2007/7/19, MLA-Gobo <[EMAIL PROTECTED]>: > On Thursday 19 July 2007 16:24, Jonas Karlsson wrote: > > 2007/7/19, MJ Ray <[EMAIL PROTECTED]>: > > > "Jonas Karlsson" <[EMAIL PROTECTED]> wrote: > > > > *All* users should be able to commit to trunk using the > > > > CommitRecipe/ContributeRecipe (name open to discussion) [...] > > > > > > My thoughts: > > > > > > This should be done by an email robot, to avoid everyone needing a > > > correctly-configured copy of Subversion installed. > > > > Yes, that's was actually an idea I have as well, that one should be > > able to configure CommitRecipe/ContributeRecipe (still just name > > suggestions) send recipes through smtp. Problems with smtp is that the > > user has to configure a smtp server, unless we set up an (half) open > > smtp server on an alternative port, which isn't blocked by any ISP:s. > What about emailing through the user's existing email program? I know > that's easy to do with KMail (just make some calls through DCOP), although I > don't know about Thunderbird. Alternately, just tell people to send their > recipes to [EMAIL PROTECTED] All email that is sent to that address > is automatically scanned to see if it contains a valid recipe and, if so, the > recipe is then stored in "Untrusted" until someone has a chance to verify it. > Using existing e-mail program won't work, as there are too many flavours of e-mail clients out there. If it should be done automatically it has to be done through smtp.
> > > Recipes should probably be committed to a branch called "untrusted" or > > > similar, until reviewed by a connected developer. > > > > I don't think that it would be wron to commit directly into trunk, as > > recipes in trunk isn't used and only revisions are published, which > > are reviewed. > I don't know...I think that it would still be better to have someone > review it, just in case some joker comes along and tries to mess with the > system. I've thought about this and my view is that I regard usability higher than security. My arguments are that 1) Trunk is only for commits and not used for Compile, therefore changes there wont hurt. 2) It's SCV, no problems reverting. 3) You have to use the tools alternatively extract the user to be able to commit, which should, at least, make a small hurdle for sabotage (admittely not that high, but hopefully high enough). And what's the worst thing that could happen? -- /Jonas _______________________________________________ gobolinux-devel mailing list gobolinux-devel@lists.gobolinux.org http://lists.gobolinux.org/mailman/listinfo/gobolinux-devel
