[Kde-scm-interest] Distributed model VS accountability

[Johannes Sixt]

Thiago Macieira schrieb:
> Em Friday 23 November 2007 16:40:43 Johannes Sixt escreveu:
>> At a higher level, trust must be implemented such that each person can
>> change (basically) only his own repository. For this reason, it is good
>> that in your earlier proposal access rights to certain repositories were
>> very limited. BD and lieutenants will only pull from such restricted
>> repositories.
> 
> I understand that.
> 
> But the question I am asking is: how can we have accountability in a 
> repository where everyone in the project can push to the repository?
> 
> I simply do not see a way of KDE having restricted repositories, at least not 
> if we want to have a smooth transition any time soon. The social trust 
> network model will not work in KDE since we've been for 10 years allowing 
> anyone to commit anywhere.

Note that by giving in to a releases/ hierarchy with restricted push access 
you are already taking away public commit access.

A publically pushable repository, such as the proposed stable/ hierarchy is 
way different from a publically committable trunk/ hierarchy in SVN: In SVN, 
committing something to trunk/ means that the commit will be in the next 
release; but pushing something to the stable/ git repository does not! With 
git, it means that someone (major contributor, lieutenant, BD) must be made 
aware of the commit to pick it up and integrate it into releases/ (ultimately).

IOW: By choosing git (or any distributed SCM), you give away the possibility 
that anyone can contribute to $release at anytime without the *need* to ask 
for permission.

Except... You make the release/ hierarchy publically pushable.

Imagine what this would mean. It's the worst of my dreams.

-- Hannes