From mboxrd@z Thu Jan  1 00:00:00 1970
Return-Path: <gentoo-dev+bounces-85234-garchives=archives.gentoo.org@lists.gentoo.org>
Received: from lists.gentoo.org (pigeon.gentoo.org [208.92.234.80])
	(using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits))
	(No client certificate requested)
	by finch.gentoo.org (Postfix) with ESMTPS id A67DB138334
	for <garchives@archives.gentoo.org>; Thu, 12 Jul 2018 04:35:57 +0000 (UTC)
Received: from pigeon.gentoo.org (localhost [127.0.0.1])
	by pigeon.gentoo.org (Postfix) with SMTP id D410EE088C;
	Thu, 12 Jul 2018 04:35:48 +0000 (UTC)
Received: from smtp.gentoo.org (dev.gentoo.org [IPv6:2001:470:ea4a:1:5054:ff:fec7:86e4])
	(using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits))
	(No client certificate requested)
	by pigeon.gentoo.org (Postfix) with ESMTPS id 48F1BE086D
	for <gentoo-dev@lists.gentoo.org>; Thu, 12 Jul 2018 04:35:46 +0000 (UTC)
Received: from mail-oi0-f44.google.com (mail-oi0-f44.google.com [209.85.218.44])
	(using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits))
	(No client certificate requested)
	(Authenticated sender: floppym)
	by smtp.gentoo.org (Postfix) with ESMTPSA id B7D1D335C9A
	for <gentoo-dev@lists.gentoo.org>; Thu, 12 Jul 2018 04:35:43 +0000 (UTC)
Received: by mail-oi0-f44.google.com with SMTP id n84-v6so53394761oib.9
        for <gentoo-dev@lists.gentoo.org>; Wed, 11 Jul 2018 21:35:43 -0700 (PDT)
X-Gm-Message-State: AOUpUlHjere88jaVKAUzJseaXCRkqI8I7S3vYU+HzLJ/xQnog469Jpuq
	UqMv1oTTygekX3OznFADgSMpnmapb+ldXDIfGDY=
X-Google-Smtp-Source: AAOMgpcxqJa49jbSdmayKJfVkw4hmGU4pPONzFujFdb/SE0Tz2IiFJ83BmBgZzIYmadOBJ9baG3tA4ILeXVYRNFFycg=
X-Received: by 2002:aca:a56:: with SMTP id 83-v6mr731696oik.57.1531370141664;
 Wed, 11 Jul 2018 21:35:41 -0700 (PDT)
Precedence: bulk
List-Post: <mailto:gentoo-dev@lists.gentoo.org>
List-Help: <mailto:gentoo-dev+help@lists.gentoo.org>
List-Unsubscribe: <mailto:gentoo-dev+unsubscribe@lists.gentoo.org>
List-Subscribe: <mailto:gentoo-dev+subscribe@lists.gentoo.org>
List-Id: Gentoo Linux mail <gentoo-dev.gentoo.org>
X-BeenThere: gentoo-dev@lists.gentoo.org
Reply-to: gentoo-dev@lists.gentoo.org
MIME-Version: 1.0
Received: by 2002:a4a:4e46:0:0:0:0:0 with HTTP; Wed, 11 Jul 2018 21:35:21
 -0700 (PDT)
In-Reply-To: <20180712153607.6cf7544e@katipo2.lan>
References: <1531125622.1159.11.camel@gentoo.org> <20180712153607.6cf7544e@katipo2.lan>
From: Mike Gilbert <floppym@gentoo.org>
Date: Thu, 12 Jul 2018 00:35:21 -0400
X-Gmail-Original-Message-ID: <CAJ0EP41zPzuyHyb_uukq0fpw+yaOQOsR3R2yMcK6G_dRuncw9A@mail.gmail.com>
Message-ID: <CAJ0EP41zPzuyHyb_uukq0fpw+yaOQOsR3R2yMcK6G_dRuncw9A@mail.gmail.com>
Subject: Re: [gentoo-dev] [RFC] Requiring gentoo.git committers to use their
 @gentoo.org address
To: Gentoo Dev <gentoo-dev@lists.gentoo.org>
Content-Type: text/plain; charset="UTF-8"
Content-Transfer-Encoding: quoted-printable
X-Archives-Salt: 68dd54b7-230f-4ab6-ad07-3f86d492bb85
X-Archives-Hash: 08f72e65a4aa5bfb5278472e96345371

