PAUSE Permissions

download PAUSE Permissions

of 21

  • date post

  • Category


  • view

  • download


Embed Size (px)


A lightning talk I gave at the London Perl Workshop 2012

Transcript of PAUSE Permissions

  • 1. PAUSE::Permissions A lightning talk given at London Perl Workshop 2012 The permissions model that controls whocan upload what modules to CPAN, via PAUSENeil Bowers Andreas KnigNEILB ANDK

2. PAUSE::PermissionsA module for querying the data behind the modelNeil BowersAndreas KnigNEILBANDK 3. PAUSE and CPAN 4. $CPAN/modules/06perms.txt Who has what permissions for which modules 5. $CPAN/modules/06perms.txt Time::Fake,ROSULEK,f Time::Fields,PIP,f Time::Format,PGOLLUCCI,f Time::Format,ROODE,m Time::Format_XS,ROODE,f Time::Frame,PIP,f Time::Fuzzy,JQUELIN,m Time::GPS,ZEFRAM,fTime::HiRes, JHI, cTime::HR,AGOLOMSH,f Time::HiRes,DEWEG,c Time::HiRes,JHI,c module PAUSE id Time::HiRes,ZEFRAM,m Time::HiRes::Value,PEVANS,fpermission Time::Human,JHOBLITT,f Time::Implementation,FOTANGO,f Time::Implementation,STIG,c Time::Interval,AHICOX,f 6. Upload a new module If youre the first to upload a module to CPAN, youget the f permission (first come) Module::Path,NEILB,f Youre considered the owner 7. Register module on module list If you register the module, you get an m permissionGraph::Reader,NEILB,m Internally you also still have f m takes precedence over f 8. You register modules, not dists I registered PAUSE::Permissions The dist also includes PAUSE::Permissions::Module PAUSE::Permissions,NEILB,m PAUSE::Permissions::Module,NEILB,f What should you do with other modules in dists? If theyre public-facing, consider registering them Otherwise f is fine 9. Co-maintainers The owner of a module can grant co-maint perms Using the PAUSE web interface They get a c permission.PAUSE::Permissions,ANDK,cPAUSE::Permissions,NEILB,mPAUSE::Permissions::Module,ANDK,cPAUSE::Permissions::Module,NEILB,f Co-maints can upload new versions of a module Co-maints cannot grant co-maint permissions 10. Permissions are on modules Years back I created some Locale:: modules I handed them to SBECK, hes expanded the dist Locale::Codes,SBECK,fLocale::Constants,NEILB,cLocale::Codes::Constants,SBECK,fLocale::Country,NEILB,cLocale::Codes::Country,SBECK,f lots more modules Locale::Currency,NEILB,c Locale::Constants,SBECK,f Locale::Country,SBECK,mLocale::Language,NEILB,c Locale::CountryCodes,SBECK,fLocale::Script,NEILB,c Locale::Currency,SBECK,m Locale::CurrencyCodes,SBECK,f Locale::Language,SBECK,m Locale::LanguageCodes,SBECK,f Locale::Script,SBECK,f Locale::ScriptCodes,SBECK,f I have co-maint on the original modules but not on those hes subsequently added. 11. Someone elses module If you upload a module you dont have perms for The dist will make it to your author directory The offending module wont be indexed (but ok modules will be) will shout at you 12. Deleting dists from CPAN You can only delete dists that you uploaded Regardless of whether youre the owner Permissions are associated with modules, not dists,remember If you dont like a co-maints release Revoke co-maint, then supersede with a new release But talk to them first! 13. Namespace squatting Upload a module, then delete the dist (via PAUSE) The module wont exist on CPAN But youll have an f permissionNo::Such::Module,NEILB,f No-one else will be able to use that name Free it up using PAUSE ("Change Permissions") 14. Developer releases Developer releases dont trigger permissions If your first release of a module is a developerrelease, you wont get any permissions. Someone else could gazump you "This may change" - ANDK 15. Transfer of ownership You can transfer ownership to another user They get your m or f You get cPAUSE::Permissions,ANDK,mPAUSE::Permissions,NEILB,cPAUSE::Permissions::Module,ANDK,fPAUSE::Permissions::Module,NEILB,c 16. Taking over a module"Usually, after all this hassle,we are reasonably quick at assigning co-maintenance permissions,but dont hold your breath" 17. Anomaly #1: different m and f Modules with different m and f users? This cant happen TM Catalyst::Engine::Apache,AGRUNDMA,m Catalyst::Engine::Apache,MSTROUT,f But when it does m is the owner f is treated as a co-maint There are some special conventions Eg P5P has f on some modules Tie::SubstrHash,LWALL,m Tie::SubstrHash,P5P,f 18. Anomaly #2: modules with no owner There are 1000+ modules with co-maints onlyDBIx::Class::Loader,AMS,cDBIx::Class::Loader,DMAKI,cDBIx::Class::Loader,KRAIH,cDBIx::Class::Loader,MRAMBERG,cDBIx::Class::Loader,SRI,cDBIx::Class::Loader,TEMPIRE,c How does this come about? You can give up your permissions: "Change Permissions" on PAUSE Make your case to PAUSE admins for ownership PAUSE Admins: 19. Anomaly #3: modules with no perms Some modules are on CPAN but not in 06perms.txt Upload a module, then give up your f permission Its open season on the module name again 20. PAUSE::Permissionsuse PAUSE::Permissions;my $pp = PAUSE::Permissions->new;my $mp = $pp->module_permissions(PAUSE::Permissions);my $owner = $mp->owner;# NEILBmy @comaints = $mp->co_maintainers; # ANDK 21. Finally Largest number of co-maints any module has? Tidy up your permissions please