FAQ Search Today's Posts Mark Forums Read
» Video Reviews

» Linux Archive

Linux-archive is a website aiming to archive linux email lists and to make them easily accessible for linux users/developers.


» Sponsor

» Partners

» Sponsor

Go Back   Linux Archive > Redhat > Fedora Advisory Board

 
 
LinkBack Thread Tools
 
Old 02-11-2008, 03:14 AM
"Jon Stanley"
 
Default Bugzilla permissions - cla_done required?

Bringing up an old topic here that was recently decided in FESCo[1]
and also discussed at FUDCon RDU - escalating to FAB per request.

As most of you know, I'm leading an effort to relaunch the bug triage
project. We had decided that cla_done would be a requirement for a
few reasons:

1) Ability to use items in release notes, documentation, etc.
a) Although anyone can make a comment on the bug, only folks in the
'fedorabugs' group in FAS (which maps to fedora_contrib in bugzilla)
can set the fedora_requires_release_note flag. This gets the bug
special attention from the docs team.
2) Wiki edit access requirement. In the future this will be going to
a click-through CLA, which I think is also appropriate for 1.

There's also the argument that signing the CLA is a (minor) technical
hurdle for new triagers to overcome. While this is valuable, I also
think that other things could be used in it's place (open to
suggestions here) to demonstrate technical ability.

The argument that came to light, and was discussed on
fedora-devel-list[2] that FAS requires "too much" personal information
(i.e. home address, phone number, etc) in order to sign up for an
account and sign the CLA. Access to bugzilla is controlled via FAS,
therefore, without an FAS account, access to triage bugs is a
non-starter.

So the question here is whether cla_done is required in order to
belong to the 'fedorabugs' group in FAS? My vote is 'yes' for the
reasons listed above for now, revisit with FAS2, as was decided at
FESCo.

[1] http://fedoraproject.org/wiki/Extras/SteeringCommittee/Meeting-20080124
[2] https://www.redhat.com/archives/fedora-devel-list/2008-January/msg03034.html

_______________________________________________
fedora-advisory-board mailing list
fedora-advisory-board@redhat.com
http://www.redhat.com/mailman/listinfo/fedora-advisory-board
 
Old 02-11-2008, 12:18 PM
"Karsten 'quaid' Wade"
 
Default Bugzilla permissions - cla_done required?

On Sun, 2008-02-10 at 23:14 -0500, Jon Stanley wrote:
> Bringing up an old topic here that was recently decided in FESCo[1]
> and also discussed at FUDCon RDU - escalating to FAB per request.
>
> As most of you know, I'm leading an effort to relaunch the bug triage
> project. We had decided that cla_done would be a requirement for a
> few reasons:
>
> 1) Ability to use items in release notes, documentation, etc.
> a) Although anyone can make a comment on the bug, only folks in the
> 'fedorabugs' group in FAS (which maps to fedora_contrib in bugzilla)
> can set the fedora_requires_release_note flag. This gets the bug
> special attention from the docs team.
> 2) Wiki edit access requirement. In the future this will be going to
> a click-through CLA, which I think is also appropriate for 1.

Here is the most comprehensive guide to how we apply the CLA:

http://fedoraproject.org/wiki/Legal/CLAAcceptanceHierarchies

The cut-off line for GPG-signed is, "Does this contribution go directly
into source control for the distro?" While the higher level of
assurance is for when a contribution goes directly into a distro, any
contribution needs to be under some kind of agreement.

Bugzilla is not on there for several reasons, as I recall. The fact
that bugzilla.redhat.com is used by Red Hat for business makes it
difficult for Fedora to dictate the terms of usage. The Fedora CLA
can't really be a barrier to e.g. getting a bugzilla.r.c account.

Also, bz work falls somewhere between "Mailing list member" and "Wiki
contributor." The former is a discussion and information exchange, the
later is a contribution of content, such as a patch.

Typically, the bz report itself has served the purpose of making it
clear the patch was a contribution, etc.

For bug triagers, it seems to make sense to, as you say, capture them
with a click-through CLA. That way we can be assured that content can
then be moved to e.g. source control.

> There's also the argument that signing the CLA is a (minor) technical
> hurdle for new triagers to overcome. While this is valuable, I also
> think that other things could be used in it's place (open to
> suggestions here) to demonstrate technical ability.

Yes, we hear a lot that it is too difficult.

We've got a good doc on how-to:

http://fedoraproject.org/wiki/DocsProject/UsingGpg

I'm not arguing that it's ideal, but it is a fair barrier at a certain
point. Maybe not for triagers, though.

> The argument that came to light, and was discussed on
> fedora-devel-list[2] that FAS requires "too much" personal information
> (i.e. home address, phone number, etc) in order to sign up for an
> account and sign the CLA. Access to bugzilla is controlled via FAS,
> therefore, without an FAS account, access to triage bugs is a
> non-starter.

