[Date Prev][Date Next] [Thread Prev][Thread Next] [Date Index] [Thread Index]

Bug#889616: nm.debian.org: please block DM applications until the key requirements are satisfied



Package: nm.debian.org
X-Debbugs-Cc: debian-newmaint@lists.debian.org


Currently we have 6 DM processes that have been stalled for many months
(the oldest started last May, i.e. 9 months ago) because of issues with
the applicant GPG key.
Issues range from "no signatures at all" through "no dd signatures" to
"unacceptable uid, rejected by keyring-maint".

I believe the processes should not proceed (in particular, not accept
advocacies) until the key is not valid, or manually accepted by FD.
Those 6 processes I've looked at don't show any sign of a solution in
sight, and will probably be closed by FD one of these days, causing
unhappiness for all the involved parties¹.

I don't know how the situation is in DD processes, but there seem to be
no DD processes stuck at "keycheck" in the AM dashboard, so perhaps
that's not a issue for those, but otherwise I think the same
considerations there should apply.


A quick pool in #debian-newmaint reveled no opposition, so I'm opening a
bug report requesting the feature to be implemented, and at the same
time posting this to debian-newmaint@ to check if anybody would be too
upset by the change.


¹ as the process will then have to be restart if wanted, and previous
advocacies will have to either be re-made (i.e. bother the advocate
again) or some nm.d.o admin will need to carry it over to the new
process (not going to happen), or an FD need to manually approve the
requirement (i.e. bother FD + cause confusion to everybody because the
process doesn't link any advocacy, etc).

-- 
regards,
                        Mattia Rizzolo

GPG Key: 66AE 2B4A FCCF 3F52 DA18  4D18 4B04 3FCD B944 4540      .''`.
more about me:  https://mapreri.org                             : :'  :
Launchpad user: https://launchpad.net/~mapreri                  `. `'`
Debian QA page: https://qa.debian.org/developer.php?login=mattia  `-

Attachment: signature.asc
Description: PGP signature


Reply to: