Arch Lunch: 2019-12-12


  • User ID to be sent to a third party? (Albert (AJ) St. Aubin (Deactivated))
    • I would like to propose adding a randomly generated UUID to identify our users for sharing with external sources and third parties like our coaching partner.
    • I do not believe this is counter to OEP-32 mainly because sharing user ID with a third party is not covered in the OEP. 
    • Our suggestion is to add a column in the database that is tied to the user_id and adding a UUID for every user.
    • Came up in context of coaching - need to provide user identifier to vendor
    • Why does OEP-32 recommend user_id instead of a UUID?
      • Too large of a change to switch everything to a UUID
      • Many things already using user_id
      • Information gained by use of an auto-incremented ID mostly a non-issue for internal service communication
    • Data shared with vendor is potentially a separate issue from URL structures involving user_id
    • Existing AnonymousUserId too closely tied to PII and secrets that may need to be rotated in the future
    • May be able to generate these IDs lazily, on MicroBachelor's enrollment
    • Unique identifier, not anonymous (vendor also has full name and other PII)
    • A generic approach to mapping user + context → identifier could be useful
    • Context may be its own table with associated metadata
  • Changelogs (Ned Batchelder (Deactivated))
    • What would it take for us to maintain curated customer-perspective changelogs in our repos?
    • Logistics
      • File has to exist
      • Make clear how to add to the changelog
    • Cultural change
      • Need linting to make people change
    • Git commit messages are not a changelog
    • Be explicit in each repo about who will be reading the changelog
    • Need guidance so that people know what kind of entries to make
    • Have to consider both semver and calver repos

Action Items

  • Type your task here, using "@" to assign to a user and "//" to select a due date