I'm going to trust Red Hat's lawyers when they say they need that
information in order to have the level of assurance to distribute a
contribution. If we need to get a hold of a contributor for any
legitimate reason, it'll be a bummer if they really don't live at 123
Main Street, Anywhere, USA.

> So the question here is whether cla_done is required in order to
> belong to the 'fedorabugs' group in FAS? My vote is 'yes' for the
> reasons listed above for now, revisit with FAS2, as was decided at
> FESCo.

I missed this part. FESCo has already decided how they want this
handled? And some folks aren't happy with that situation?

Without FAS2, I don't see a way around this. That is, I guess something
of a click-through CLA could be hacked up, by why spend the time on that
over finishing FAS2?

- Karsten
--
Karsten Wade, Developer Community Mgr.
Dev Fu : http://developer.redhatmagazine.com
Fedora : http://quaid.fedorapeople.org
gpg key : AD0E0C41
_______________________________________________
fedora-advisory-board mailing list
fedora-advisory-board@redhat.com
http://www.redhat.com/mailman/listinfo/fedora-advisory-board
 
Old 02-11-2008, 03:08 PM
"Jon Stanley"
 
Default Bugzilla permissions - cla_done required?

On Feb 11, 2008 8:18 AM, Karsten 'quaid' Wade <kwade@redhat.com> wrote:

> Bugzilla is not on there for several reasons, as I recall. The fact
> that bugzilla.redhat.com is used by Red Hat for business makes it
> difficult for Fedora to dictate the terms of usage. The Fedora CLA
> can't really be a barrier to e.g. getting a bugzilla.r.c account.

Not a barrier for obtaining an account, no. Even if we had our own
bugzilla instance (whihc I'm not advocating), it would be downright
silly to require a CLA to obtain a bz account. However, we can
require whatever we want in order to give additional access to bz
(which is entirely in Fedora's control)

> Also, bz work falls somewhere between "Mailing list member" and "Wiki
> contributor." The former is a discussion and information exchange, the
> later is a contribution of content, such as a patch.

To be an effective triager you need to be a wiki contributor - I
really equate the two on about the same level, or maybe
>
> Typically, the bz report itself has served the purpose of making it
> clear the patch was a contribution, etc.
>
> For bug triagers, it seems to make sense to, as you say, capture them
> with a click-through CLA. That way we can be assured that content can
> then be moved to e.g. source control.
>
> > There's also the argument that signing the CLA is a (minor) technical
> > hurdle for new triagers to overcome. While this is valuable, I also
> > think that other things could be used in it's place (open to
> > suggestions here) to demonstrate technical ability.
>
> Yes, we hear a lot that it is too difficult.
>
> We've got a good doc on how-to:
>
> http://fedoraproject.org/wiki/DocsProject/UsingGpg
>
> I'm not arguing that it's ideal, but it is a fair barrier at a certain
> point. Maybe not for triagers, though.
>
> > The argument that came to light, and was discussed on
> > fedora-devel-list[2] that FAS requires "too much" personal information
> > (i.e. home address, phone number, etc) in order to sign up for an
> > account and sign the CLA. Access to bugzilla is controlled via FAS,
> > therefore, without an FAS account, access to triage bugs is a
> > non-starter.
>
> I'm going to trust Red Hat's lawyers when they say they need that
> information in order to have the level of assurance to distribute a
> contribution. If we need to get a hold of a contributor for any
> legitimate reason, it'll be a bummer if they really don't live at 123
> Main Street, Anywhere, USA.
>
> > So the question here is whether cla_done is required in order to
> > belong to the 'fedorabugs' group in FAS? My vote is 'yes' for the
> > reasons listed above for now, revisit with FAS2, as was decided at
> > FESCo.
>
> I missed this part. FESCo has already decided how they want this
> handled? And some folks aren't happy with that situation?
>
> Without FAS2, I don't see a way around this. That is, I guess something
> of a click-through CLA could be hacked up, by why spend the time on that
> over finishing FAS2?
>
> - Karsten
> --
> Karsten Wade, Developer Community Mgr.
> Dev Fu : http://developer.redhatmagazine.com
> Fedora : http://quaid.fedorapeople.org
> gpg key : AD0E0C41
>
> _______________________________________________
> fedora-advisory-board mailing list
> fedora-advisory-board@redhat.com
> http://www.redhat.com/mailman/listinfo/fedora-advisory-board
>
>



--
Jon Stanley
Fedora Bug Wrangler
jstanley@fedoraproject.org

_______________________________________________
fedora-advisory-board mailing list
fedora-advisory-board@redhat.com
http://www.redhat.com/mailman/listinfo/fedora-advisory-board
 
Old 02-11-2008, 03:20 PM
"Jon Stanley"
 
Default Bugzilla permissions - cla_done required?

Sent the prior one way too soon (GMail keyboard shortcuts did that for me ).

On Feb 11, 2008 8:18 AM, Karsten 'quaid' Wade <kwade@redhat.com> wrote:

> Also, bz work falls somewhere between "Mailing list member" and "Wiki
> contributor." The former is a discussion and information exchange, the
> later is a contribution of content, such as a patch.

