Leaving aside the IP issue, I think it might be worth considering what
would currently happen if someone chose a 'mass removal' and whether that's
what we'd like to have happen.
N.B. this is more extreme than
that dropped perms, but left the tarballs indexed. What if someone goes
Consider a scenario for user "Pat":
* Pat schedules all tarballs for deletion and waits 3 days
* All tarballs are deleted by PAUSE
* mldistwatch de-indexes any previously indexed tarballs
* Pat removes all comaints for all modules
* Pat drops primary permissions on all modules
* Pat drops co-maint perms on all modules
At that point, anything depending on Pat's tarballs is broken, as they
aren't indexed (ignoring for the moment cpanm's use of backpan indexes).
Also, I think the next tarball uploaded with a namespace previously
controlled by Pat gets "first come" permissions and is indexed (regardless
of version number).
Have I got that scenario right?
* I think we have to allow mass deletion, even if that de-indexes stuff. I
think that's an author's right.
* I think we should *not* free up namespaces for random takeover
* I think PAUSE admins should consider a reasonable request by a
responsible-seeming party to take over a namespace (e.g. by forking a
tarball from BackPAN).
In other words: authors own their tarballs, but PAUSE owns the namespaces
(and periodically delegates responsibility to a maintainer).
Mechanically, I think that means that when PAUSE is dropping permissions,
it should instead transfer control to a PAUSE-controlled ID. (Effectively,
David Golden <firstname.lastname@example.org> Twitter/IRC/Github: @xdg