SlideShare a Scribd company logo

PAUSE Permissions

Download as PPTX, PDF
N
neilbowers

A lightning talk I gave at the London Perl Workshop 2012

Technology
1 of 21
PAUSE::Permissions A lightning talk given at London Perl Workshop 2012 The permissions model that controls who can upload what modules to CPAN, via PAUSE Neil Bowers Andreas König NEILB ANDK
PAUSE::Permissions A module for querying the data behind the model Neil Bowers Andreas König NEILB ANDK
PAUSE and CPAN
$CPAN/modules/06perms.txt • Who has what permissions for which modules
$CPAN/modules/06perms.txt Time::Fake,ROSULEK,f Time::Fields,PIP,f Time::Format,PGOLLUCCI,f Time::Format,ROODE,m Time::Format_XS,ROODE,f Time::Frame,PIP,f Time::Fuzzy,JQUELIN,m Time::GPS,ZEFRAM,f Time::HiRes, JHI, c Time::HR,AGOLOMSH,f Time::HiRes,DEWEG,c Time::HiRes,JHI,c module PAUSE id Time::HiRes,ZEFRAM,m Time::HiRes::Value,PEVANS,f permission Time::Human,JHOBLITT,f Time::Implementation,FOTANGO,f Time::Implementation,STIG,c Time::Interval,AHICOX,f
Upload a new module • If you’re the first to upload a module to CPAN, you get the 'f' permission (“first come”) Module::Path,NEILB,f • You’re considered the owner
Register module on module list • If you register the module, you get an 'm' permission Graph::Reader,NEILB,m • Internally you also still have 'f' • 'm' takes precedence over 'f'
You register modules, not dists • I registered PAUSE::Permissions • The dist also includes PAUSE::Permissions::Module PAUSE::Permissions,NEILB,m PAUSE::Permissions::Module,NEILB,f • What should you do with other modules in dists? • If they’re public-facing, consider registering them • Otherwise 'f' is fine
Co-maintainers • The owner of a module can grant co-maint perms • Using the PAUSE web interface • They get a 'c' permission. PAUSE::Permissions,ANDK,c PAUSE::Permissions,NEILB,m PAUSE::Permissions::Module,ANDK,c PAUSE::Permissions::Module,NEILB,f • Co-maints can upload new versions of a module • Co-maints cannot grant co-maint permissions
Permissions are on modules • Years back I created some Locale:: modules • I handed them to SBECK, he's expanded the dist Locale::Codes,SBECK,f Locale::Constants,NEILB,c Locale::Codes::Constants,SBECK,f Locale::Country,NEILB,c Locale::Codes::Country,SBECK,f … lots more modules … Locale::Currency,NEILB,c Locale::Constants,SBECK,f Locale::Country,SBECK,m Locale::Language,NEILB,c Locale::CountryCodes,SBECK,f Locale::Script,NEILB,c Locale::Currency,SBECK,m Locale::CurrencyCodes,SBECK,f Locale::Language,SBECK,m Locale::LanguageCodes,SBECK,f Locale::Script,SBECK,f Locale::ScriptCodes,SBECK,f • I have co-maint on the original modules • but not on those he's subsequently added.
Someone else's module • If you upload a module you don't have perms for • The dist will make it to your author directory • The offending module won't be indexed (but ok modules will be) • search.cpan.org will shout at you
Deleting dists from CPAN • You can only delete dists that you uploaded • Regardless of whether you're the owner • Permissions are associated with modules, not dists, remember • If you don't like a co-maint's release • Revoke co-maint, then supersede with a new release • But talk to them first!
Namespace squatting • Upload a module, then delete the dist (via PAUSE) • The module won't exist on CPAN • But you'll have an 'f' permission No::Such::Module,NEILB,f • No-one else will be able to use that name • Free it up using PAUSE ("Change Permissions")
Developer releases • Developer releases don't trigger permissions • If your first release of a module is a developer release, you won't get any permissions. • Someone else could gazump you • "This may change" - ANDK
Transfer of ownership • You can transfer ownership to another user • They get your 'm' or 'f' • You get 'c' PAUSE::Permissions,ANDK,m PAUSE::Permissions,NEILB,c PAUSE::Permissions::Module,ANDK,f PAUSE::Permissions::Module,NEILB,c
Taking over a module "Usually, after all this hassle, we are reasonably quick at assigning co-maintenance permissions, but don't hold your breath"
Anomaly #1: different m and f • Modules with different 'm' and 'f' users? • This can't happen TM Catalyst::Engine::Apache,AGRUNDMA,m Catalyst::Engine::Apache,MSTROUT,f • But when it does • 'm' is the owner • 'f' is treated as a co-maint • There are some special conventions • Eg P5P has 'f' on some modules Tie::SubstrHash,LWALL,m Tie::SubstrHash,P5P,f
Anomaly #2: modules with no owner • There are 1000+ modules with co-maints only DBIx::Class::Loader,AMS,c DBIx::Class::Loader,DMAKI,c DBIx::Class::Loader,KRAIH,c DBIx::Class::Loader,MRAMBERG,c DBIx::Class::Loader,SRI,c DBIx::Class::Loader,TEMPIRE,c • How does this come about? • You can give up your permissions: "Change Permissions" on PAUSE • Make your case to PAUSE admins for ownership • PAUSE Admins: modules@perl.org
Anomaly #3: modules with no perms • Some modules are on CPAN but not in 06perms.txt • Upload a module, then give up your 'f' permission • It's open season on the module name again
PAUSE::Permissions use PAUSE::Permissions; my $pp = PAUSE::Permissions->new; my $mp = $pp->module_permissions('PAUSE::Permissions'); my $owner = $mp->owner; # NEILB my @comaints = $mp->co_maintainers; # ANDK
Finally • Largest number of co-maints any module has? • Tidy up your permissions please

