Mike Kupfer wrote: > We could implement a policy that says that all changesets must use the > correct <user>@opensolaris.org email address. This could be enforced on > the server. But we'd need to work through the implications of such a > policy, like whether the os.o email address is enabled by default or on > an opt-in basis. If it's enabled by default, we'll be adding a spam > vector, which is anti-social. If it's on an opt-in basis, we might want > to automate the current (manual) process for enabling the os.o email > address. > > We could also implement a policy that says that the changeset user name > must match the (non-os.o) email address that the user has registered.
I believe the username in .hgrc doesn't have to be an email address, so we could just make it equal to the OSO username, which might lower the spam risk slightly. We could then check it was the same as the id of the committer in one of the hooks. There's another issue though - there is no requirement that OSO and SWAN usernames match up, and there's nothing to prevent someone outside registering with a username that is the same as an existing SWAN one. This is doubtless going to cause confusion. Personally I'd prefer that we made it mandatory that OSO and SWAN userids match up, even if that means renaming some existing OSO ones. If nothing else the OSO user who registered as 'root' is going to have to change their userid if they ever want to commit to a repo ;-) -- Alan Burlison --
