-
Notifications
You must be signed in to change notification settings - Fork 425
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Danger pattern guidance #113
Draft
superbryntendo
wants to merge
17
commits into
primer:main
Choose a base branch
from
superbryntendo:danger
base: main
Could not load branches
Branch not found: {{ refName }}
Loading
Could not load tags
Nothing to show
Loading
Are you sure you want to change the base?
Some commits from the old base branch may be removed from the timeline,
and old review comments may become outdated.
Draft
Changes from 5 commits
Commits
Show all changes
17 commits
Select commit
Hold shift + click to select a range
493a35c
beginning draft spec for save models. expecting to iterate on this co…
5685082
conflict
ee59bdc
first pass on rough draft of danger requirements
754caf1
updates language for some details based on crit earlier today as well…
1734ecc
adds link to logging documentation
fbc19e8
Copy edits
yaili 331430e
adds detail, addresses feedback, adjusts lists to support images
dc965bc
merge conflicts
cfef9c1
images not working quite yet, but the content is in a place where I'm…
655004d
changing import statement
3d964a0
changing image references again
196b389
removes githubber reference
a147ef6
Copyedits
yaili dfdf3dd
adds links and cleans up copy
d0d1dd5
merge conflicts
1d627b2
updates images and image refs
923a383
Copy edits
yaili File filter
Filter by extension
Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
There are no files selected for viewing
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| Original file line number | Diff line number | Diff line change |
|---|---|---|
| @@ -0,0 +1,23 @@ | ||
| --- | ||
| title: Destructive (danger) sequences | ||
| --- | ||
|
|
||
| When users are making a destructive change to their GitHub account, we need to make sure they have a clear understanding of what is about to happen. Many times these changes are reversible, but may have irreversible side effects (making a repository public). Other times, they're not reversible at all (deleting an organization). Either way, we need to ensure that we've done everything we can to make sure there are no gaps in communication that may cause unintended effects so that we don't lose trust with users. | ||
|
|
||
| There are a couple types of data that will need to be modified through our UI. Some of these types are not critical and require no particularly special treatment. These non-critical destructive flows include deleting a comment, issue, pull request, or discussion. | ||
|
|
||
| For critical destructive flows (including modifying user access, deleting repositories, making private data public, etc.), there are 3 basic treatments we can apply that will ensure that the full effects of a change are clear to our users and that we minimize loss of trust. | ||
|
|
||
| [Example image 1 goes here]() | ||
|
|
||
| 1. We should highlight all destructive flows visually. | ||
| - Any actions that will delete significant user data must use the `btn-danger` class. | ||
| - All page sections that will trigger a destructive sequences should be highlighted with `border-red` and an `alert` icon to build an accessible, intuitive pattern of recognition. When people see those details, they should know to tread carefully. Ideally, these will be centralized into a `Danger Zone` section. | ||
|
|
||
| [Example image 2 goes here]() | ||
|
|
||
| 2. We should force users into a second confirmation to ensure that they understand which data will be destroyed, the steps to revert those changes (if reversible), and that they have rights to destroy that data with an explicit statement, and/or password-protection. | ||
|
|
||
| [Example code goes here] | ||
|
|
||
| 3. We should follow the [audit logging rules](https://githubber.com/article/technology/dotcom/audit-logs/adding-new-events) and log all destruction events for the support team to help them with cases where something has gone wrong. | ||
Add this suggestion to a batch that can be applied as a single commit.
This suggestion is invalid because no changes were made to the code.
Suggestions cannot be applied while the pull request is closed.
Suggestions cannot be applied while viewing a subset of changes.
Only one suggestion per line can be applied in a batch.
Add this suggestion to a batch that can be applied as a single commit.
Applying suggestions on deleted lines is not supported.
You must change the existing code in this line in order to create a valid suggestion.
Outdated suggestions cannot be applied.
This suggestion has been applied or marked resolved.
Suggestions cannot be applied from pending reviews.
Suggestions cannot be applied on multi-line comments.
Suggestions cannot be applied while the pull request is queued to merge.
Suggestion cannot be applied right now. Please check back later.
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Some notes here:
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Ah - initially, that was going to lead directly into: "critical and non-critical", which is where "a couple" came from.
I'll fix that. Thanks Yaili!