Recommended

Devoxx Maroc 2015 HTTP 1, HTTP 2 and folks
Devoxx Maroc 2015 HTTP 1, HTTP 2 and folksDevoxx Maroc 2015 HTTP 1, HTTP 2 and folks
Devoxx Maroc 2015 HTTP 1, HTTP 2 and folks
Nicolas Martignole
 
Packaging for the Maemo Platform
Packaging for the Maemo PlatformPackaging for the Maemo Platform
Packaging for the Maemo Platform
Jeremiah Foster
 
Finding CPAN adoption candidates
Finding CPAN adoption candidatesFinding CPAN adoption candidates
Finding CPAN adoption candidates
neilbowers
 
Perl in the Internet of Things
Perl in the Internet of ThingsPerl in the Internet of Things
Perl in the Internet of Things
Dave Cross
 
CPAN Exporter modules for Perl 5
CPAN Exporter modules for Perl 5CPAN Exporter modules for Perl 5
CPAN Exporter modules for Perl 5
neilbowers
 
Modern Core Perl
Modern Core PerlModern Core Perl
Modern Core Perl
Dave Cross
 
Have more fun with Perl via Questhub
Have more fun with Perl via QuesthubHave more fun with Perl via Questhub
Have more fun with Perl via Questhub
neilbowers
 
Matt's PSGI Archive
Matt's PSGI ArchiveMatt's PSGI Archive
Matt's PSGI Archive
Dave Cross
 

Recommended

Devoxx Maroc 2015 HTTP 1, HTTP 2 and folks
Devoxx Maroc 2015 HTTP 1, HTTP 2 and folksDevoxx Maroc 2015 HTTP 1, HTTP 2 and folks
Devoxx Maroc 2015 HTTP 1, HTTP 2 and folks
Nicolas Martignole
 
Packaging for the Maemo Platform
Packaging for the Maemo PlatformPackaging for the Maemo Platform
Packaging for the Maemo Platform
Jeremiah Foster
 
Finding CPAN adoption candidates
Finding CPAN adoption candidatesFinding CPAN adoption candidates
Finding CPAN adoption candidates
neilbowers
 
Perl in the Internet of Things
Perl in the Internet of ThingsPerl in the Internet of Things
Perl in the Internet of Things
Dave Cross
 
CPAN Exporter modules for Perl 5
CPAN Exporter modules for Perl 5CPAN Exporter modules for Perl 5
CPAN Exporter modules for Perl 5
neilbowers
 
Modern Core Perl
Modern Core PerlModern Core Perl
Modern Core Perl
Dave Cross
 
Have more fun with Perl via Questhub
Have more fun with Perl via QuesthubHave more fun with Perl via Questhub
Have more fun with Perl via Questhub
neilbowers
 
