On Tue, Dec 22, 2020 at 2:40 PM Adam Williamson <adamwill@fedoraproject.org> wrote:

Perhaps we need a process for cleaning up membership of this extremely
powerful group? If the FAS password of *any one* of those user accounts
were somehow compromised (or if just one of them decided they had a
grudge against Fedora now and were going to have some fun), the results
could be...unfortunate.

I mentioned it once but got zero response... What about requiring a CLA (or something like it) annually instead of one time. This would help clean up inactive packagers as well.

Thanks,

Richard