Commit access to openssl/tools and openssl/web
tjh at cryptsoft.com
Fri Oct 4 07:51:28 UTC 2019
FYI - I have reviewed and added my approval. No need to back out anything.
On Fri, Oct 4, 2019 at 5:50 PM Dr Paul Dale <paul.dale at oracle.com> wrote:
> I believed that it required two OMC approvals but was pointed to an
> earlier instance where only one was present and I flew with it without
> checking further.
> My apologies for merging prematurely and I’ll back out the changes if any
> OMC member wants.
> As for discussing this at the upcoming face to face, I agree
> Dr Paul Dale | Distinguished Architect | Cryptographic Foundations
> Phone +61 7 3031 7217
> Oracle Australia
> On 4 Oct 2019, at 5:39 pm, Matt Caswell <matt at openssl.org> wrote:
> On 04/10/2019 08:15, Dr. Matthias St. Pierre wrote:
> Dear OMC,
> while the process of merging and committing to openssl/openssl has been
> no similar (official) rules for pull requests by non-OMC-member seem to
> apply to the
> other two repositories openssl/tools and openssl/web. Probably it's
> because hardly
> anybody outside the OMC else ever raises them? Or is it the other way
> There are clear official rules. This vote was passed by the OMC over a
> year ago:
> topic: Openssl-web and tools repositories shall be under the same review
> policy as per the openssl repository where the reviewers are OMC
> So it needs two approvals from an OMC member. It looks like recent commits
> haven't obeyed those rules.
> I would like to raise the question whether it wouldn't be beneficial for
> all of us,
> if we would apply the same rules (commit access for all committers, plus
> the well
> known approval rules) to all of our repos. After all, the openssl/openssl
> is the most valuable of the three and I see no reason why the others would
> more protection. In the case of the openssl/web repository which targets
> official website, you might want to consider a 2OMC approval rule, but
> even there
> I don't see why the usual OMC veto rule wouldn't be sufficient.
> There is a lot of merit in that. Certainly for tools. I've added it to the
> agenda for Nuremburg.
-------------- next part --------------
An HTML attachment was scrubbed...
More information about the openssl-project