How to remove a non invited commiter from the commiters list?
7 views
Skip to first unread message
Pedro Duque Vieira
May 6, 2020, 8:21:51 AM5/6/20
to JFXtras Developers
Hi guys,
A while ago, a commiter create a PR which made no sense, with a single file containing:
"hello every body, this is my java application"
"hello every body, this is my java application"
It was rejected by a member of the team at the time, but somehow still made it in (hack or bug in github?). I deleted the file some time ago.
He's still on the contributors list of the project though: https://github.com/JFXtras/jfxtras-styles/graphs/contributors
I've already reported this user to the Github team.
Maybe we should also block him from the jfxtras organization? - https://help.github.com/en/github/building-a-strong-community/blocking-a-user-from-your-organization (I don't have admin privileges in jfxtras to do this).
I'm not sure whether that alone will also remove his commits and contributions from the contributors list though..
There's no option I can find in his single commit to the project that allows one to report or remove it..
Thanks, kind regards,
tbeernot
May 6, 2020, 8:47:00 AM5/6/20
to jfxtr...@googlegroups.com
Interesting indeed.
This PR was made in 2013, 7 years ago
(although the current year feels like it may count for 2 or 3 with
all the boring sitting at home). Has he done anything else since?
Or is this just a once-of mishap?
The commit was merged apparently, so
therefor he is a contributor. Can't really undo that, it is a
matter-of-fact statement. But he is not a member of the
organization, so he cannot do anything without approval (BTW, you
are, as admin in the core team, not sure what more permission
there is to add). We could block him, but if nothing happened in
the last 7 years...
Regards, Tom
--
You received this message because you are subscribed to the Google Groups "JFXtras Developers" group.
To unsubscribe from this group and stop receiving emails from it, send an email to jfxtras-dev...@googlegroups.com.
To view this discussion on the web visit https://groups.google.com/d/msgid/jfxtras-dev/6590d6a6-bfd6-43b5-966d-a406b2874cca%40googlegroups.com.
Pedro Duque Vieira
May 6, 2020, 9:00:21 AM5/6/20
to jfxtr...@googlegroups.com
Hi Tom! Hope you're doing great.
No, AFAIK, it was only this one thing. I myself wasn't even aware the file existed in the project for quite a while (there were some releases that still contained it).
Strangely it seems the PR was rejected but still somehow got in, which could indicate some kind of exploit that the user took advantage of, at the time.
There's probably no harm now, probably no way for him to do anything else anymore. Though having him in the contributors list, I wonder if somehow it could affect the perceived reliability of the project? Although most people might not be aware of this, I wonder if some more zealous companies would feel put off if they discover some hacker made a commit sometime ago to the project? And that he's still in the contributors list.
Following the instructions I've posted in my first message, I can't see a settings button on the Jfxtras organization page. And as such I can't block him from the organization.
Thanks for your time, kind regards,
To view this discussion on the web visit https://groups.google.com/d/msgid/jfxtras-dev/8b15c20a-d4f6-d7a5-87e9-af917408e16c%40gmail.com.
Pedro Duque Vieira - https://www.pixelduke.com
tbeernot
May 6, 2020, 10:09:34 AM5/6/20
to jfxtr...@googlegroups.com
Well, for some reason I do have that
button. I blocked the user for you (probably not much chance he
will have problems with that), but as I suspected he is still on
the commiters page because, well, he commited.
Nevertheless, I doubt it will make any
difference for companies. It is kinda part of using open source
that there may be bad elements now and then, as there is
everywhere. But if the team handles it correctly, then I can't see
any reason to get upset over it.
Since your problem is not solved, I am
considering unblocking him. I suspect it was just a mishap.
Regards, Tom
To view this discussion on the web visit https://groups.google.com/d/msgid/jfxtras-dev/CAAEud6ZeuXiXg1zXc6FyDx2OQSgmdAoO7YH3CAPbxK%2BD850X%3Dw%40mail.gmail.com.
Pedro Duque Vieira
May 6, 2020, 1:52:22 PM5/6/20
to jfxtr...@googlegroups.com
OK thanks Tom.
AFAIK the PR should read "Merged" to indicate it was merged but it reads just "Closed", that's what I don't understand and that's why I was thinking it was something more than just a mistake.
Cheers,
To view this discussion on the web visit https://groups.google.com/d/msgid/jfxtras-dev/001e1367-0e53-7b15-9216-7dea8e60e686%40gmail.com.
tbeernot
May 6, 2020, 5:00:06 PM5/6/20
to jfxtr...@googlegroups.com
I agree, it should not have been
merged. Gerrit just closed it. But I don't think it is foul play.
To view this discussion on the web visit https://groups.google.com/d/msgid/jfxtras-dev/CAAEud6buGGX2w4VxgTvk_MChWmOwejBWyHFZsybd4-yFfZX-Tg%40mail.gmail.com.
Reply all
Reply to author
Forward
0 new messages