From rdmurray at bitdance.com  Mon Jun 16 02:21:15 2014
From: rdmurray at bitdance.com (R. David Murray)
Date: Sun, 15 Jun 2014 20:21:15 -0400
Subject: [python-committers] Proposing Berker Peksag for push privileges
Message-ID: <20140616002116.77975250CDE@webabinitio.net>

I'd like to propose that we give Berker Peksag push privileges.  He's
provided a number of good quality patches and done good review work on
other issues, and has been an active contributor for quite some time.
IMO we've reached the point where it will be easier to let him push
patches.  (We've already had at least one instance of a committer
assuming he already could.)

I volunteer to act has his mentor for learning how to push to the
repository &c.

--David

From bcannon at gmail.com  Mon Jun 16 06:48:47 2014
From: bcannon at gmail.com (Dr. Brett Cannon)
Date: Mon, 16 Jun 2014 04:48:47 +0000
Subject: [python-committers]  Proposing Berker Peksag for push privileges
References: <20140616002116.77975250CDE@webabinitio.net>
Message-ID: <CAP1=2W7bZHRaf6RNY1eMdwgyFB=mCDSJ2C1r3Wmw=864zevf2A@mail.gmail.com>

Works for me to give Berker commit privileges.

On Sun, Jun 15, 2014, 17:21, R. David Murray <rdmurray at bitdance.com> wrote:

> I'd like to propose that we give Berker Peksag push privileges.  He's
> provided a number of good quality patches and done good review work on
> other issues, and has been an active contributor for quite some time.
> IMO we've reached the point where it will be easier to let him push
> patches.  (We've already had at least one instance of a committer
> assuming he already could.)
>
> I volunteer to act has his mentor for learning how to push to the
> repository &c.
>
> --David
> _______________________________________________
> python-committers mailing list
> python-committers at python.org
> https://mail.python.org/mailman/listinfo/python-committers
>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://mail.python.org/pipermail/python-committers/attachments/20140616/8e1c01b7/attachment.html>

From tjreedy at udel.edu  Mon Jun 16 08:24:02 2014
From: tjreedy at udel.edu (Terry Reedy)
Date: Mon, 16 Jun 2014 02:24:02 -0400
Subject: [python-committers] Proposing Berker Peksag for push privileges
In-Reply-To: <20140616002116.77975250CDE@webabinitio.net>
References: <20140616002116.77975250CDE@webabinitio.net>
Message-ID: <539E8D82.8050405@udel.edu>

On 6/15/2014 8:21 PM, R. David Murray wrote:
> I'd like to propose that we give Berker Peksag push privileges.  He's
> provided a number of good quality patches and done good review work on
> other issues, and has been an active contributor for quite some time.
> IMO we've reached the point where it will be easier to let him push
> patches.  (We've already had at least one instance of a committer
> assuming he already could.)

I had just that thought two days ago when applying a patch of his.

> I volunteer to act has his mentor for learning how to push to the
> repository &c.


From andrew.svetlov at gmail.com  Mon Jun 16 09:31:40 2014
From: andrew.svetlov at gmail.com (Andrew Svetlov)
Date: Mon, 16 Jun 2014 11:31:40 +0400
Subject: [python-committers] Proposing Berker Peksag for push privileges
In-Reply-To: <539E8D82.8050405@udel.edu>
References: <20140616002116.77975250CDE@webabinitio.net>
 <539E8D82.8050405@udel.edu>
Message-ID: <CAL3CFcX8gh1Nxw=2rBvAAMMkFNM3F5gGVsa-pxaOJ0cVLqZaaw@mail.gmail.com>

+1

On Mon, Jun 16, 2014 at 10:24 AM, Terry Reedy <tjreedy at udel.edu> wrote:
> On 6/15/2014 8:21 PM, R. David Murray wrote:
>>
>> I'd like to propose that we give Berker Peksag push privileges.  He's
>> provided a number of good quality patches and done good review work on
>> other issues, and has been an active contributor for quite some time.
>> IMO we've reached the point where it will be easier to let him push
>> patches.  (We've already had at least one instance of a committer
>> assuming he already could.)
>
>
> I had just that thought two days ago when applying a patch of his.
>
>
>> I volunteer to act has his mentor for learning how to push to the
>> repository &c.
>
>
> _______________________________________________
> python-committers mailing list
> python-committers at python.org
> https://mail.python.org/mailman/listinfo/python-committers