Matt's PSGI Archive
Matt's PSGI ArchiveMatt's PSGI Archive
Matt's PSGI Archive
Dave Cross
 
Packaging perl (LPW2010)
Packaging perl (LPW2010)Packaging perl (LPW2010)
Packaging perl (LPW2010)
p3castro
 
modern module development - Ken Barber 2012 Edinburgh Puppet Camp
modern module development - Ken Barber 2012 Edinburgh Puppet Campmodern module development - Ken Barber 2012 Edinburgh Puppet Camp
modern module development - Ken Barber 2012 Edinburgh Puppet Camp
Puppet
 
Perl Dist::Surveyor 2011
Perl Dist::Surveyor 2011Perl Dist::Surveyor 2011
Perl Dist::Surveyor 2011
Tim Bunce
 
DockerDay2015: Getting started with Google Container Engine
DockerDay2015: Getting started with Google Container EngineDockerDay2015: Getting started with Google Container Engine
DockerDay2015: Getting started with Google Container Engine
Docker-Hanoi
 
Cluster management with Kubernetes
Cluster management with KubernetesCluster management with Kubernetes
Cluster management with Kubernetes
Satnam Singh
 
From SaltStack to Puppet and beyond...
From SaltStack to Puppet and beyond...From SaltStack to Puppet and beyond...
From SaltStack to Puppet and beyond...
Yury Bushmelev
 
EKON 24 ML_community_edition
EKON 24 ML_community_editionEKON 24 ML_community_edition
EKON 24 ML_community_edition
Max Kleiner
 
走向开源:向CPAN提交模块Step By Step
走向开源:向CPAN提交模块Step By Step走向开源:向CPAN提交模块Step By Step
走向开源:向CPAN提交模块Step By Step
qiang
 
CPAN Curation
CPAN CurationCPAN Curation
CPAN Curation
neilbowers
 
21st Century CPAN Testing: CPANci
21st Century CPAN Testing: CPANci21st Century CPAN Testing: CPANci
21st Century CPAN Testing: CPANci
Mike Friedman
 
CPAN 模組二三事
CPAN 模組二三事CPAN 模組二三事
CPAN 模組二三事
Lin Yo-An
 
PyCourse - Self driving python course
PyCourse - Self driving python coursePyCourse - Self driving python course
PyCourse - Self driving python course
Eran Shlomo
 
Developing Web Apps with Symfony2, Doctrine and MongoDB
Developing Web Apps with Symfony2, Doctrine and MongoDBDeveloping Web Apps with Symfony2, Doctrine and MongoDB
Developing Web Apps with Symfony2, Doctrine and MongoDB
MongoDB
 
Mongo db bangalore 2012
Mongo db bangalore 2012Mongo db bangalore 2012
Mongo db bangalore 2012
MongoDB
 
GPU cloud with Job scheduler and Container
GPU cloud with Job scheduler and ContainerGPU cloud with Job scheduler and Container
GPU cloud with Job scheduler and Container
Andrew Yongjoon Kong
 
Resource Management of Docker
Resource Management of DockerResource Management of Docker
Resource Management of Docker
SpeedyCloud
 
Custom Tile Generation in PCF
Custom Tile Generation in PCFCustom Tile Generation in PCF
Custom Tile Generation in PCF
VMware Tanzu
 
Devel::NYTProf v3 - 200908 (OUTDATED, see 201008)
Devel::NYTProf v3 - 200908 (OUTDATED, see 201008)Devel::NYTProf v3 - 200908 (OUTDATED, see 201008)
Devel::NYTProf v3 - 200908 (OUTDATED, see 201008)
Tim Bunce
 
Leonid Vasilyev "Building, deploying and running production code at Dropbox"
Leonid Vasilyev "Building, deploying and running production code at Dropbox"Leonid Vasilyev "Building, deploying and running production code at Dropbox"
Leonid Vasilyev "Building, deploying and running production code at Dropbox"
IT Event
 
