Skip to content
This repository has been archived by the owner on Sep 1, 2022. It is now read-only.

Red Flag PR's from Problem Contributors #113

Closed
anonimal opened this issue Feb 5, 2016 · 3 comments
Closed

Red Flag PR's from Problem Contributors #113

anonimal opened this issue Feb 5, 2016 · 3 comments
Labels
major proposal

Comments

@anonimal
Copy link
Collaborator

anonimal commented Feb 5, 2016

"nevermind then, this is way too much bullshit for me to go through."

2016-01-25 19:47:50     +psi    hue
2016-01-25 19:47:59     +psi    have fun killing your project kid
2016-01-25 19:47:59     <--     psi (jeff@nr4nbmyavwetylqwo6x6ibyoourtn477iwcpb25gapzuko6s4ena.b32.i2p) has left #kovri-dev (leaving)

2016-01-29 11:09:59     +psi    no more PR are coming from me, I am taking this project in the correct direction without anonimal
2016-01-29 11:10:27     +psi    have fun with your toy

Yet, here we have another PR from psi (a.k.a., @majestrate)

Contributors like this should be red flagged as they have the knowledge-set and capacity cause malicious intent and at times have provided questionable code with security implications.

The only enforceable consequence that we can currently afford is to label PRs from problem contributors with a label of red-flag and then have all mergers review PRs from any red-flagged contributors before merging and, regardless of its quality, merge - but respond quickly either by reverting or patching when appropriate.

In addition, as described in our guide, PRs to master should be closed and contributor asked to PR to development as to avoid huge disasters.

There have been a multitude of issues with this contributor's work, as is clearly documented in the "closed pull requests" section, so this proposal is not unwarranted nor is it unsupported by empirical evidence.

We are writing anonymity software that put people's lives are on the line - so quality assurance is paramount. If this were most other software, I wouldn't bother writing up a proposal like this - but here we are.
@EinMByte
Copy link
Contributor

EinMByte commented Feb 5, 2016

The code in the above mentioned PR was not questionable. Tests are unlikely to cause major security issues. Hence I merged it and made a few stylistic modifications afterwards (see development branch).

The only mistake was merging into master (my mistake here), but this should be no problem as soon as development is merged into master again. I chose not to revert because the PR only included tests.

That said, I do not think @majestrate should be "red flagged". His intentions were clearly not malicious.

@anonimal anonimal mentioned this issue Feb 5, 2016
Closed
@majestrate
Copy link
Contributor

There have been a multitude of issues with this contributor's work, as is clearly documented in the "closed pull requests" section, so this proposal is not unwarranted nor is it unsupported by empirical evidence.

Citation Required.

Contributors like this should be red flagged as they have the knowledge-set and capacity cause malicious intent and at times have provided questionable code with security implications.

This is pointless drama.

@anonimal
Copy link
Collaborator Author

anonimal commented Feb 5, 2016

We're putting the idea aside for now but will resurrect the issue in the future should problems persist.

@anonimal anonimal closed this as completed Feb 5, 2016
Sign up for free to subscribe to this conversation on GitHub. Already have an account? Sign in.
Assignees
No one assigned
Labels
major proposal
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
3 participants
@majestrate @EinMByte @anonimal