I finally got around to publishing my post on the development process that I’m looking to try and use here, so I’d recommend having a read of the post. I think we’re off to a fairly good start already, so thanks for being awesome so far. 🙂

Heads up: no team meeting this week, but I’ll be publishing a blog post on some process and meta issues instead. Does anyone have anything they’d like to raise in lieu of the meeting?

At the meeting this morning, I articulated some of my thoughts about this o2 and what it’s meant to be. Basically, IRC meetings are typically horrible, and make/core is more of a blog, so this is intended to fill the gap and act as a home for discussion. (Imagine it as a sort of mailing list.) The less we can worry about making it to a meeting on time, the more we can worry about getting the job done. (Don’t worry though, I’ll be available for office hours on IRC every week at this time.) Along those lines, please post whenever you have a question, idea, or something general to discuss.

So, now for that discussion. Summer of Code officially ended today, so I can start giving you commit access to the project. I’ll get that set up in the next week or so and mention the best way for development to work. Out of interest, who’s familiar with git, and/or who would prefer to use Subversion?

We also need to discuss authentication. At the moment, the API only supports Basic authentication. The idea here was to implement the most basic thing that would work, and leave everything else to plugins. From the feedback I’ve had though, this might not be enough, and implementing some sort of token-based authentication might be needed. I’m hesitant to do this, given the size of the code needed to deal with it, so I’d love to hear your thoughts on it.

I also have a collection of random thoughts about items we might need to look at.

• Mobile team meetings: The next mobile team meeting is on Monday 24th at 16:00 UTC; can anyone make it there? I’d love to hear feedback from them and ensure they’re involved as much as possible, as they’ll be one of the big consumers of the API.
• Beginning core integration: The API has a bunch of functions that are basically transforming internal data into external, serialisable data, and vice versa. These aren’t particularly specific to the API (and in fact, I’m sure wp-cli would love these), so they’re prime candidates for initial integration into core. Likewise for various helper functions (datetime handling is a big one there).
• Front-end Editor: One of the other Features as Plugins is a Front-end Editor. This is still in the “investigating” phase right now, but I’ve suggested that it’d be a great candidate for using the API. I don’t want to hold up other teams pending our work, but seems like it could be a good place to work together.
• Twenty Fifteen? Aiming for integration in Q1 2014, we might want to start thinking long term about pushing theme developers towards using the API for more interactive themes. A core theme based on the API would be great for this.

I’ll be making a post on make/core shortly summarising what I’ve done in the past week, but figured I’d give you guys the scoop. Along with some CPT-related stuff, I’ve spent the past week reworking the documentation for the plugin and I’d love to hear your feedback on it. For any of you who haven’t had a chance to mess with the API yet, I’d be interested to hear what you think of the documentation, and if there’s anything in there we can start to improve on.

As a reminder, our next meeting is on Monday 23rd at 21:00 UTC (Tuesday 07:00 AEST, Monday 17:00 EST, Monday 14:00 PST). Plan for this week is for me to start working on getting you guys set up to start hacking, discuss options and meta, and make a decision on authentication. Again, let me know if you’ve got any ideas for the agenda for this week.

The first meeting was held this morning; thanks to those of you who made it. (I realise that the previous post actually linked to the time for next week, so apologies to those who didn’t realise it was today.) For those who missed it, please check out the logs.

We discussed the timeline for core integration and noted that while the 3.8 integration phase is pretty close, 3.9 will be Q1 2014 and is a better (albeit less solid) target to aim for. We decided that the following items should be in-scope for the first version:

• Taxonomies
• Users (although maybe only basic handling will be required here)
• Options
• Meta
• Multisite

With regards to the options and meta APIs, we’ll need to decide on a whitelist/blacklist approach there. (Nacin helpfully mentioned the register_meta() and is_protected_meta() functions designed for this purpose.) We also need to think about how we handle serialized data there. It was mentioned that the dotcom/Jetpack API uses a custom filter here instead, but I think we should rely on the built-in ones with an additional filter on top.

The topic of authentication also came up. While OAuth 2 is out (it requires HTTPS), OAuth 1 is a frontrunner for core integration here. I’m hesitant to give a definite answer on whether this would be included in core or in a plugin (due to the complexity), but this is something we’ll need to discuss in the future more. (I also have a plugin that does OAuth 1, which could give us a nice start there in either case.)

Next meeting (Monday 24th at 21:00 UTC), we’ll start to hash out meta/option handling and get back to the authentication issue. (Also note that next week we’ll have the meeting in #wordpress-dev instead.) In the mean time, watch out for a post on how to get started contributing since we can start writing code now.

Any comments/thoughts on the meeting items (scope specifically)?