For my own education, was there a problem creating a branch, or is it
only a problem when changes are merged to master? (And can I keep the
branch? I suppose it could have been a fork, but this was convenient
as we are using git submodules)

On Thu, Aug 30, 2012 at 1:33 PM, Eugene Lazutkin
In order to revoke a write access, We have to move almost all present
Owners to a custom group with no write access. There is no way to
restrict what owners can do. I didn't do it because I didn't want any
bruised egos. Initially the repository was created by Pete and had two
owners: he and I. Later other guys learned about that account and
started to feel "unprivileged", and as soon as I added them (with a
strong warning about not writing to these repos), they added everybody,
and their dogs to owners and write-able developers, and the fun started.

The problem of writing to the repo directly is a serious one. Any
harmless change immediately breaks mirroring, and I am getting a bunch
of error reports, which I should attend ASAP. because it stops
mirroring. The only sure way to fix it is to reupload the whole
repository anew thus squishing all other changes. Meanwhile if some
people forked/pulled the repository with an offending update, they are
essentially screwed up and have to redo what they did (fork/pull the
repo, add their changes once again).

Having a write access for anybody who works with this repository is
dangerous. For example, --- let me
explain how it was committed directly. Bill was working with a bunch of
pull requests for our documentation, which is hosted on the same "dojo"
account. In a middle was this pull request named: "Add missing quote in
QueryResults documentation". If you inspect it you will see that this is
a totally valid and harmless update --- in one of our inline docs we
have an example with a missing string quote. Bill committed this pull
request because he was thinking that the change goes to the
documentation repository. It was totally unintentional understandable
mistake --- anybody can do it. It could be noticed only when the merge
was refused. It wasn't.

And I am not so sure if new branches will survive, if we have to force
the push from the mirror again. So I don't think it is a good idea either.

I support Ben's proposal, but in order to do it we have to move people
from Owners to other teams, like Dojo Team and/or Documentation Team, or
maybe even create more teams to tailor a write access. (BTW, remember
that we are open source project, which means that all repos are readable
by general public, and there are no special read permissions.)

The current list of owners: csnover, dmachi, kfranqueiro, kriszyp,
peller, phiggins42, rchady, ttrenka, uhop, wkeese. I propose to leave
just two: dylans, and uhop. The first is the current Dojo Foundation
president, he rarely commits things, and very unlikely to do it through
either git or github. And my account (more precisely my private key) is
used by the mirroring bot to push changes made by others. I don't clone
Dojo repositories with write access either, and don't work with pull
requests. If somebody will need administrative rights for some reason, I
am sure it will be easy to arrange by contacting Dylan or I, and we are
always around.


Eugene Lazutkin
Dojo Toolkit, Committer
On 08/30/2012 09:31 AM, Ben Hockey wrote:
recently there have been a number of commits directly to our github
repos. one was accidental ( and
another is intentional

given that at least for now these repos are supposed to be just readonly
mirrors of our svn codebase, i feel strongly that we should be revoking
write access from these repos for everyone except for what is necessary
to keep the repos in sync with changes from svn.

also, for the specific case where a new branch was added in dojox, i
don't see why maqetta doesn't just host it's own fork of dojox and do
whatever it needs to with that fork. if we all start adding branches
for our own needs this is going to get out of control very quickly. the
distributed nature of git allows for forks to be made easily so that we
don't need to have a whole lot of branches in the "official" repo.
also, i would think that the responsible thing to do would have been to
discuss adding this branch first.

so, i'm proposing that we remove the branch from the dojox repo and we
revoke write access for everyone.



dojo-contributors mailing list
dojo-contributors at
dojo-contributors mailing list
dojo-contributors at

Search Discussions

Discussion Posts


Follow ups

Related Discussions

Discussion Navigation
viewthread | post
posts ‹ prev | 5 of 10 | next ›
Discussion Overview
groupdojo-contributors @
postedAug 30, '12 at 10:31a
activeAug 30, '12 at 4:20p



site design / logo © 2021 Grokbase