> On Jun 27, 2020, at 3:11 PM, Greg Stein <gst...@apache.org> wrote:
>
> On 2020/06/27 00:15:39, Craig Russell <apache....@gmail.com> wrote:
>> ...
>> So while I have no objection to keeping an index file, the real purpose of
>> the tool is served by keeping a permanent record of the affirmations, in a
>> form that is immediately accessible without looking at any other record. So
>> the signatory's name, timestamp, and the actual document which is being
>> affirmed are critically important to be preserved.
>
> An index file duplicates information that is contained in svn. And svn is
> authoritative here, since (me) could just go and edit files directly. Whimsy
> is just a simple tool to figure out who needs to sign (but could/should allow
> others to do so, too), and give them a way to do the signing.
Yes, and in fact the way it is organized now, an officer could manually print,
sign, scan, and commit the clr.pdf to the 2020 directory and the rest of the
tooling would work fine. If we really need to, we could document this process
but I suspect there will be zero interest in doing it this way, except to prove
that it works.
>
>> ...
>> The term "annually" can be read in a few ways, which can be reflected in
>> different wordings on the web
>
> Just read "current year" and "prior year", and weave them together.
Nope. In June 2021 after we have a new team in place, currentyearprioryear
would show everyone has signed. Not good enough.
But assuming that we make a trivial change to the tool to iterate the years
directories, we can have the sidebar give quick access to all COI documents
ever signed, or just the last three or whatever we like. Later.
> You'll be able to synthesize "annual" in any fashion you like. Whether that
> is calendar, Board election cycle, or fiscal year. "svn info" gives you the
> last modification date, which is presumably the signing date.
I still prefer to keep it simple. Organize all documents signed in a calendar
year in a directory named after that calendar year. Everything else, including
the following, is icing.
>
> Presumed signing date. One suggestion: add a property, say "whimsy:signed"
> and insert the date. That could be modified later, manually, so just
> highlight any COI file (in the UI) that has more than one revision. A person
> could still manually construct a file with that property, too. The only
> *real* test is to ensure the file matches the COI policy that was in effect
> at the purported time of signing, and that the initial revision of the file's
> author (the svn:author property) matches the filename.
>
> Note that comparing the file means stripping the metadata from the end. I
> would suggest to make the file the policy-at-time, and use svn properties for
> the metadata (that is why they are there).
>
> I'd suggest creating a "validation" function that is simple today, but could
> be extended to more complex forms, such as suggested above.
Let's get past this year's exercise and wait until something more complicated
becomes necessary and agreed.
Craig
>
> Cheers,
> -g
>
Craig L Russell
c...@apache.org