Get Django, Get Hired - An opinionated guide to getting the best job, for the...
Get Django, Get Hired - An opinionated guide to getting the best job, for the...Get Django, Get Hired - An opinionated guide to getting the best job, for the...
Get Django, Get Hired - An opinionated guide to getting the best job, for the...
Marcel Chastain
 
Bajaj Allianz Life Insurance Company - Insurer Innovation Award 2024
Bajaj Allianz Life Insurance Company - Insurer Innovation Award 2024Bajaj Allianz Life Insurance Company - Insurer Innovation Award 2024
Bajaj Allianz Life Insurance Company - Insurer Innovation Award 2024
The Digital Insurer
 
From Event to Action: Accelerate Your Decision Making with Real-Time Automation
From Event to Action: Accelerate Your Decision Making with Real-Time AutomationFrom Event to Action: Accelerate Your Decision Making with Real-Time Automation
From Event to Action: Accelerate Your Decision Making with Real-Time Automation
Safe Software
 

More Related Content

Similar to PAUSE Permissions

modern module development - Ken Barber 2012 Edinburgh Puppet Camp
modern module development - Ken Barber 2012 Edinburgh Puppet Campmodern module development - Ken Barber 2012 Edinburgh Puppet Camp
modern module development - Ken Barber 2012 Edinburgh Puppet Camp
Puppet
 
Mongo db bangalore 2012
Mongo db bangalore 2012Mongo db bangalore 2012
Mongo db bangalore 2012
MongoDB
 
Custom Tile Generation in PCF
Custom Tile Generation in PCFCustom Tile Generation in PCF
Custom Tile Generation in PCF
VMware Tanzu
 

Similar to PAUSE Permissions (20)

Packaging perl (LPW2010)
Packaging perl (LPW2010)Packaging perl (LPW2010)
Packaging perl (LPW2010)
 
modern module development - Ken Barber 2012 Edinburgh Puppet Camp
modern module development - Ken Barber 2012 Edinburgh Puppet Campmodern module development - Ken Barber 2012 Edinburgh Puppet Camp
modern module development - Ken Barber 2012 Edinburgh Puppet Camp
 
Perl Dist::Surveyor 2011
Perl Dist::Surveyor 2011Perl Dist::Surveyor 2011
Perl Dist::Surveyor 2011
 
DockerDay2015: Getting started with Google Container Engine
DockerDay2015: Getting started with Google Container EngineDockerDay2015: Getting started with Google Container Engine
DockerDay2015: Getting started with Google Container Engine
 
Cluster management with Kubernetes
Cluster management with KubernetesCluster management with Kubernetes
Cluster management with Kubernetes
 
From SaltStack to Puppet and beyond...
From SaltStack to Puppet and beyond...From SaltStack to Puppet and beyond...
From SaltStack to Puppet and beyond...
 
EKON 24 ML_community_edition
EKON 24 ML_community_editionEKON 24 ML_community_edition
EKON 24 ML_community_edition
 
走向开源:向CPAN提交模块Step By Step
走向开源:向CPAN提交模块Step By Step走向开源:向CPAN提交模块Step By Step
走向开源:向CPAN提交模块Step By Step
 
CPAN Curation
CPAN CurationCPAN Curation
CPAN Curation
 
21st Century CPAN Testing: CPANci
21st Century CPAN Testing: CPANci21st Century CPAN Testing: CPANci
21st Century CPAN Testing: CPANci
 
CPAN 模組二三事
CPAN 模組二三事CPAN 模組二三事
CPAN 模組二三事
 
PyCourse - Self driving python course
PyCourse - Self driving python coursePyCourse - Self driving python course
PyCourse - Self driving python course
 
Developing Web Apps with Symfony2, Doctrine and MongoDB
Developing Web Apps with Symfony2, Doctrine and MongoDBDeveloping Web Apps with Symfony2, Doctrine and MongoDB
Developing Web Apps with Symfony2, Doctrine and MongoDB
 
Mongo db bangalore 2012
Mongo db bangalore 2012Mongo db bangalore 2012
Mongo db bangalore 2012
 
GPU cloud with Job scheduler and Container
GPU cloud with Job scheduler and ContainerGPU cloud with Job scheduler and Container
GPU cloud with Job scheduler and Container
 
Resource Management of Docker
Resource Management of DockerResource Management of Docker
Resource Management of Docker
 
