Re: automating CF submissions (was xlog location arithmetic) - Mailing list pgsql-hackers
From | Greg Smith |
---|---|
Subject | Re: automating CF submissions (was xlog location arithmetic) |
Date | |
Msg-id | 4F125998.5020204@2ndQuadrant.com Whole thread Raw |
In response to | Re: xlog location arithmetic (Gurjeet Singh <singh.gurjeet@gmail.com>) |
Responses |
Re: automating CF submissions (was xlog location arithmetic)
Re: automating CF submissions (was xlog location arithmetic) Re: automating CF submissions (was xlog location arithmetic) |
List | pgsql-hackers |
On 01/14/2012 10:49 PM, Gurjeet Singh wrote: > So lets make it easy for the patch submitter to start the process. I > propose that we have a page in the CF application where people can > upload/attach the patch, and the app posts the patch to -hackers and > uses the post URL to create the CF entry. > That would be nice, but there's at least two serious problems with it, which I would guess are both unsolvable without adding an unsupportable amount of work to the current PostgreSQL web team. First, it is technically risky for a web application hosted on postgresql.org to be e-mailing this list. There are some things in the infrastructure that do that already--I believe the pgsql-commiters list being driven from commits is the busiest such bot. But all of the ones that currently exist are either moderated, have a limited number of approved submitters, or both. If it were possible for a bot to create a postgresql.org community account, then trigger an e-mail to pgsql-hackers just by filling out a web form, I'd give it maybe six months before it has to be turned off for a bit--because there are thousands messages queued up once the first bored spammer figures that out. Securing web to e-mail gateways is a giant headache, and everyone working on the PostgreSQL infrastructure who might work on that is already overloaded with community volunteer work. There's an element of zero-sum game here: while this would provide some assistance to new contributors, the time to build and maintain the thing would be coming mainly out of senior contributors. I see the gain+risk vs. reward here skewed the wrong way. Second, e-mail provides some level of validation that patches being submitted are coming from the person they claim. We currently reject patches that are only shared with the community on the web, via places like github. The process around this mailing list tries to make it clear sending patches to here is a code submission under the PostgreSQL license. And e-mail nowadays keeps increasing the number of checks that confirm it's coming from the person it claims sent it. I can go check into the DKIM credentials your Gmail message to the list contained if I'd like, to help confirm it really came from your account. E-mail headers are certainly not perfectly traceable and audit-able, but they are far better than what you'd get from a web submission. Little audit trail there beyond "came from this IP address". One unicorn I would like to have here would give the CF app a database of recent e-mails to pgsql-hackers. I login to the CF app, click on "Add recent submission", and anything matching my e-mail address appears with a checkbox next to it. Click on the patch submissions, and then something like you described would happen. That would save me the annoying work around looking up message IDs so much. The role CF manager would benefit even more from infrastructure like that too. Something that listed all the recent e-mail messages for an existing submission, such that you could just click on the ones that you wanted added to the patch's e-mail history, would save me personally enough time that I could probably even justify writing it. -- Greg Smith 2ndQuadrant US greg@2ndQuadrant.com Baltimore, MD PostgreSQL Training, Services, and 24x7 Support www.2ndQuadrant.com
pgsql-hackers by date: