#10664 closed defect (wontfix)
Support base committer category for security
| Reported by: | jberry@… | Owned by: | jberry@… |
|---|---|---|---|
| Priority: | High | Milestone: | |
| Component: | server/hosting | Version: | |
| Keywords: | Cc: | wsiegrist@… | |
| Port: |
Description
We need to restrict commits such that:
Any commiter can change:
trunk/dports
Only "base" committers can change:
- trunk/(all other)
- downloads/
- tags/
- branches/
I'm not sure what the full set of base committers should be now, as we've certainly lost some, but for a start:
jmpp, mww, jberry, pguyot, yeled, kvv, landonf, jkh, ...?
At some point, we may need to provide access to www or docs for a broader set of users, but it's not clear to me at present that's necessary given our new documenation arrangements.
Change History (8)
comment:1 Changed 18 years ago by jberry@…
| Summary: | Support base committer category → Support base committer category for security |
|---|---|
| Type: | defect → task |
comment:2 Changed 18 years ago by kvv@…
| Status: | new → assigned |
|---|
comment:3 Changed 17 years ago by nox@…
| Priority: | Important → High |
|---|---|
| Type: | task → defect |
comment:4 Changed 16 years ago by wsiegrist@…
| Owner: | changed from kvv@… to wsiegrist@… |
|---|---|
| Status: | assigned → new |
comment:5 Changed 16 years ago by wsiegrist@…
| Owner: | changed from wsiegrist@… to jberry@… |
|---|
Email me a map of directories to lists of users and I'll implement this. I dont need the list of committers, you can just call them "committers". For admin, base, whatever-else, I'll need a list (of email addresses registered as MacOSForge).
comment:7 Changed 15 years ago by raimue (Rainer Müller)
| Milestone: | → Website & Documentation |
|---|---|
| Resolution: | → wontfix |
| Status: | new → closed |
I think this limitation would restrict committers from doing base development. As we have version control, I don't fear any malicious commits we would miss. Developers should be responsible enough to submit patches as a ticket first if they are unsure if it should be committed.
comment:8 Changed 15 years ago by (none)
| Milestone: | Website & Documentation |
|---|
Milestone Website & Documentation deleted
Stealing kvv's tickets... I'll do some research on the options for this.