Commit access to openssl/tools and openssl/web

Dr Paul Dale paul.dale at oracle.com
Fri Oct 4 07:49:58 UTC 2019 

I believed that it required two OMC approvals but was pointed to an earlier instance where only one was present and I flew with it without checking further.
My apologies for merging prematurely and I’ll back out the changes if any OMC member wants.

As for discussing this at the upcoming face to face, I agree wholeheartedly.


Pauli
-- 
Dr Paul Dale | Distinguished Architect | Cryptographic Foundations 
Phone +61 7 3031 7217
Oracle Australia




> On 4 Oct 2019, at 5:39 pm, Matt Caswell <matt at openssl.org> wrote:
> 
> 
> 
> On 04/10/2019 08:15, Dr. Matthias St. Pierre wrote:
>> Dear OMC,
>> 
>> while the process of merging and committing to openssl/openssl has been formalized,
>> no similar (official) rules for pull requests by non-OMC-member seem to apply to the
>> other two repositories openssl/tools and openssl/web. Probably it's because hardly
>> anybody outside the OMC else ever raises them? Or is it the other way around?
> 
> There are clear official rules. This vote was passed by the OMC over a year ago:
> 
> topic: Openssl-web and tools repositories shall be under the same review
>       policy as per the openssl repository where the reviewers are OMC members
> 
> So it needs two approvals from an OMC member. It looks like recent commits
> haven't obeyed those rules.
> 
> 
>> I would like to raise the question whether it wouldn't be beneficial for all of us,
>> if we would apply the same rules (commit access for all committers, plus the well
>> known approval rules) to all of our repos. After all, the openssl/openssl repository
>> is the most valuable of the three and I see no reason why the others would need
>> more protection. In the case of the openssl/web repository which targets the
>> official website, you might want to consider a 2OMC approval rule, but even there
>> I don't see why the usual OMC veto rule wouldn't be sufficient.
> 
> There is a lot of merit in that. Certainly for tools. I've added it to the OMC
> agenda for Nuremburg.
> 
> Matt
> 

-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://mta.openssl.org/pipermail/openssl-project/attachments/20191004/1f02e96a/attachment-0001.html>

More information about the openssl-project mailing list