[Bro-Dev] CBAN design proposal

[Slagell, Adam J]

> On May 24, 2016, at 11:21 AM, Siwek, Jon <jsiwek at illinois.edu> wrote:
> 
> I think all those points make things easy on contributors, minimize direct involvement of the Bro Team in sorting out problems related to particular plugins, and provide a useful way for users to discover and maintain Bro plugins.  There’s more potential for users to encounter broken/bad plugins, but maybe that also encourages stronger community involvement w/ users more likely to try and help get problems resolved.

I don’t feel like we have converged on agreement regarding the balance of mandatory vs. optional checks.

I think we need to define some basic metadata as a requirement for interoperability and discovery. Otherwise, what do we really end up providing above and beyond GitHub. 

Other quality checks can be optional, as long as we can change that in the future. I still think we should do do some basic checks to avoid completely broken stuff. It might mean more work for us in making sure we have good feedback and documentation.

In general we all want to avoid human interaction becoming a bottleneck to submissions.

I propose that we keep mandatory checks minimal, but not non-existent, and then we reevaluate when we have real data about how well this works. But I would really like more feedback from the community. Maybe I am an outlier here?

------

Adam J. Slagell
Chief Information Security Officer
Director, Cybersecurity Division
National Center for Supercomputing Applications
University of Illinois at Urbana-Champaign
www.slagell.info

"Under the Illinois Freedom of Information Act (FOIA), any written communication to or from University employees regarding University business is a public record and may be subject to public disclosure."