-- 
Thanks,
Andrew Svetlov

From zachary.ware+pycommit at gmail.com  Mon Jun 16 17:11:47 2014
From: zachary.ware+pycommit at gmail.com (Zachary Ware)
Date: Mon, 16 Jun 2014 10:11:47 -0500
Subject: [python-committers] Proposing Berker Peksag for push privileges
In-Reply-To: <539E8D82.8050405@udel.edu>
References: <20140616002116.77975250CDE@webabinitio.net>
 <539E8D82.8050405@udel.edu>
Message-ID: <CAKJDb-MeOme1xtwLeB3b8XMP-6eoPT5hSpqKS6X0nvenNo=XpA@mail.gmail.com>

On Mon, Jun 16, 2014 at 1:24 AM, Terry Reedy <tjreedy at udel.edu> wrote:
> On 6/15/2014 8:21 PM, R. David Murray wrote:
>> I'd like to propose that we give Berker Peksag push privileges.  He's
>> provided a number of good quality patches and done good review work on
>> other issues, and has been an active contributor for quite some time.
>> IMO we've reached the point where it will be easier to let him push
>> patches.  (We've already had at least one instance of a committer
>> assuming he already could.)
>
> I had just that thought two days ago when applying a patch of his.

I recall being surprised Berker didn't have push privileges some time
before I was given them; +1.

--
Zach

From storchaka at gmail.com  Mon Jun 16 17:26:17 2014
From: storchaka at gmail.com (Serhiy Storchaka)
Date: Mon, 16 Jun 2014 18:26:17 +0300
Subject: [python-committers] Proposing Berker Peksag for push privileges
In-Reply-To: <20140616002116.77975250CDE@webabinitio.net>
References: <20140616002116.77975250CDE@webabinitio.net>
Message-ID: <2416927.yRmhoEdGHi@raxxla>

??????, 15-???-2014 20:21:15 R. David Murray ????????:
> I'd like to propose that we give Berker Peksag push privileges.  He's
> provided a number of good quality patches and done good review work on
> other issues, and has been an active contributor for quite some time.
> IMO we've reached the point where it will be easier to let him push
> patches.  (We've already had at least one instance of a committer
> assuming he already could.)

I reviewed and committed many Berker's patches and they LGTM.

+1

From rdmurray at bitdance.com  Tue Jun 17 19:15:21 2014
From: rdmurray at bitdance.com (R. David Murray)
Date: Tue, 17 Jun 2014 13:15:21 -0400
Subject: [python-committers] Proposing Berker Peksag for push privileges
In-Reply-To: <2416927.yRmhoEdGHi@raxxla>
References: <20140616002116.77975250CDE@webabinitio.net>
 <2416927.yRmhoEdGHi@raxxla>
Message-ID: <20140617171521.7053D250D5E@webabinitio.net>

I have emailed Berker to (among other things) send in his keys
and introduce himself here after signing up.

--David

From ncoghlan at gmail.com  Fri Jun 20 03:13:29 2014
From: ncoghlan at gmail.com (Nick Coghlan)
Date: Fri, 20 Jun 2014 11:13:29 +1000
Subject: [python-committers] Contact info for possible workflow tool
	security issue
Message-ID: <CADiSq7eQFwHCUb5owtbw7xKfi=AHG6Y8B06hfQ2_h6Pw9izGfw@mail.gmail.com>

A colleague spotted a possible security issue with one of the CPython
workflow tools (specifically with the configuration of our
installation, rather than with the upstream project), and would like
to know where to report it securely.

Currently the developer guide covers CPython itself
(security at python.org), and infrastructure at python.org is the likely
place for the main PSF infrastructure, but it isn't clear where such
problems with the CPython worfklow tools should be reported.

Regards,
Nick.

P.S. A page in the dev guide listing the new core-workflow list, the
individual workflow tools, and their maintenance arrangements would be
a nice thing to have...

-- 
Nick Coghlan   |   ncoghlan at gmail.com   |   Brisbane, Australia

From antoine at python.org  Fri Jun 20 03:23:47 2014
From: antoine at python.org (Antoine Pitrou)
Date: Thu, 19 Jun 2014 21:23:47 -0400
Subject: [python-committers] Contact info for possible workflow tool
 security issue
In-Reply-To: <CADiSq7eQFwHCUb5owtbw7xKfi=AHG6Y8B06hfQ2_h6Pw9izGfw@mail.gmail.com>
References: <CADiSq7eQFwHCUb5owtbw7xKfi=AHG6Y8B06hfQ2_h6Pw9izGfw@mail.gmail.com>
Message-ID: <53A38D23.8020100@python.org>



Le 19/06/2014 21:13, Nick Coghlan a ?crit :
> A colleague spotted a possible security issue with one of the CPython
> workflow tools (specifically with the configuration of our
> installation, rather than with the upstream project), and would like
> to know where to report it securely.
>
> Currently the developer guide covers CPython itself
> (security at python.org), and infrastructure at python.org is the likely
> place for the main PSF infrastructure, but it isn't clear where such
> problems with the CPython worfklow tools should be reported.