Custom Tile Generation in PCF
Custom Tile Generation in PCFCustom Tile Generation in PCF
Custom Tile Generation in PCF
 
Devel::NYTProf v3 - 200908 (OUTDATED, see 201008)
Devel::NYTProf v3 - 200908 (OUTDATED, see 201008)Devel::NYTProf v3 - 200908 (OUTDATED, see 201008)
Devel::NYTProf v3 - 200908 (OUTDATED, see 201008)
 
Leonid Vasilyev "Building, deploying and running production code at Dropbox"
Leonid Vasilyev "Building, deploying and running production code at Dropbox"Leonid Vasilyev "Building, deploying and running production code at Dropbox"
Leonid Vasilyev "Building, deploying and running production code at Dropbox"
 
Get Django, Get Hired - An opinionated guide to getting the best job, for the...
Get Django, Get Hired - An opinionated guide to getting the best job, for the...Get Django, Get Hired - An opinionated guide to getting the best job, for the...
Get Django, Get Hired - An opinionated guide to getting the best job, for the...
 

Recently uploaded

From Event to Action: Accelerate Your Decision Making with Real-Time Automation
From Event to Action: Accelerate Your Decision Making with Real-Time AutomationFrom Event to Action: Accelerate Your Decision Making with Real-Time Automation
From Event to Action: Accelerate Your Decision Making with Real-Time Automation
Safe Software
 
A Year of the Servo Reboot: Where Are We Now?
A Year of the Servo Reboot: Where Are We Now?A Year of the Servo Reboot: Where Are We Now?
A Year of the Servo Reboot: Where Are We Now?
Igalia
 
Deploy with confidence: VMware Cloud Foundation 5.1 on next gen Dell PowerEdg...
Deploy with confidence: VMware Cloud Foundation 5.1 on next gen Dell PowerEdg...Deploy with confidence: VMware Cloud Foundation 5.1 on next gen Dell PowerEdg...
Deploy with confidence: VMware Cloud Foundation 5.1 on next gen Dell PowerEdg...
Principled Technologies
 
+971581248768>> SAFE AND ORIGINAL ABORTION PILLS FOR SALE IN DUBAI AND ABUDHA...
+971581248768>> SAFE AND ORIGINAL ABORTION PILLS FOR SALE IN DUBAI AND ABUDHA...+971581248768>> SAFE AND ORIGINAL ABORTION PILLS FOR SALE IN DUBAI AND ABUDHA...
+971581248768>> SAFE AND ORIGINAL ABORTION PILLS FOR SALE IN DUBAI AND ABUDHA...
?#DUbAI#??##{{(☎️+971_581248768%)**%*]'#abortion pills for sale in dubai@
 
Cloud Frontiers: A Deep Dive into Serverless Spatial Data and FME
Cloud Frontiers: A Deep Dive into Serverless Spatial Data and FMECloud Frontiers: A Deep Dive into Serverless Spatial Data and FME
Cloud Frontiers: A Deep Dive into Serverless Spatial Data and FME
Safe Software
 
Why Teams call analytics are critical to your entire business
Why Teams call analytics are critical to your entire businessWhy Teams call analytics are critical to your entire business
Why Teams call analytics are critical to your entire business
panagenda
 
TrustArc Webinar - Stay Ahead of US State Data Privacy Law Developments
TrustArc Webinar - Stay Ahead of US State Data Privacy Law DevelopmentsTrustArc Webinar - Stay Ahead of US State Data Privacy Law Developments
TrustArc Webinar - Stay Ahead of US State Data Privacy Law Developments
TrustArc
 

Recently uploaded (20)

Bajaj Allianz Life Insurance Company - Insurer Innovation Award 2024
Bajaj Allianz Life Insurance Company - Insurer Innovation Award 2024Bajaj Allianz Life Insurance Company - Insurer Innovation Award 2024
Bajaj Allianz Life Insurance Company - Insurer Innovation Award 2024
 
From Event to Action: Accelerate Your Decision Making with Real-Time Automation
From Event to Action: Accelerate Your Decision Making with Real-Time AutomationFrom Event to Action: Accelerate Your Decision Making with Real-Time Automation
From Event to Action: Accelerate Your Decision Making with Real-Time Automation
 
A Year of the Servo Reboot: Where Are We Now?
A Year of the Servo Reboot: Where Are We Now?A Year of the Servo Reboot: Where Are We Now?
A Year of the Servo Reboot: Where Are We Now?
 
