PAUSE Permissions
-
Upload
neilbowers -
Category
Technology
-
view
387 -
download
2
description
Transcript of PAUSE Permissions
PAUSE::PermissionsA lightning talk given at London Perl Workshop 2012
The permissions model that controls who can upload what modules to CPAN, via
PAUSE
Neil BowersNEILB
Andreas KönigANDK
PAUSE::Permissions
A module for querying the data behind the model
Neil BowersNEILB
Andreas KönigANDK
PAUSE and CPAN
$CPAN/modules/06perms.txt
• Who has what permissions for which modules
$CPAN/modules/06perms.txtTime::Fake,ROSULEK,fTime::Fields,PIP,fTime::Format,PGOLLUCCI,fTime::Format,ROODE,mTime::Format_XS,ROODE,fTime::Frame,PIP,fTime::Fuzzy,JQUELIN,mTime::GPS,ZEFRAM,fTime::HR,AGOLOMSH,fTime::HiRes,DEWEG,cTime::HiRes,JHI,cTime::HiRes,ZEFRAM,mTime::HiRes::Value,PEVANS,fTime::Human,JHOBLITT,fTime::Implementation,FOTANGO,fTime::Implementation,STIG,cTime::Interval,AHICOX,f
Time::HiRes, JHI, c
module PAUSE id
permission
• If you’re the first to upload a module to CPAN, you get the 'f' permission (“first come”)
• You’re considered the owner
Module::Path,NEILB,f
Upload a new module
Register module on module list
• If you register the module, you get an 'm' permission
• Internally you also still have 'f'
• 'm' takes precedence over 'f'
Graph::Reader,NEILB,m
You register modules, not dists
• I registered PAUSE::Permissions
• The dist also includes PAUSE::Permissions::Module
• What should you do with other modules in dists?• If they’re public-facing, consider registering them• Otherwise 'f' is fine
PAUSE::Permissions,NEILB,mPAUSE::Permissions::Module,NEILB,f
Co-maintainers
• The owner of a module can grant co-maint perms• Using the PAUSE web interface
• They get a 'c' permission.
• Co-maints can upload new versions of a module
• Co-maints cannot grant co-maint permissions
PAUSE::Permissions,ANDK,cPAUSE::Permissions,NEILB,mPAUSE::Permissions::Module,ANDK,cPAUSE::Permissions::Module,NEILB,f
Permissions are on modules
• Years back I created some Locale:: modules
• I handed them to SBECK, he's expanded the dist
• I have co-maint on the original modules• but not on those he's subsequently added.
Locale::Constants,NEILB,cLocale::Country,NEILB,cLocale::Currency,NEILB,cLocale::Language,NEILB,cLocale::Script,NEILB,c
Locale::Codes,SBECK,fLocale::Codes::Constants,SBECK,fLocale::Codes::Country,SBECK,f… lots more modules …Locale::Constants,SBECK,fLocale::Country,SBECK,mLocale::CountryCodes,SBECK,fLocale::Currency,SBECK,mLocale::CurrencyCodes,SBECK,fLocale::Language,SBECK,mLocale::LanguageCodes,SBECK,fLocale::Script,SBECK,fLocale::ScriptCodes,SBECK,f
Someone else's module
• If you upload a module you don't have perms for• The dist will make it to your author directory• The offending module won't be indexed (but ok modules will be)
• search.cpan.org will shout at you
Deleting dists from CPAN
• You can only delete dists that you uploaded• Regardless of whether you're the owner
• Permissions are associated with modules, not dists, remember
• If you don't like a co-maint's release• Revoke co-maint, then supersede with a new release• But talk to them first!
Namespace squatting
• Upload a module, then delete the dist (via PAUSE)
• The module won't exist on CPAN
• But you'll have an 'f' permission
• No-one else will be able to use that name
• Free it up using PAUSE ("Change Permissions")
No::Such::Module,NEILB,f
Developer releases
• Developer releases don't trigger permissions
• If your first release of a module is a developer release, you won't get any permissions.• Someone else could gazump you
• "This may change" - ANDK
Transfer of ownership
• You can transfer ownership to another user
• They get your 'm' or 'f'
• You get 'c'
PAUSE::Permissions,ANDK,mPAUSE::Permissions,NEILB,cPAUSE::Permissions::Module,ANDK,fPAUSE::Permissions::Module,NEILB,c
Taking over a module
"Usually, after all this hassle,we are reasonably quick at assigning co-maintenance permissions,but don't hold your breath"
Anomaly #1: different m and f
Catalyst::Engine::Apache,AGRUNDMA,mCatalyst::Engine::Apache,MSTROUT,f
Tie::SubstrHash,LWALL,mTie::SubstrHash,P5P,f
• Modules with different 'm' and 'f' users?
• This can't happen TM
• But when it does• 'm' is the owner• 'f' is treated as a co-maint
• There are some special conventions• Eg P5P has 'f' on some modules
Anomaly #2: modules with no owner
• There are 1000+ modules with co-maints only
• How does this come about?• You can give up your permissions: "Change Permissions" on PAUSE
• Make your case to PAUSE admins for ownership• PAUSE Admins: [email protected]
DBIx::Class::Loader,AMS,cDBIx::Class::Loader,DMAKI,cDBIx::Class::Loader,KRAIH,cDBIx::Class::Loader,MRAMBERG,cDBIx::Class::Loader,SRI,cDBIx::Class::Loader,TEMPIRE,c
Anomaly #3: modules with no perms
• Some modules are on CPAN but not in 06perms.txt
• Upload a module, then give up your 'f' permission• It's open season on the module name again
PAUSE::Permissions
use PAUSE::Permissions;
my $pp = PAUSE::Permissions->new;my $mp = $pp->module_permissions('PAUSE::Permissions');
my $owner = $mp->owner; # NEILBmy @comaints = $mp->co_maintainers; # ANDK
Finally
• Largest number of co-maints any module has?
• Tidy up your permissions please