W dniu czw, 12.07.2018 o godzinie 15∶52 +1200, użytkownik Kent Fredric napisał: > On Mon, 09 Jul 2018 10:40:22 +0200 > Michał Górny <mgo...@gentoo.org> wrote: > > > Hi, > > > > We currently don't enforce any particular standard for e-mail addresses > > for developers committing to gentoo.git. FWICS, the majority of > > developers is using their @gentoo.org e-mail addresses. However, a few > > developers are using some other addresses. > > > > Using n...@gentoo.org e-mail addresses generally causes problems > > in accounting for commits. For example, our retirement scripts can't > > detect commits made using non-Gentoo e-mail address. My dev-timeline > > scripts [1] account for all emails in LDAP (which doesn't cover all > > addresses developers use). FWIK gkeys accounts for all addresses > > in the OpenPGP key UIDs. In my opinion, that's a lot of hoops to jump > > through to workaround bad practice. > > > > Therefore, I'd like to start enforcing (at the level of the hook > > verifying signatures) that all commits made to gentoo.git (and other > > repositories requiring dev signatures) are made using @gentoo.org e-mail > > address (for committer field). > > > > Is anyone opposed to that? Does anyone know of a valid reason to use > > n...@gentoo.org address when committing? > > > > [1]:https://dev.gentoo.org/~mgorny/dev-timeline.html > > > > There's one fun problem here technologically for proxy-maint, but > getting the conditions right for it to occur happen very rarely. > > 1. Assume the proxied maintainer has a git repo, where they commit > themselves. > > 2. Assume their proxy has said git repo as an alternative remote, for > which they relay work. ( That is, they work closely together directly > instead of via github pull requests and textual patches ) > > 3. ::gentoo is quiet, and the proxied maintainer has rebased their own > work on top of ::gentoo, setting Committer: metadata and signing > commits. > > Then, in that situation, it is trivial for the proxy to relay those > commits verbatim to ::gentoo, without changing either Committer: or > signature data.
...and the git hook would've rejected them because they aren't signed by a Gentoo developer. -- Best regards, Michał Górny
signature.asc
Description: This is a digitally signed message part
