Arthur T Knackerbracket has found the following story:
Microsoft's adoption of the Google-developed Chromium browser engine for Edge has resulted in a proposal to cleanse the open-source code of "potentially offensive terms."
Issue 981129 in the Chromium bug log lists a suggestion by Microsoft to “cleanup of potentially offensive terms in codebase” aims to rid the software blueprints of language such as whitelist (change to allowlist), blacklist (change to blocklist), “offensive terms using ‘wtf’ as protocol messages,” and other infelicities.
This bug report was raised by a Microsoft contributor, who stated: “We are just sharing a subset of what PoliCheck scanned for us,” Policheck being “a machine-learned model that another team manages that does context based scanning on hundreds of file formats.”
Googler Rick Byers, a Chromium engineer, gave the issue a cautious welcome, saying: "This sounds like a good strategy to me, thanks for doing this! We certainly have never intended for anything in the codebase to be potentially offensive, but I'm also not aware of anyone making an effort to find them all." He added:
I don't expect Chrome teams to necessarily make these bugs a priority (we haven't seen this pose a problem for us in practice as far as I know), but if cleaning this up is valuable for Microsoft (or any another Chromium contributor) then we should have no trouble getting the necessary code reviews (at least in the platform code). And yeah there are folks who look for GoodFirstBug and may want to pick up some easy commits.
Although changing comments or variable names in the source code is generally invisible to the user, this kind of revision can be problematic if it wrecks things like names in preferences and policies.
(Score: 4, Insightful) by Booga1 on Thursday September 05 2019, @07:42AM (4 children)
I'm not opposed to such changes as long as they actually improve readability. While it does seem like pointless political correctness the basic idea is sound.
Allowlist and blocklist do convey more direct linguistic meaning than whitelist and blacklist. Nearly everyone I can think of would know the meanings of whitelist and blacklist, but for people who don't speak English as their primary language, I can see how the alternatives are easier to understand.
(Score: 0) by Anonymous Coward on Thursday September 05 2019, @11:08AM
Yeah, but have you actually tried saying "allowlist" out loud, with a speed as if using it in a conversational sentence? At least with my lazy, West Coast American accent, that 'w' has a hard time coming through and half the time sounds more like "allollist".
(Score: 4, Insightful) by maxwell demon on Thursday September 05 2019, @02:30PM (1 child)
But a more logical counterpart to allowlist would have been denylist.
The Tao of math: The numbers you can count are not the real numbers.
(Score: 2) by Booga1 on Thursday September 05 2019, @02:51PM
Fair point, I do agree with that.
Approvedlist/deniedlist or any other context appropriate combination might also work depending on what you're trying to achieve.
(Score: 4, Insightful) by stretch611 on Thursday September 05 2019, @04:21PM
This is a pointless change other than making SJWs feel good.
And in a codebase the size of chromium, how many references to whitelist/blacklist are there? I would wager quite a few.
This is a nightmare of a job... if they make these changes and miss a single spot it will cause bugs. And with this topic, I can foresee security related bugs easily happening in code dealing with whitelist/blacklist.
Even with a good revision control system in place and good practices, all it takes is one programmer not involved in the change to use the old variable names from memory to introduce a new bug. (quite possible with the length of time there have been references to these variables used in this large codebase.)
Combined with Microsoft's less than stellar record on producing bug free code. (not that I, as a developer, expect truly bug free code, but some people produce fewer errors than others.)
Honestly, this sounds like a nightmare waiting to happen. All in a product(web browser) that needs to be secure, yet is already a security nightmare.
Now with 5 covid vaccine shots/boosters altering my DNA :P