Require security/privacy considerations for W3C specs.

This patch teaches the metadata manager about groups that belong to the W3C in one way or another, and throws a warning if a specification produced by one of those groups neglects to include a "Security Considerations" or "Privacy Considerations" section. Closes speced#513.
mikewest · Nov 5, 2015 · 2f47d94 · 2f47d94
1 parent b2ec3ff
commit 2f47d94
Show file tree

Hide file tree

Showing 2 changed files with 18 additions and 0 deletions.
diff --git a/bikeshed/MetadataManager.py b/bikeshed/MetadataManager.py
@@ -19,6 +19,11 @@ def vshortname(self):
             return "{0}-{1}".format(self.shortname, self.level)
         return self.shortname
 
+    @property
+    def groupIsW3C(self):
+        return self.group in ["csswg", "dap", "fxtf", "geolocation", "houdini", "ricg", "svg",
+                              "texttracks", "web-bluetooth-cg", "webappsec", "webspecs", "whatwg"]
+
     def __init__(self, doc):
         self.doc = doc
         self.hasMetadata = False

diff --git a/bikeshed/__init__.py b/bikeshed/__init__.py
@@ -295,19 +295,32 @@ def resetHeadings(doc, headings):
 
 def addHeadingIds(doc, headings):
     neededIds = set()
+    hadSecurity = False
+    hadPrivacy = False
     for header in headings:
         if header.get('id') is None:
             if header.get("data-dfn-type") is None:
                 # dfn headings will get their IDs assigned by the dfn code
                 neededIds.add(header)
                 header.set('id', simplifyText(textContent(find(".content", header))))
+        if header.get('id') is "security-considerations":
+            hadSecurity = True
+        if header.get('id') is "privacy-considerations":
+            hadPrivacy = True
         if header.get("oldids"):
             oldIDs = [h.strip() for h in header.get("oldids").strip().split(",")]
             for oldID in oldIDs:
                 appendChild(header, E.span({"id":oldID}))
     if len(neededIds) > 0:
         warn("You should manually provide IDs for your headings:\n{0}",
             "\n".join("  "+outerHTML(el) for el in neededIds))
+    if doc.md.groupIsW3C:
+        if not hadSecurity and not hadPrivacy:
+            warn("This specification has neither a 'Security Considerations' nor a 'Privacy Considerations' section. Please consider adding both.")
+        elif not hadSecurity:
+            warn("This specification does not have a 'Security Considerations' section. Please consider adding one.")
+        elif not hadPrivacy:
+            warn("This specification does not have a 'Privacy Considerations' section. Please consider adding one.")
 
 def addHeadingAlgorithms(doc, headings):
     for header in headings: