Proactively awarding developer status?

Thomas Ward teward at
Fri Oct 30 14:22:05 UTC 2020

Posting publicly to provide my opinion for others to consider on this as

On 10/30/20 9:47 AM, Robie Basak wrote:
> My proposal is this. Start by accepting *third party applications* for
> contributing developer status. We'd expect the same information as in a
> regular contribution developer application, but from a third party and
> privately[1]. We'd consider the application privately, and if we accept
> it, then we'd reach out to the second party and offer contributing
> developer status with it already having been approved. If the second
> party wants it, then it'll be done.

One of my major concerns here is 'spammy applications'.  Which goes to
say, we need to tighten/restrict who can actually file such applications.

Restricting the set of individuals who can file third party applications
would be a good start.  I.E. anyone currently with upload privileges
(coredevs, motus, and per package uploaders) would be able to file a
third party application privately for prospective contributing
developers, which would be processed privately and once approved we can
make the information available publicly.  This prevents just anyone from
filing applications for others, and will help cut back on 'spammy'
applications and notifications.

> To limit concerns I suggest doing this initially only for contributing
> developer applications

I think it makes sense perpetually to only do this for contributing
developer applications, at least for the next couple cycles to see how
this goes.  I'd be very hesitant to expand this to any type of developer
membership in which upload rights of any kind are actually granted, as
that requires a lot more evidence in support of a specific role/access
(server-dev, even Per Package Upload for a specific package, require
evidence of work in the packages and such that goes beyond a single
third party providing advocacy in those cases)


-------------- next part --------------
An HTML attachment was scrubbed...
URL: <>

More information about the Devel-permissions mailing list