feed-pqm should warn if a merge proposal includes revisions from users not in ~contributor-agreement-canonical

I'd like to +1 the importance of this bug.

Projects in Launchpad should have a metadata field that consists defines its "contributor-agreement" team (where the contributor-agreement-canonical team is pertinent to me, but perhaps other projects have their own CA).

As a developer and project maintainer, tracking down and enforcing CA signatures is probably my least favorite part of the job. Doing this manually is inefficient and quite possibly inaccurate. This is a process that should absolutely be automated and enforced by Launchpad/Bzr itself.

@Dustin, this bug is only relevant to hydrazine's feed-pqm script, therefore only relevant to projects using PQM. Are you?

For other projects you can use scan-merge-proposals and I'm very happy to either hear bugs against that and/or to look at setting it up as a bot to comment on all canonical-contributor-agreement-related projects.

Hmm, what's feed-pqm?

I generally see merge proposals as emails in my inbox, and in the web interface.

In both cases, I'd like to see a simple statement (or icon, or keyword) that tells me if the proposer has signed the agreement, or not. If not, I would reject the proposal and point them at the FAQ/Policy, as objectively as possible.

For bonus points, it would be nice if Launchpad/bzr did the rejection for me, so that I'm not the one who gets the hate mail. But the simpler case above is notable improvement, and I would take that now, if I could get it.

Dustin

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

Dustin Kirkland wrote:
> Hmm, what's feed-pqm?
>
> I generally see merge proposals as emails in my inbox, and in the web
> interface.
>
> In both cases, I'd like to see a simple statement (or icon, or keyword)
> that tells me if the proposer has signed the agreement, or not. If not,
> I would reject the proposal and point them at the FAQ/Policy, as
> objectively as possible.
>
> For bonus points, it would be nice if Launchpad/bzr did the rejection
> for me, so that I'm not the one who gets the hate mail. But the simpler
> case above is notable improvement, and I would take that now, if I could
> get it.
>
> Dustin
>

feed-pqm is a hydrazine script which uses launchpadlib api to do some
workflow related scripting.

I think part of the issue is that we end up codifying the Canonical way
(people who have signed a committer agreement are in a specific group),
into Launchpad itself. Probably saying 'put an icon if user is/isn't in
group X' is probably ok, but then you need a way for projects to set
that group, etc.

John
=:->
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.9 (Cygwin)
Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org/

iEYEARECAAYFAkxKEYIACgkQJdeBCYSNAAOSEgCfYVYqt72QU15Pa2CX4j49Re01
tkIAniL/SDIJLXxwKmiDd18cvvj2LwGB
=LiBq
-----END PGP SIGNATURE-----