On 09/04/2019 17:38, Isarra Yos wrote:
On 09/04/2019 16:44, Tyler Cipriani wrote:
On 19-04-09 05:17:17, Isarra Yos wrote:
This seems to be broken, or something. It's causing problems for
collaboration. Please fix.
This is the addPatchSet permission in Gerrit.
That particular permission was recently abused, and at that time the
permission was modified. The current status will remain for at least
the next week or two while we sort out some other Gerrit problems.
The current status is that "Project Owners" can use addPatchSet for
any projects they own: this does not necessarily map to +2/-2
permissions for a given project, but should mostly align.
For any projects in the "mediawiki" hierarchy, the "mediawiki" group
has the ability to addPatchSet.
After our current problems are resolved, I'd like to talk both with
the folks impacted and with the security team about finding some
middle ground between the current status and anyone being able to
modify any patchset at any time.
Hi. I'm trying to think of a way to put this politely, but I can't,
so: this is insane.
Please reconsider, or I will likely simply need to put off a lot of my
work entirely until it is resolved, which is particularly problematic
as this was the week when I was supposed to properly resume my grant
work in particular. I do not have ownership on many of the
repositories that I need to work on, despite those also being among
the ones most likely to require the sort of back and forth amending
that this blocks, so this is about as bad for me as having gerrit down
entirely, as that is pretty much where having to fall back to emailing
patches puts us. (And when that happened I just threw my arms in the
air and went to the beach.)
To clarify, I get what you're trying to do, but there has got to be a
better solution besides denying key features to and thus impairing
long-term contributors, because disabling this for everyone (but
apparently WMDE (?!)) does exactly that. On the wikis, for instance, we
have specific groups for this sort of thing (rollback, file moving,
bypass captcha, bypass rate limits), to let established users do the
things they need to do, without it being allowed of absolutely everyone
from the start, and without requiring them to be admins, either, to do
it. Perhaps actually using one of our more general existing groups for
this here would make sense?
-I
_______________________________________________
Wikitech-l mailing list
Wikitech-l@lists.wikimedia.org
https://lists.wikimedia.org/mailman/listinfo/wikitech-l
