On 10/29/2011 04:01 AM, K. Peachey wrote:
On Sat, Oct 29, 2011 at 9:54 AM, Sumana Harihareswara
<sumanah(a)wikimedia.org> wrote:
* However, I am now ensuring that we are more
lenient with extensions
developers than we are with people applying for core commit access. We
still, of course, watch out for security issues in submitted code samples!
I might be reading this wrong, But isn't that exactly what we don't
want, We want people building extensions even if they have bad
security habits in SVN so we can teach them on how to correct them
(and other generally improvements) so we know that they have improved
the code they are offering to people.
K. Peachey, thanks for making that point. I talked with Tim, Aaron, and
Chad about this, and you're right. For extensions, the only criteria
for commit access are, should be, and now will be as listed at
https://www.mediawiki.org/wiki/Commit_access_requests#Requesting_commit_acc…
:
A demonstration that your request is made in good
faith. For example, someone may be employing you to work on MediaWiki, or you may be known
to the Wikimedia volunteer community by way of past work.
Plans to contribute to MediaWiki or extensions in a substantial way.
Programming skills appropriate for the type of work you propose to do. Our community
will help new participants, especially with MediaWiki-specific skills, but we don't
have time to train programmers from scratch.
An account on this wiki (
www.mediawiki.org) with an authenticated email address set
in your Special:Preferences.
We will tell people about security issues we see in their code, and ask
them to promise to fix them in the future, but we won't use security
problems as a reason to turn them away.
We've also now unified the "tools" and "extensions" Subversion
groups;
there were a few developers (declerambaul, giovanni, halfak, swalker,
whym) who were only in the "tools" group, and those developers now have
access to commit to extensions.
--
Sumana Harihareswara
Volunteer Development Coordinator
Wikimedia Foundation