Bugzilla permissions - cla_done required?

Jon Stanley jonstanley at gmail.com
Mon Feb 11 16:08:08 UTC 2008

On Feb 11, 2008 8:18 AM, Karsten 'quaid' Wade <kwade at redhat.com> wrote:

> Bugzilla is not on there for several reasons, as I recall.  The fact
> that bugzilla.redhat.com is used by Red Hat for business makes it
> difficult for Fedora to dictate the terms of usage.  The Fedora CLA
> can't really be a barrier to e.g. getting a bugzilla.r.c account.

Not a barrier for obtaining an account, no.  Even if we had our own
bugzilla instance (whihc I'm not advocating), it would be downright
silly to require a CLA to obtain a bz account.  However, we can
require whatever we want in order to give additional access to bz
(which is entirely in Fedora's control)

> Also, bz work falls somewhere between "Mailing list member" and "Wiki
> contributor."  The former is a discussion and information exchange, the
> later is a contribution of content, such as a patch.

To be an effective triager you need to be a wiki contributor - I
really equate the two on about the same level, or maybe
> Typically, the bz report itself has served the purpose of making it
> clear the patch was a contribution, etc.
> For bug triagers, it seems to make sense to, as you say, capture them
> with a click-through CLA.  That way we can be assured that content can
> then be moved to e.g. source control.
> > There's also the argument that signing the CLA is a (minor) technical
> > hurdle for new triagers to overcome.  While this is valuable, I also
> > think that other things could be used in it's place (open to
> > suggestions here) to demonstrate technical ability.
> Yes, we hear a lot that it is too difficult.
> We've got a good doc on how-to:
> http://fedoraproject.org/wiki/DocsProject/UsingGpg
> I'm not arguing that it's ideal, but it is a fair barrier at a certain
> point.  Maybe not for triagers, though.
> > The argument that came to light, and was discussed on
> > fedora-devel-list[2] that FAS requires "too much" personal information
> > (i.e. home address, phone number, etc) in order to sign up for an
> > account and sign the CLA.  Access to bugzilla is controlled via FAS,
> > therefore, without an FAS account, access to triage bugs is a
> > non-starter.
> I'm going to trust Red Hat's lawyers when they say they need that
> information in order to have the level of assurance to distribute a
> contribution.  If we need to get a hold of a contributor for any
> legitimate reason, it'll be a bummer if they really don't live at 123
> Main Street, Anywhere, USA.
> > So the question here is whether cla_done is required in order to
> > belong to the 'fedorabugs' group in FAS?  My vote is 'yes' for the
> > reasons listed above for now, revisit with FAS2, as was decided at
> > FESCo.
> I missed this part.  FESCo has already decided how they want this
> handled?  And some folks aren't happy with that situation?
> Without FAS2, I don't see a way around this.  That is, I guess something
> of a click-through CLA could be hacked up, by why spend the time on that
> over finishing FAS2?
> - Karsten
> --
> Karsten Wade, Developer Community Mgr.
> Dev Fu : http://developer.redhatmagazine.com
> Fedora : http://quaid.fedorapeople.org
> gpg key : AD0E0C41
> _______________________________________________
> fedora-advisory-board mailing list
> fedora-advisory-board at redhat.com
> http://www.redhat.com/mailman/listinfo/fedora-advisory-board

Jon Stanley
Fedora Bug Wrangler
jstanley at fedoraproject.org

More information about the fedora-advisory-board mailing list