On Thu, 2019-05-23 at 17:17 +0200, Richard Levitte wrote: > On Thu, 23 May 2019 16:25:07 +0200, > Salz, Rich wrote: > > I understand that OpenSSL is changing things so that, by mechanism > > (and maybe by policy although > > it’s not published yet), two members of the same company cannot > > approve the same PR. That’s > > great. (I never approved Akamai requests unless it was trivial > > back when I was on the OMC.) > > We mostly seem to agree that it's morally dubious to approve stuff > from people of the same company, and as far as I've heard so far, > it's > to ensure that the project's interests are over-ridden by company > interests (including involuntary bias, which no one is really free > from).
Does this also apply to non-committers submitting a PR being the same company as one of the two required reviewers? I would have a problem if there was only a single review required for non-committers but given there are two reviews required one of them being from OMC member I would not see much conflict of interest. > > Should this policy be extended to OpenSSL’s fellows? > > I believe it's assumed that fellows have the project's interests in > mind before any other work, so no conflicting bias there, i.e. not > quite the same. If this is a possible point of dispute, we should > discuss it, of course. +1 - I also don't see the reasons for conflict of interest applying to fellows. -- Tomáš Mráz No matter how far down the wrong road you've gone, turn back. Turkish proverb [You'll know whether the road is wrong if you carefully listen to your conscience.]