incubator-lucy-dev mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From Marvin Humphrey <mar...@rectangular.com>
Subject [lucy-dev] RFC: Grant all ASF Committers Lucy SVN karma
Date Fri, 02 Dec 2011 00:28:12 GMT
Greets,

I'd like to propose that the Lucy podling consider nuking our Subversion authz
entry, allowing anyone who is a Committer at the ASF to commit to the Lucy
corner of the ASF repository.

There are two primary rationales for making this change.  First, we make life
easier for Infra -- especially if other projects follow our lead.  Second, we
lower the barrier to entry for other ASF committers to contribute to Lucy.

Of course we would still have a soft rule in place that significant changes
must be run through lucy-dev first, but we would trust other committers to
follow this rule rather than enforce it through access control as we do today.

Security is not a problem.  For this to work, we have to monitor our commits
list closely -- but any project that doesn't monitor its commits list closely
doesn't deserve to live at the ASF in the first place.  The bare minimum
effort is just to watch the sender address for looking for unfamiliar apache
ids.  Anything that we catch and don't like, we can just revert.

Provenance tracking is not a problem either -- anybody who has ASF commit
privileges has an iCLA on file.  

Various people throughout the ASF are on record supporting the liberalization
of repository permissions, including Board member Roy Fielding and Lucy
Mentors Joe Schaefer and Chris Mattmann.  Roy recently wrote to
general@incubator urging that the all Incubator committers be given commit
access to all podlings:

    http://s.apache.org/0HY

    I *suggest* that incubator change the procedure such that all committers
    (or at least all committers within a single LDAP group) have access to all
    incubator areas and that new people simply be requested to only commit
    within areas for which they have been given permission by the podling
    developers. 

Joe and I believe that we should go one step further and grant access to the
entire ASF committer community.  Neither Joe, nor I, nor Gavin MacDonald
foresee serious problems.  There may be Incubator-specific bookkeeping issues
that arise, as discussed in the followups to Roy's post, but those shouldn't
block us on principle.

>From what Joe tells me, other ASF communities have discussed making such a
change, but we would be the first to actually go through with it.

If we have general consensus, I will call a VOTE proposing that we liberalize
our authz to the maximum extent possible within the practical constraints of
the Incubator.

Marvin Humphrey


Mime
View raw message