I think security@ is fine.
infrastructure@ is not, since anyone can read it.

Regards

Antoine.

From benjamin at python.org  Fri Jun 20 03:32:25 2014
From: benjamin at python.org (Benjamin Peterson)
Date: Thu, 19 Jun 2014 18:32:25 -0700
Subject: [python-committers] Contact info for possible workflow tool
 security issue
In-Reply-To: <53A38D23.8020100@python.org>
References: <CADiSq7eQFwHCUb5owtbw7xKfi=AHG6Y8B06hfQ2_h6Pw9izGfw@mail.gmail.com>
 <53A38D23.8020100@python.org>
Message-ID: <1403227945.20056.130827357.58E97E60@webmail.messagingengine.com>

On Thu, Jun 19, 2014, at 18:23, Antoine Pitrou wrote:
> 
> 
> Le 19/06/2014 21:13, Nick Coghlan a ?crit :
> > A colleague spotted a possible security issue with one of the CPython
> > workflow tools (specifically with the configuration of our
> > installation, rather than with the upstream project), and would like
> > to know where to report it securely.
> >
> > Currently the developer guide covers CPython itself
> > (security at python.org), and infrastructure at python.org is the likely
> > place for the main PSF infrastructure, but it isn't clear where such
> > problems with the CPython worfklow tools should be reported.
> 
> I think security@ is fine.
> infrastructure@ is not, since anyone can read it.

There's also infrastructure-staff at python.org, which is private, but they
don't own much of the CPython developer infra. If it's the tracker, for
example, you're better off emailing Martin/bitdancer/Ezio privately.

From alex.gaynor at gmail.com  Fri Jun 20 03:34:42 2014
From: alex.gaynor at gmail.com (Alex Gaynor)
Date: Thu, 19 Jun 2014 18:34:42 -0700
Subject: [python-committers] Contact info for possible workflow tool
 security issue
In-Reply-To: <1403227945.20056.130827357.58E97E60@webmail.messagingengine.com>
References: <CADiSq7eQFwHCUb5owtbw7xKfi=AHG6Y8B06hfQ2_h6Pw9izGfw@mail.gmail.com>
 <53A38D23.8020100@python.org>
 <1403227945.20056.130827357.58E97E60@webmail.messagingengine.com>
Message-ID: <CAFRnB2WzUAzWmCttyOSTcEuQ0B4f1D4F6Nu1AgS51VOvx7_O0Q@mail.gmail.com>

security@ seems like the right address, since at a minimum we have all the
people who'll know where to route the issue to.

Alex


On Thu, Jun 19, 2014 at 6:32 PM, Benjamin Peterson <benjamin at python.org>
wrote:

> On Thu, Jun 19, 2014, at 18:23, Antoine Pitrou wrote:
> >
> >
> > Le 19/06/2014 21:13, Nick Coghlan a ?crit :
> > > A colleague spotted a possible security issue with one of the CPython
> > > workflow tools (specifically with the configuration of our
> > > installation, rather than with the upstream project), and would like
> > > to know where to report it securely.
> > >
> > > Currently the developer guide covers CPython itself
> > > (security at python.org), and infrastructure at python.org is the likely
> > > place for the main PSF infrastructure, but it isn't clear where such
> > > problems with the CPython worfklow tools should be reported.
> >
> > I think security@ is fine.
> > infrastructure@ is not, since anyone can read it.
>
> There's also infrastructure-staff at python.org, which is private, but they
> don't own much of the CPython developer infra. If it's the tracker, for
> example, you're better off emailing Martin/bitdancer/Ezio privately.
> _______________________________________________
> python-committers mailing list
> python-committers at python.org
> https://mail.python.org/mailman/listinfo/python-committers
>



-- 
"I disapprove of what you say, but I will defend to the death your right to
say it." -- Evelyn Beatrice Hall (summarizing Voltaire)
"The people's good is the highest law." -- Cicero
GPG Key fingerprint: 125F 5C67 DFE9 4084
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://mail.python.org/pipermail/python-committers/attachments/20140619/9985c28a/attachment.html>

From mal at egenix.com  Fri Jun 20 10:28:27 2014
From: mal at egenix.com (M.-A. Lemburg)
Date: Fri, 20 Jun 2014 10:28:27 +0200
Subject: [python-committers] Contact info for possible workflow tool
 security issue
In-Reply-To: <CADiSq7eQFwHCUb5owtbw7xKfi=AHG6Y8B06hfQ2_h6Pw9izGfw@mail.gmail.com>
References: <CADiSq7eQFwHCUb5owtbw7xKfi=AHG6Y8B06hfQ2_h6Pw9izGfw@mail.gmail.com>
Message-ID: <53A3F0AB.9080508@egenix.com>

On 20.06.2014 03:13, Nick Coghlan wrote:
> A colleague spotted a possible security issue with one of the CPython
> workflow tools (specifically with the configuration of our
> installation, rather than with the upstream project), and would like
> to know where to report it securely.
> 
> Currently the developer guide covers CPython itself
> (security at python.org), and infrastructure at python.org is the likely
> place for the main PSF infrastructure, but it isn't clear where such
> problems with the CPython worfklow tools should be reported.

