On 16/04/13 17:17, Olemis Lang wrote:
On 4/16/13, Joachim Dreimann <[email protected]> wrote:
On 16 April 2013 16:34, Ryan Ollos <[email protected]> wrote:
On Thu, Apr 11, 2013 at 9:01 AM, Joachim Dreimann <
[email protected]> wrote:
[...]
Yes, I think that we should be concerned that our barrier to posting an
issue or other contribution may be too high at the moment. If I came to
the
site and couldn't immediately register and create a ticket, I may go away
and never report the issue.
I am very concerned by this and would probably do the same as you. In fact
I may not even bother to register. If registration is required I usually
look for a project twitter account and send them a tweet reporting the bug.
I second that . I've been concerned about this for a long while . In
my real life connected experience
1. I do not fill sign up forms in web sites . That's what
OpenId is for . Bloodhound has been the exception
since many years ago .
2. Forbid users to send us bug reports is something I
do not understand . The way I see it users are contributing
back to us . That makes no sense to me . IMO authenticated
users should be granted with permissions to
interact with the i.a.o/bh web site .
If they reply to me with something like "Thanks, but we won't take action
unless you resubmit via our website after registration" I know they value
process over action and will avoid dealing with them in future.
Definitely sure . Besides *they* are deliberately wasting your time
... I'd rather send them a message saying «welcome to the new open web
fellows»
Whether or not it seems silly, as far as I am concerned we pick up bug
reports however they are posted. I haven't noticed any bugs sent through
twitter but I strongly suspect that we would at least take some notice!
Sending reports to the dev or user mailing lists is fine after all.
I'll look into what we might do and propose some additional suggestions
as
part of the work on #503.
The guys who setup trac-hacks felt that registration was even too high of
a
barrier, so it's possible to create an anonymous ticket on that site.
That
comes with other problems that I won't go into here, but I'll just say
that
spam is not a significant problem on trac-hacks.org, even though we are
still running a very old version of SpamFilterPlugin. I monitor the RSS
feed for both trac-hacks.org and trac.edgewall.org and see only a dozen
or
so instances of spam per week on each site; sometimes more, sometimes
none.
Cleaning up the spam on the former doesn't take up much of my time - I
just
spend a few minutes reviewing the RSS feed each morning and delete any
spam
that has come through.
I also review ticket changes / user registrations for spam. I haven't seen
any evidence of it in significant numbers. That includes spam registrations
that our current system doesn't prevent.
I would grant every new registration permissions to create and comment on
tickets by default and try to catch out bots using some basic techniques
that users would never see (ie no captcha).
fwiw +
right now it's incredibly important for us to attract user interest
than dealing with «non-significant» spamming threats .
It is impossible to know whether the non-significance of spam threats is
a result of the current policy. However, I am not particularly happy
with the situation either.
The current situation on https://issues.apache.org/jira/ is that:
"Anyone is free to find issues. You must register and login if you
want to create, comment, vote, or watch issues. Only developers can
edit, prioritize, schedule and resolve issues."
The last part of that seems completely reasonable and we should probably
be enforcing that anyway. As for registration there, it does require a
capcha and we can clearly replicate that, allowing accounts to raise and
comment on tickets. It would be even better if we could allow tickets to
be raised and commented on by anonymous users and it also appears to be
possible to do this with a capcha if we like. The advantage of
registering an account may then just be to stop having to answer capchas!
I think I have already mentioned that I am not a fan of capchas but that
is just me and clearly I will not have to be dealing with it!
Cheers,
Gary
