I was previously a contributor to the jitsi/jitsi-meet wiki; I wrote this page with the aim of helping the Jitsi community:
However recently edit access was removed from me and apparently from others too, which means we can no longer continue improving the page.
I did not receive any notification of this, and cannot find any explanation anywhere. It’s pretty demotivating to be treated in this way after trying to help the Jitsi project. I hope someone who controls the GitHub project settings reads this and can take some steps to address this situation. The whole point of a wiki is that it’s open for anyone to contribute to, and the same for Open Source in general, so I think this was a step in the wrong direction.
Yes, we have restricted edit access and the current plan is to disable it completely after a while, once all content has been migrated to the handbook.
I’m really sorry you had to find out like that, once we restricted it I had plans to put up a warning with an explanation but I forgot, apologies for that.
Now, why this? Security. We have many repos in our organization, to a point where some ill intentioned individual could update any wiki and put any information which would put our users at risk. This is not a maybe, we got it reported via our HackerOne account, and thankfully the reporter left a harmless message.
Where do we go from here? Not too long ago we started to migrate all our (scattered) documentation into a central place, The Jitsi Handbook: https://jitsi.github.io/handbook/docs/intro
It’s of course open source, and uses Markdown just like the wiki or our previous docs. The only change going forward is that changes to it need to be made as a pull request. I understand this makes the process a bit slower, but we try our best to be fast with reviews and the site is auto updated with a CI so it takes no time for the new xo tent to be available once merged.
I understand this is a bit more work than the wiki but unfortunately not everyone has good intentions such as yourself, and we need to make sure the project documentation passes some scrutiny. I hope you can see why we went on this direction.
I’ll make sure to update the wiki with a big bold note and start migrating the content to the handbook ASAP. Again, apologies for not having done this earlier.
Thanks a lot @saghul for the quick reply! Given the high quality of this project and community, I was expecting that there would be a very good reason for this change, and that it was just a minor oversight that the change wasn’t communicated in an obvious way - and I’m happy to hear that my suspicions were correct!
IMHO it is a great idea to migrate from a wiki to a centrally curated form of documentation which anyone can contribute to via peer-reviewed processed based on PRs. I have seen this work very well for many other projects, and I think that the trade-off of speed vs. quality and security is well worthwhile. So I fully support this change.
Having said that, if the change will take more than a few days to implement, a helpful stop-gap would be to give write access to the wiki for existing contributors who have already demonstrated trustworthy behaviour. I think this would be better than entirely freezing contributions for weeks or even months.
Thanks again for the quick response, and for all your work on this awesome project!
With hindsight, I think this really should have been done. For example see https://github.com/jitsi/jitsi-meet/issues/5550 in which many developments about solutions for breakout rooms have emerged since the wiki was locked, and these cannot be effectively shared and compared on Jitsi based solutions for breakout rooms · jitsi/jitsi-meet Wiki · GitHub because it is locked. This is not helping the community collaborate. I understand your concerns about security, but the reality is that anyone can paste malicious content about Jitsi anywhere on the internet. I’m not convinced that locking one wiki is going to help combat this much.
A more helpful approach to migration would be to import all the wiki pages into an appendix in the official docs, with a disclaimer that this is community-authored content and cannot be relied on 100% for accuracy etc., plus an explanation of how to submit changes via PR. Then every wiki page could be replaced with a link to the corresponding page in the wiki.