Or a release note, or anything else really. We are not the only
distribution that requires signing an agreement in order to gain full
access to triage bugs[1]. In fact, Ubuntu's requirements are much
more onerous than ours. We basically say cla_done and you're in.
They obviously have a whole different set of requirements.

> I missed this part. FESCo has already decided how they want this
> handled? And some folks aren't happy with that situation?

Correct. At the 1/24 meeting[2], there was quite lively discussion of
this. It was decided that for now we would require cla_done, and
revisit when FAS2 comes around.

> Without FAS2, I don't see a way around this. That is, I guess something
> of a click-through CLA could be hacked up, by why spend the time on that
> over finishing FAS2?

Agreed. I'm just the messenger

[1] https://wiki.ubuntu.com/UbuntuBugControl
[2] http://fedoraproject.org/wiki/Extras/SteeringCommittee/Meeting-20080124

_______________________________________________
fedora-advisory-board mailing list
fedora-advisory-board@redhat.com
http://www.redhat.com/mailman/listinfo/fedora-advisory-board
 
Old 02-11-2008, 03:27 PM
"Paul W. Frields"
 
Default Bugzilla permissions - cla_done required?

On Mon, 2008-02-11 at 05:18 -0800, Karsten 'quaid' Wade wrote:
> On Sun, 2008-02-10 at 23:14 -0500, Jon Stanley wrote:
> > The argument that came to light, and was discussed on
> > fedora-devel-list[2] that FAS requires "too much" personal information
> > (i.e. home address, phone number, etc) in order to sign up for an
> > account and sign the CLA. Access to bugzilla is controlled via FAS,
> > therefore, without an FAS account, access to triage bugs is a
> > non-starter.
>
> I'm going to trust Red Hat's lawyers when they say they need that
> information in order to have the level of assurance to distribute a
> contribution. If we need to get a hold of a contributor for any
> legitimate reason, it'll be a bummer if they really don't live at 123
> Main Street, Anywhere, USA.

As a side note, I don't think we have any process to allow someone to
notify us of a change of address.

> > So the question here is whether cla_done is required in order to
> > belong to the 'fedorabugs' group in FAS? My vote is 'yes' for the
> > reasons listed above for now, revisit with FAS2, as was decided at
> > FESCo.
>
> I missed this part. FESCo has already decided how they want this
> handled? And some folks aren't happy with that situation?
>
> Without FAS2, I don't see a way around this. That is, I guess something
> of a click-through CLA could be hacked up, by why spend the time on that
> over finishing FAS2?

If I've heard correctly thus far, FAS2 should debut in some form around
the beginning of March.

--
Paul W. Frields http://paul.frields.org/
gpg fingerprint: 3DA6 A0AC 6D58 FEC4 0233 5906 ACDB C937 BD11 3717
http://redhat.com/ - - - - http://pfrields.fedorapeople.org/
irc.freenode.net: stickster @ #fedora-docs, #fedora-devel, #fredlug
_______________________________________________
fedora-advisory-board mailing list
fedora-advisory-board@redhat.com
http://www.redhat.com/mailman/listinfo/fedora-advisory-board
 
Old 02-11-2008, 03:37 PM
Christopher Aillon
 
Default Bugzilla permissions - cla_done required?

On 02/11/2008 11:27 AM, Paul W. Frields wrote:

As a side note, I don't think we have any process to allow someone to
notify us of a change of address.



They can modify their address via
https://admin.fedoraproject.org/accounts/userbox.cgi


_______________________________________________
fedora-advisory-board mailing list
fedora-advisory-board@redhat.com
http://www.redhat.com/mailman/listinfo/fedora-advisory-board
 
Old 02-11-2008, 03:59 PM
"Paul W. Frields"
 
Default Bugzilla permissions - cla_done required?

On Mon, 2008-02-11 at 11:37 -0500, Christopher Aillon wrote:
> On 02/11/2008 11:27 AM, Paul W. Frields wrote:
> > As a side note, I don't think we have any process to allow someone to
> > notify us of a change of address.
> >
>
> They can modify their address via
> https://admin.fedoraproject.org/accounts/userbox.cgi

Just so, thanks.

--
Paul W. Frields http://paul.frields.org/
gpg fingerprint: 3DA6 A0AC 6D58 FEC4 0233 5906 ACDB C937 BD11 3717
http://redhat.com/ - - - - http://pfrields.fedorapeople.org/
irc.freenode.net: stickster @ #fedora-docs, #fedora-devel, #fredlug
_______________________________________________
fedora-advisory-board mailing list
fedora-advisory-board@redhat.com
http://www.redhat.com/mailman/listinfo/fedora-advisory-board
 

Thread Tools




All times are GMT. The time now is 08:37 PM.

VBulletin, Copyright ©2000 - 2014, Jelsoft Enterprises Ltd.
Content Relevant URLs by vBSEO ©2007, Crawlability, Inc.
Copyright 2007 - 2008, www.linux-archive.org