(moving the conversation to scm-migration-dev) >>>>> "Alan" == Alan Burlison <Alan.Burlison at sun.com> writes:
Mike> As far as people using bogus email addresses with Mercurial, it's Mike> technically possible, but then it's also possible for people to Mike> commit something other than what they got code reviewed. If someone Mike> abuses their commit privileges, they may find that they don't have Mike> commit privileges much longer. IIRC, we did discuss on Mike> scm-migration-dev whether to require that all commits be done as Mike> user at opensolaris.org. I think we decided it wasn't worth it. Alan> The problem is that if we don't traceability becomes more Alan> difficult as there's no easy way to tie the committer back to the Alan> opensolaris user database. One option would be to add a changegroup hook that records the committer's login and changeset ID(s) in a log file somewhere. That would still require some additional work for someone doing an audit, but I don't know that we need to optimize for that case. Alan> Is there any way we can configure this to happen 'automagically' Alan> on the server site, e.g. ignore what they use in their .hgrc and Alan> use their unix username? (which is the same as their OSO Alan> username). My understanding is that the user name is part of the changeset. The server must treat the changeset as immutable, so I believe the answer is "no". We could implement a policy that says that all changesets must use the correct <user>@opensolaris.org email address. This could be enforced on the server. But we'd need to work through the implications of such a policy, like whether the os.o email address is enabled by default or on an opt-in basis. If it's enabled by default, we'll be adding a spam vector, which is anti-social. If it's on an opt-in basis, we might want to automate the current (manual) process for enabling the os.o email address. We could also implement a policy that says that the changeset user name must match the (non-os.o) email address that the user has registered. mike