On Wed, Jul 11, 2018 at 11:52 PM, Kent Fredric <kentnl@gentoo.org> wrote:
> On Mon, 09 Jul 2018 10:40:22 +0200
> Micha=C5=82 G=C3=B3rny <mgorny@gentoo.org> wrote:
>
>> Hi,
>>
>> We currently don't enforce any particular standard for e-mail addresses
>> for developers committing to gentoo.git.  FWICS, the majority of
>> developers is using their @gentoo.org e-mail addresses.  However, a few
>> developers are using some other addresses.
>>
>> Using non-@gentoo.org e-mail addresses generally causes problems
>> in accounting for commits.  For example, our retirement scripts can't
>> detect commits made using non-Gentoo e-mail address.  My dev-timeline
>> scripts [1] account for all emails in LDAP (which doesn't cover all
>> addresses developers use).  FWIK gkeys accounts for all addresses
>> in the OpenPGP key UIDs.  In my opinion, that's a lot of hoops to jump
>> through to workaround bad practice.
>>
>> Therefore, I'd like to start enforcing (at the level of the hook
>> verifying signatures) that all commits made to gentoo.git (and other
>> repositories requiring dev signatures) are made using @gentoo.org e-mail
>> address (for committer field).
>>
>> Is anyone opposed to that?  Does anyone know of a valid reason to use
>> non-@gentoo.org address when committing?
>>
>> [1]:https://dev.gentoo.org/~mgorny/dev-timeline.html
>>
>
> There's one fun problem here technologically for proxy-maint, but
> getting the conditions right for it to occur happen very rarely.
>
> 1. Assume the proxied maintainer has a git repo, where they commit
> themselves.
>
> 2. Assume their proxy has said git repo as an alternative remote, for
> which they relay work. ( That is, they work closely together directly
> instead of via github pull requests and textual patches )
>
> 3. ::gentoo is quiet, and the proxied maintainer has rebased their own
> work on top of ::gentoo, setting Committer: metadata and signing
> commits.
>
> Then, in that situation, it is trivial for the proxy to relay those
> commits verbatim to ::gentoo, without changing either Committer: or
> signature data.
>
> Standard git tools will not attempt to even *change* these commits even
> with an explicit rebase, because Git will detect that nothing needs to
> change, and will no-op the rebase, leaving Committer and Signatures
> intact, degrading to a fast-forward merge.
>
> It seems like it would happen not-very-often, but ...
>
> git log --show-signature --format=3Dfuller --committer=3D".*@\([^g]\|g[^e=
]\)"
>
> Well, the last example happened in 2017, so maybe something happened
> *since* then that prevented this situation occurring via other means?
> *shrug*
>
>
> commit 76eb43412b532a045d92d524dfa5ed1b1bcca671
> Author:     Michael Mair-Keimberger <m.mairkeimberger@gmail.com>
> AuthorDate: 2017-10-02 02:47:28 +1300
> Commit:     Michael Mair-Keimberger <m.mairkeimberger@gmail.com>
> CommitDate: 2017-10-10 07:45:09 +1300
>
> To the best of my knowledge, Michael isn't a Gentoo Dev.

This was incorporated into the master branch via a merge commit, not a
fast-forward or a rebase. See
6711d4f96985b0797c1803cd6f05e5a1410c1018.

We have generally discouraged merge commits, but they do occasionally happe=
n.