On Wed, Jul 08, 2020 at 09:25:32AM +0200, Pierre-Yves Chibon wrote:
On Tue, Jul 07, 2020 at 10:38:01AM -0700, Michel Alexandre Salim
wrote:
> Should we make the script more robust and ignore invalid watcher
> emails? Seems worrying if someone who's not even a packager can block
> packager changes from being reflected in Bugzilla.
As you can see in this JSON there is no difference between maintainers and
watchers, so the script syncing to bugzilla does not have this information.
I think that asking FESCo for a policy on how to deal with this + an automated
way to detect this situation (which we didn't really have so far) may be
sufficient. However, if this situation happens too frequently, and leads to too
much manual work to clean things up, we may need to see about somehow adding
this information to the JSON file and teaching the script the difference.
It would increase the load on bugzilla though :(
In the ideal world, we would just add checks so that people couldn't get
into this state. But thats going to require a lot of coordination/those
checks might be very difficult right now. I wonder though, if we could
get the new account system to help us here: I think there was a plan to
have it allow for a 'bugzilla email'. Could it perhaps also verify the
bugzilla email and have some 'bugzilla ok' property?
Then, pagure could check it before allowing someone to watch/own/be
point of contact on a package and tell them to go set it before
allowing?
kevin