Ricordisamoa wrote: >ALL of my OAuth applications expired without anyone noticing. Whom am I >supposed to lobby to get one approved?
Hi. This rant doesn't seem very random. :-) This sounds like <https://phabricator.wikimedia.org/T67750> (you're already subscribed). Also <https://phabricator.wikimedia.org/T61772> and <https://phabricator.wikimedia.org/T103587>. I don't really understand why an approvals process exists. When I asked in 2014, the answer was "we weren't sure how it was going to be used, and what way we would need to extend the protocol." It's been over a year and I still don't really know what that means. That same note indicated a willingness to fully re-examine the OAuth workflow, so given that it's now late 2015, here are the options I see, in order of preference: * kill the approvals queue altogether; * distribute the approvals process to the Wikimedia stewards; * distribute the approvals process to additional Wikimedia Foundation employees; or * keep the status quo. It's difficult for me to figure out how realistic option 1 (killing the queue) is because I continue to have an incomplete understanding of OAuth and specifically why an approvals process was ever put into place. Given that several Wikimedians have complained about the speed of the approvals process, it seems like option 4 (keeping the current situation) is a no-go. That leaves us with options 2 and 3 (expanding the pool of approvers) as the most straightforward choices. Even if we implemented options 2 or 3 immediately, the lack of external visibility into the queue and the lack of notifications for queue submissions would very likely also need to be addressed. Option 1 would obviate the need for such additional features, of course. MZMcBride _______________________________________________ Wikitech-l mailing list Wikitech-l@lists.wikimedia.org https://lists.wikimedia.org/mailman/listinfo/wikitech-l
