Network traffic annotations provide transparency and auditability for the data
that Chrome sends to the network. For an introduction, please see
docs/network_traffic_annotations.md.
This folder provides tools to ensure that every operation in the code base that
requires annotation, is annotated, and annotations are sound and complete.
This is a python script that checks the repository, extracts annotations, and
performs required tests and maintenance. See more details in
tools/traffic_annotation/scripts/README.md.
Traffic Annotation Auditor uses this python script (located in
tools/traffic_annotation/scripts/extractor.py) to parse the code and extract
required data for testing and maintenance.
Network traffic annotations are tested in commit queue using
tools/traffic_annotation/scripts/check_annotations.py. This test is currently
run on Linux and Windows trybots, but may expand in future to other platforms.
To perform this test fast enough for a trybot and to avoid spamming the commit
queue if an unexpected general failure happens (see next item), trybot tests are
run in error resilient mode and only on the changed files. A more complete test
runs on an FYI bot using
tools/traffic_annotation/scripts/traffic_annotation_auditor_tests.py and
alerts if tests are not running as expected.
In the event that clang changes something that requires the tool to be rebuilt
(or for some other reason the tests don't work correctly), please disable the
trybot test by setting the TEST_IS_ENABLED flag to False in
tools/traffic_annotation/scripts/check_annotations.py, and file a bug and cc
the people listed in OWNERS; they'll be on the hook to rebuild and re-enable the
test.
tools/traffic_annotation/summary/annotations.xml keeps an up to date summary
of all annotations in the repository. This file is automatically updated by
Traffic Annotation Auditor.