After some private discussions this with @neilb and the current Perl Steering Council (@ap, @book, @haarg), it appears that the current list of people with the "pumpkin" permission is too big (there are 53 people on that list at the time of writing).
This list seems to serve two purposes:
- keep an historical record of who ever did a release of Perl
- authorize (for PAUSE indexing purposes) the people in the list to release a new (stable) Perl
The first job is better handled by the perlhist manual page.
For the second, the risk of inactive account takeover is very real. Some of the people on the list above have stopped doing Perl for a long time (some are even deceased). It would make sense for this list to only contain people who actually need the permission, because they are on the Perl release schedule and will do a release in the near future.
To reduce administrivia, one proposal could be along the lines of:
- volunteers on the release schedule are given the permission
- by default, the permission expires a year after having been assigned
- everyone who has the permission has access to a button on PAUSE to extend it for another year
- the current PSC members have access to an interface to assign/revoke the permission to another PAUSE user
This should ensure that, after the initial setup, minimal involvement from PAUSE admins is needed (updating the list of PSC members every year). The PSC can assign the permission directly to volunteers, and people who stop contributing to Perl eventually lose the permission over time.
After some private discussions this with @neilb and the current Perl Steering Council (@ap, @book, @haarg), it appears that the current list of people with the "pumpkin" permission is too big (there are 53 people on that list at the time of writing).
This list seems to serve two purposes:
The first job is better handled by the perlhist manual page.
For the second, the risk of inactive account takeover is very real. Some of the people on the list above have stopped doing Perl for a long time (some are even deceased). It would make sense for this list to only contain people who actually need the permission, because they are on the Perl release schedule and will do a release in the near future.
To reduce administrivia, one proposal could be along the lines of:
This should ensure that, after the initial setup, minimal involvement from PAUSE admins is needed (updating the list of PSC members every year). The PSC can assign the permission directly to volunteers, and people who stop contributing to Perl eventually lose the permission over time.