Hi Infra Team and All, I have a question I wonder for some time and recently discussed in our OFBiz PMC ML.
Committers come and go. When a PMC member resign, because s/he clearly wants to stop helping on the project and want to be completely disconnect from it, her/his committer account remains active. I wonder if this is not an useless security hole. Same for no longer active committers. The difference with an active committer is s/he will never know since s/he is possibly no longer monitoring things.
A credential can be abused by an external person, that can be the beginning of much troubles we can not all imagine (hackers do)... With security holes you never know, until it bites you, so I really wonder why a committer account can not be terminated?
Thanks Jacques