Deploy with confidence: VMware Cloud Foundation 5.1 on next gen Dell PowerEdg...
Deploy with confidence: VMware Cloud Foundation 5.1 on next gen Dell PowerEdg...Deploy with confidence: VMware Cloud Foundation 5.1 on next gen Dell PowerEdg...
Deploy with confidence: VMware Cloud Foundation 5.1 on next gen Dell PowerEdg...
 
Axa Assurance Maroc - Insurer Innovation Award 2024
Axa Assurance Maroc - Insurer Innovation Award 2024Axa Assurance Maroc - Insurer Innovation Award 2024
Axa Assurance Maroc - Insurer Innovation Award 2024
 
🐬 The future of MySQL is Postgres 🐘
🐬 The future of MySQL is Postgres 🐘🐬 The future of MySQL is Postgres 🐘
🐬 The future of MySQL is Postgres 🐘
 
Apidays New York 2024 - The Good, the Bad and the Governed by David O'Neill, ...
Apidays New York 2024 - The Good, the Bad and the Governed by David O'Neill, ...Apidays New York 2024 - The Good, the Bad and the Governed by David O'Neill, ...
Apidays New York 2024 - The Good, the Bad and the Governed by David O'Neill, ...
 
+971581248768>> SAFE AND ORIGINAL ABORTION PILLS FOR SALE IN DUBAI AND ABUDHA...
+971581248768>> SAFE AND ORIGINAL ABORTION PILLS FOR SALE IN DUBAI AND ABUDHA...+971581248768>> SAFE AND ORIGINAL ABORTION PILLS FOR SALE IN DUBAI AND ABUDHA...
+971581248768>> SAFE AND ORIGINAL ABORTION PILLS FOR SALE IN DUBAI AND ABUDHA...
 
Boost Fertility New Invention Ups Success Rates.pdf
Boost Fertility New Invention Ups Success Rates.pdfBoost Fertility New Invention Ups Success Rates.pdf
Boost Fertility New Invention Ups Success Rates.pdf
 
Apidays New York 2024 - Scaling API-first by Ian Reasor and Radu Cotescu, Adobe
Apidays New York 2024 - Scaling API-first by Ian Reasor and Radu Cotescu, AdobeApidays New York 2024 - Scaling API-first by Ian Reasor and Radu Cotescu, Adobe
Apidays New York 2024 - Scaling API-first by Ian Reasor and Radu Cotescu, Adobe
 
Connector Corner: Accelerate revenue generation using UiPath API-centric busi...
Connector Corner: Accelerate revenue generation using UiPath API-centric busi...Connector Corner: Accelerate revenue generation using UiPath API-centric busi...
Connector Corner: Accelerate revenue generation using UiPath API-centric busi...
 
How to Troubleshoot Apps for the Modern Connected Worker
How to Troubleshoot Apps for the Modern Connected WorkerHow to Troubleshoot Apps for the Modern Connected Worker
How to Troubleshoot Apps for the Modern Connected Worker
 
Cloud Frontiers: A Deep Dive into Serverless Spatial Data and FME
Cloud Frontiers: A Deep Dive into Serverless Spatial Data and FMECloud Frontiers: A Deep Dive into Serverless Spatial Data and FME
Cloud Frontiers: A Deep Dive into Serverless Spatial Data and FME
 
Why Teams call analytics are critical to your entire business
Why Teams call analytics are critical to your entire businessWhy Teams call analytics are critical to your entire business
Why Teams call analytics are critical to your entire business
 
Top 10 Most Downloaded Games on Play Store in 2024
Top 10 Most Downloaded Games on Play Store in 2024Top 10 Most Downloaded Games on Play Store in 2024
Top 10 Most Downloaded Games on Play Store in 2024
 
Apidays Singapore 2024 - Building Digital Trust in a Digital Economy by Veron...
Apidays Singapore 2024 - Building Digital Trust in a Digital Economy by Veron...Apidays Singapore 2024 - Building Digital Trust in a Digital Economy by Veron...
Apidays Singapore 2024 - Building Digital Trust in a Digital Economy by Veron...
 