If it's something our infra team can fix, it's probably best
to directly send it to:

PSF Infrastructure Staff <infrastructure-staff at python.org>

> Regards,
> Nick.
> 
> P.S. A page in the dev guide listing the new core-workflow list, the
> individual workflow tools, and their maintenance arrangements would be
> a nice thing to have...
> 

-- 
Marc-Andre Lemburg
eGenix.com

Professional Python Services directly from the Source  (#1, Jun 20 2014)
>>> Python Projects, Consulting and Support ...   http://www.egenix.com/
>>> mxODBC.Zope/Plone.Database.Adapter ...       http://zope.egenix.com/
>>> mxODBC, mxDateTime, mxTextTools ...        http://python.egenix.com/
________________________________________________________________________
2014-06-17: Released eGenix PyRun 2.0.0 ...       http://egenix.com/go58
2014-06-09: Released eGenix pyOpenSSL 0.13.3 ...  http://egenix.com/go57
2014-07-02: Python Meeting Duesseldorf ...                 12 days to go

   eGenix.com Software, Skills and Services GmbH  Pastor-Loeh-Str.48
    D-40764 Langenfeld, Germany. CEO Dipl.-Math. Marc-Andre Lemburg
           Registered at Amtsgericht Duesseldorf: HRB 46611
               http://www.egenix.com/company/contact/

From barry at python.org  Fri Jun 20 15:21:48 2014
From: barry at python.org (Barry Warsaw)
Date: Fri, 20 Jun 2014 09:21:48 -0400
Subject: [python-committers] Contact info for possible workflow tool
 security issue
In-Reply-To: <CADiSq7eQFwHCUb5owtbw7xKfi=AHG6Y8B06hfQ2_h6Pw9izGfw@mail.gmail.com>
References: <CADiSq7eQFwHCUb5owtbw7xKfi=AHG6Y8B06hfQ2_h6Pw9izGfw@mail.gmail.com>
Message-ID: <20140620092148.791610a0@anarchist.wooz.org>

On Jun 20, 2014, at 11:13 AM, Nick Coghlan wrote:

>Currently the developer guide covers CPython itself
>(security at python.org), and infrastructure at python.org is the likely
>place for the main PSF infrastructure, but it isn't clear where such
>problems with the CPython worfklow tools should be reported.

security@ should be the main entry point for all security issues for Python,
including infrastructure, workflow, tools, etc.  The folks on that team can
forward to other teams as necessary.

Cheers,
-Barry

From ncoghlan at gmail.com  Fri Jun 20 16:56:44 2014
From: ncoghlan at gmail.com (Nick Coghlan)
Date: Sat, 21 Jun 2014 00:56:44 +1000
Subject: [python-committers] Contact info for possible workflow tool
 security issue
In-Reply-To: <20140620092148.791610a0@anarchist.wooz.org>
References: <CADiSq7eQFwHCUb5owtbw7xKfi=AHG6Y8B06hfQ2_h6Pw9izGfw@mail.gmail.com>
 <20140620092148.791610a0@anarchist.wooz.org>
Message-ID: <CADiSq7fBDNZPpe=7OfA_F_9n29ngwA0B3tHMVy3J7W7Bzn3soA@mail.gmail.com>

On 20 June 2014 23:21, Barry Warsaw <barry at python.org> wrote:
> On Jun 20, 2014, at 11:13 AM, Nick Coghlan wrote:
>
>>Currently the developer guide covers CPython itself
>>(security at python.org), and infrastructure at python.org is the likely
>>place for the main PSF infrastructure, but it isn't clear where such
>>problems with the CPython worfklow tools should be reported.
>
> security@ should be the main entry point for all security issues for Python,
> including infrastructure, workflow, tools, etc.  The folks on that team can
> forward to other teams as necessary.

OK, thanks. We may want to make that scope clearer on
https://www.python.org/security, as I suspect I'm not alone in
assuming the security address was specifically for the interpreter,
rather than also covering python.org and the workflow tools in
general.

Cheers,
Nick.

-- 
Nick Coghlan   |   ncoghlan at gmail.com   |   Brisbane, Australia