Hi all On Sat, Nov 09, 2024 at 05:18:08PM +0100, Michael Niedermayer wrote: > Hi all > > Should we disable git accounts for developers who have not been active since > a long time (like 10 years) ? > > (if these developers come back, the account would then be enabled again) > but disabling such accounts may improve security (lots of "if" here but > assuming they loose their key, assuming whoever gets hold of the key > has interrest and ability to attack ffmpeg and and and, the risk here > is likely low but not 0)
I count currently 127 people with git write access above suggestion would disable around 33 accounts. I cannot show the list because of GDPR but the remaining 127-33 accounts are on this list: git log --since 10.years --first-parent --pretty=fuller | grep '^Commit:' | sort | uniq Note that above command will not produce a clean list. It requires manual cleanup, "Commit:" is just a text field and not everything thats in that field has or had a write account. But I cannot post peoples names or email addressed If i hear noone objecting to this (and there are already multiple people in favor) then i will disable the 33 accounts in a few days Thx [...] -- Michael GnuPG fingerprint: 9FF2128B147EF6730BADF133611EC787040B0FAB Those who are too smart to engage in politics are punished by being governed by those who are dumber. -- Plato
signature.asc
Description: PGP signature
_______________________________________________ ffmpeg-devel mailing list ffmpeg-devel@ffmpeg.org https://ffmpeg.org/mailman/listinfo/ffmpeg-devel To unsubscribe, visit link above, or email ffmpeg-devel-requ...@ffmpeg.org with subject "unsubscribe".
