+1 from me. I don't see a problem with supporting only GitHub OAuth in this case. Django is hosted on GitHub, and any code contribution (which is ultimately what Trac is all about) will happen via GitHub, so it seems quite natural to me to support GitHub OAuth rather than any other arbitrary OAuth provider. (Not that I'd be opposed if someone wanted to add support for other providers, just that I don't think this initiative should be held up on that basis.)
Carl On 08/06/2014 03:30 PM, Tim Graham wrote: > I proposed the idea a couple months ago and got several +1's. The main > concern was from Shai, "not quite -1, but a strong -0 on "blessing" any > single oAuth provider. GitHub is fine, but so are Google, StackExchange, > and even the Evil Empires(TM)." > > https://groups.google.com/d/msg/django-developers/g728g23VI2E/whaVBdxSAlYJ > > On Wednesday, August 6, 2014 5:18:38 PM UTC-4, Aymeric Augustin wrote: > > Hello, > > If you’re subscribed to django-updates, you may have noticed that > some spam is getting through since a few days. This is a negligible > percentage of the amount of spam our defenses are fending off (about > 4000 / day) but it’s annoying. > > We're allowing anonymous bug reports because the process to create > and activate a djangoproject.com <http://djangoproject.com> account > is too cumbersome. You must go to www.djangoproject.com > <http://www.djangoproject.com>, register, get an email, and then go > back to Trac and log in. > > In order to fix the spam problem while maintaining an easy workflow, > I’m proposing to require GitHub auth for all “write” operations: > creating a ticket, adding a comment, etc. Most people interested in > Trac should have a GitHub account already. > > The main downside is that we’re switching to a different set of > usernames. If a person doesn’t have the same username on Trac and on > GitHub, comments made before and after the switch will appear under > different names. However, we already have that problem when people > forget to login and it isn’t that bad. We’ll also have to audit > usernames of the fifty people who have admin permissions. > > As another upside, people won’t have to remember their Trac username > and password anymore. > > What do you think? > > -- > Aymeric. > > -- > You received this message because you are subscribed to the Google > Groups "Django developers" group. > To unsubscribe from this group and stop receiving emails from it, send > an email to django-developers+unsubscr...@googlegroups.com > <mailto:django-developers+unsubscr...@googlegroups.com>. > To post to this group, send email to django-developers@googlegroups.com > <mailto:django-developers@googlegroups.com>. > Visit this group at http://groups.google.com/group/django-developers. > To view this discussion on the web visit > https://groups.google.com/d/msgid/django-developers/39b51ddd-7eac-4087-bde4-d798c1728e2d%40googlegroups.com > <https://groups.google.com/d/msgid/django-developers/39b51ddd-7eac-4087-bde4-d798c1728e2d%40googlegroups.com?utm_medium=email&utm_source=footer>. > For more options, visit https://groups.google.com/d/optout. -- You received this message because you are subscribed to the Google Groups "Django developers" group. To unsubscribe from this group and stop receiving emails from it, send an email to django-developers+unsubscr...@googlegroups.com. To post to this group, send email to django-developers@googlegroups.com. Visit this group at http://groups.google.com/group/django-developers. To view this discussion on the web visit https://groups.google.com/d/msgid/django-developers/53E29F8F.8040209%40oddbird.net. For more options, visit https://groups.google.com/d/optout.
