects with 1st party code hosted both on Drupal.org and elsewhere, e.g. http://drupal.org/project/querypath and http://drupal.org/project/commons This is the first I've heard the suggestion that this is not allowed.
I have the same
I have the same interpretation that Klausi does. I think querypath is just ignoring the rules and that nobody works that hard to enforce that rule.
Which code in commons is hosted elsewhere as a primary standalone source? AFAIK it is downloadable in final form from elsewhere and previously was available on github, but I don't see those as relevant/analogous here.
knaddison blog | Morris Animal Foundation
Needs clarification
At least one person (me) doesn't work hard to enforce that rule because I had no idea it was a rule. Everything on http://drupal.org/node/422996 talks about "original author" and there's no mention of "original host" or anything suggestion "3rd party" refers to host rather than author.
If the rule is really about host rather than author (or in addition to author), that needs to be made clearer.
On QueryPath, in http://drupal.org/node/1320388 mbutcher says "This has been verified several Drupal.org and association members when QP was first released a few years ago." So I don't think it's fair to say he's ignoring the rules.
On Commons, the D6 version was first hosted on Acquia.com and is now also hosted on Drupal.org. It's still being updated on both hosts, so that seems pretty directly relevant to me.
I opened an issue seeking clarification: http://drupal.org/node/1850966
The commons case is just
The commons case is just making the resulting fully packaged distro zip available elsewhere, but it's not like there's source code hosted somewhere else that is also being committed into the commons repository in git. I think the fact that php is not compiled makes this trickier, but just imagine if the Acquia.com file were the resulting binary from compiling the code on drupal.org - then it would seem pretty different, right? That seems more like what is happening here to me.
knaddison blog | Morris Animal Foundation
"3rd party" generally means
"3rd party" generally means "obtainable somewhere else" and not neccessarily "written by somebody else".
Not 3rd party?
While that's the exception to the 3rd party rule, this case doesn't appear to be 3rd party code. It's the original author posting to Drupal.org, so I think the 3rd party rules don't apply at all here. The only rule we have limiting 1st party code is license, which has already been changed, so I think this is fine.
3rd party library policy changed
The 3rd party library policy was just updated to soften the language (e.g. "forbidden" was changed to "discouraged"):
http://drupal.org/node/422996/revisions/view/2285014/2469302
There's no link to a discussion in the revisions, so I don't know what kind of consensus that change has. But if the policy is changing, we should update the review process accordingly.
And...like it never
And...like it never happened
http://drupal.org/node/422996/revisions/view/2469318/2469338
knaddison blog | Morris Animal Foundation
I think this dicussion is
I think this dicussion is going into the wrong direction. Shouldn't we rather try to have a build process for modules that allows to include remote libraries?
Drush
Drush make files can pull in remote code from archive files/git/svn etc. Is that enough?
Not for everyone
That's enough for some people, as is Libraries API. But many module maintainers want to avoid anything that makes their installation process even slightly more complicated than other modules. There's an open issue to do module (and theme) packaging on Drupal.org with make files, just like we already do with distributions:
http://drupal.org/node/1477138
What is the end goal here? To
What is the end goal here?
To keep code hosted on DO compliant with our licensing and to keep code specific to Drupal hosted on DO?
What if I write a jquery plugin, license it compliant with our licensing, and the utilize it in a module?
Should the jquery library be hosted somewhere else even though it is somewhat specific to my module?
Granted, I agree that a jquery library should be hosted so that other non-drupal jquery users can find it, and we don't want to become a jquery library hosting service, what would the rule be then for this instance?
I think that kind of answers it
I think that agrees that Drupal.org hosting is really meant for Drupal specific projects. Looking at the terms of service:
http://drupal.org/node/1001544
That module definitely contains code that's non-Drupal specific and is available elsewhere, so I think the above rule applies.
Thanks, that makes it pretty
Thanks, that makes it pretty clear.
See
See http://drupal.org/node/1710094 for a similar issue.
Req 2nd opinion
Project Application: Facebook Stream
Link: https://drupal.org/node/1964028
Issue: Looking for a second opinion regarding whether this passes the module duplication test.
We have no hard rule to
We have no hard rule to reject project applications that absolutely want to fork or duplicate another project.
So what I do is ask them to at least get in touch with the maintainers of the existing project and take it over if they don't respond.
I added my text template to https://groups.drupal.org/node/184389#duplicate
Req 2nd opinion
Project: [D7] Restore
Issue: Very complicated module, I'm not convinced there's been a lot of review on it.
