On Wed, 2015-11-11 at 11:27 +0000, Daniel Gruno wrote: > Does this sound like a good idea, or complete overkill?
I have long thought we might employ an alternative scheme akin to a "planet" aggregator. Make the module index an aggregator from module authors providing and maintaining their own descriptions as DOAP files. That way an author doesn't have to go through any manual process or moderation to update entries, and the admin burden is reduced. We still have to bootstrap new authors wanting us to aggregate their DOAP URLs. We could fully automate it for committers by auto-approving apache.org URLs, leaving a much reduced space for manual moderation and still vulnerable to spam attacks. Then we can reduce that further by requiring oauth as you suggest. And once the OpenMiracl podling has a TA up-and-running, we can deploy that to help open a wider circle of strong trust. Just a thought. -- Nick Kew