Req 2nd opinion
Project: Simply Hired Job-a-matic
Issue: the module name and shortname simply_hired_jobamatic and using the string 'simply_hired' in some of the urls. I'm not sure if Drupal has a policy about using the company name there as advertising. They also have a required attribution block, but that part seems reasonable.
The shortname and company
The shortname and company name in the url are not a problem from my perspective.
Boy, that's a sticky one. From a GPL perspective it's not OK for the module to require that. But, if the terms of service for importing jobs into your sidebar require that, then it is more normal (e.g. Mollom has a similar requirement, but it's focused on being sure that Terms of Service are displayed). That said...the job titles can probably be incorporated into a site under the doctrine of Fair Use without any attribution. It's probably not our place to judge this question, but I would want it clearly stated in the project page and README.txt that this module adds links back to the site.
knaddison blog | Morris Animal Foundation
Terms of Service notice
I've added a notice on the project page as well as the README.txt file of the module about the required attribution. There has been the ability to disable the attribution all together since my first commit on the project because I anticipated that people wouldn't want it display. I'll let their attorneys figure that one out. I'm not responsible because it clearly states it has to be there so I'm clean.
Req 2nd opinion
TAP CMS: https://drupal.org/node/1594624
Issue: It's a very nice set of modules that are already in use, but I'm not sure of the licensing/hosting issues.
I left a comment in that
I left a comment in that issue linking to the Drupal.org policy on 3rd party code, which I think is pretty clear about not allowing it, even in sandbox projects.
request for second opinion
Project Application: [D7] Garmin Connector
Link: https://drupal.org/node/1999514
Issue: I've spent many hours giving 2 detailed reviews, but ultimately there were so many half-finished features and debug code that I gave up.
I tried to postpone the issue to give him to clean up, but the applicant insists that his module is done and ready for review. I pointed out the queue is not for learning how to write modules, but that didn't convince him either. I'm at a loss for the next step!
Request for 2nd opinion
[D7] Redirect Check
https://www.drupal.org/node/2495721#comment-10018319
The module code is well written, module has 7 functions but code is less than 120 lines.
Naveen Valecha
https://www.valechatech.net
Does an application need to contain PHP/CSS/JS?
Project Application: [D7] check_drupal
Link: https://www.drupal.org/node/2633932
Q: Does an application need to contain PHP/CSS/JS?
I'm having trouble reviewing this application because I'm not sure what the guidelines are here.
Wouldn't his project be more
Wouldn't his project be more appropriately attached to NAGIOS, since it is a NAGIOS specific plugin? https://exchange.nagios.org/ is a large repository of other NAGIOS plugins already.
Could be. But there should
Could be. But there should also be a place at the drupal code website to gather all projects directly built for drupal.
I could however implement a module dependent version of this plugin (requiring some api url to check against), but then the whole benefit of not having to add code directly to drupal in order to make it work would vanish.
To get Generic Git vetted I
To get Generic Git vetted I would say so, A developer has to show understanding of the Drupal coding standards and Drupal API. We can not validate this with a project that does not have any drupal code in it. Personally I would recommend such a project for a single project promotion. (so only for that project get full project rights not N Drupal projects.
single project promotion
What are the limitations of single project promotion compared to "generic git vetted"?
Awn: What is a single project promotion?
https://www.drupal.org/node/2505727
So The project gets a full listing without anyone validating the Drupal skills of the Developer in general.
I believe this would be best since there is no code to asses the Developers Drupal skills, and there should be no need for a module that does this to not be listed as a full module.(IMHO)
ok, sounds fair so far.
ok, sounds fair so far.
So what is left for me to do
So what is left for me to do in order to convert this project to a full listing without vetted git access?
According to the
According to the documentation (https://www.drupal.org/node/2505727) the project must be promoted by a Git Administrator. I would recommend making the request in the comments of the application thread and waiting. I'm not that level of user as I'm still waiting for my own project (https://www.drupal.org/node/2614224) to inch its way through the Project Application queue.
Individual Account Rules
Project Application: [D7] Select registration roles
Link: https://www.drupal.org/node/2644054
Q: What are the project blocking signs of an non-individual account? In this project, the author has posted their company as the sponsor. The author's account is also sharing the name of that company and the company is listed on the profile with link.
Is this a non-individual account?
I checked the link noted in the PAReview Bonus Template page: "Guidelines for individual accounts" (https://www.drupal.org/node/272587), but the link goes to a page describing how to register an account. There doesn't seem to be any mention of individual vs other on the page.