A Domino Admins Adventures (Engage 2024)
A Domino Admins Adventures (Engage 2024)A Domino Admins Adventures (Engage 2024)
A Domino Admins Adventures (Engage 2024)
 
Tata AIG General Insurance Company - Insurer Innovation Award 2024
Tata AIG General Insurance Company - Insurer Innovation Award 2024Tata AIG General Insurance Company - Insurer Innovation Award 2024
Tata AIG General Insurance Company - Insurer Innovation Award 2024
 
TrustArc Webinar - Stay Ahead of US State Data Privacy Law Developments
TrustArc Webinar - Stay Ahead of US State Data Privacy Law DevelopmentsTrustArc Webinar - Stay Ahead of US State Data Privacy Law Developments
TrustArc Webinar - Stay Ahead of US State Data Privacy Law Developments
 
AWS Community Day CPH - Three problems of Terraform
AWS Community Day CPH - Three problems of TerraformAWS Community Day CPH - Three problems of Terraform
AWS Community Day CPH - Three problems of Terraform
 

PAUSE Permissions

  • 1. PAUSE::Permissions A lightning talk given at London Perl Workshop 2012 The permissions model that controls who can upload what modules to CPAN, via PAUSE Neil Bowers Andreas König NEILB ANDK
  • 2. PAUSE::Permissions A module for querying the data behind the model Neil Bowers Andreas König NEILB ANDK
  • 4. $CPAN/modules/06perms.txt • Who has what permissions for which modules
  • 5. $CPAN/modules/06perms.txt Time::Fake,ROSULEK,f Time::Fields,PIP,f Time::Format,PGOLLUCCI,f Time::Format,ROODE,m Time::Format_XS,ROODE,f Time::Frame,PIP,f Time::Fuzzy,JQUELIN,m Time::GPS,ZEFRAM,f Time::HiRes, JHI, c Time::HR,AGOLOMSH,f Time::HiRes,DEWEG,c Time::HiRes,JHI,c module PAUSE id Time::HiRes,ZEFRAM,m Time::HiRes::Value,PEVANS,f permission Time::Human,JHOBLITT,f Time::Implementation,FOTANGO,f Time::Implementation,STIG,c Time::Interval,AHICOX,f
  • 6. Upload a new module • If you’re the first to upload a module to CPAN, you get the 'f' permission (“first come”) Module::Path,NEILB,f • You’re considered the owner
  • 7. Register module on module list • If you register the module, you get an 'm' permission Graph::Reader,NEILB,m • Internally you also still have 'f' • 'm' takes precedence over 'f'
  • 8. You register modules, not dists • I registered PAUSE::Permissions • The dist also includes PAUSE::Permissions::Module PAUSE::Permissions,NEILB,m PAUSE::Permissions::Module,NEILB,f • What should you do with other modules in dists? • If they’re public-facing, consider registering them • Otherwise 'f' is fine
  • 9. Co-maintainers • The owner of a module can grant co-maint perms • Using the PAUSE web interface • They get a 'c' permission. PAUSE::Permissions,ANDK,c PAUSE::Permissions,NEILB,m PAUSE::Permissions::Module,ANDK,c PAUSE::Permissions::Module,NEILB,f • Co-maints can upload new versions of a module • Co-maints cannot grant co-maint permissions
  • 10. Permissions are on modules • Years back I created some Locale:: modules • I handed them to SBECK, he's expanded the dist Locale::Codes,SBECK,f Locale::Constants,NEILB,c Locale::Codes::Constants,SBECK,f Locale::Country,NEILB,c Locale::Codes::Country,SBECK,f … lots more modules … Locale::Currency,NEILB,c Locale::Constants,SBECK,f Locale::Country,SBECK,m Locale::Language,NEILB,c Locale::CountryCodes,SBECK,f Locale::Script,NEILB,c Locale::Currency,SBECK,m Locale::CurrencyCodes,SBECK,f Locale::Language,SBECK,m Locale::LanguageCodes,SBECK,f Locale::Script,SBECK,f Locale::ScriptCodes,SBECK,f • I have co-maint on the original modules • but not on those he's subsequently added.
  • 11. Someone else's module • If you upload a module you don't have perms for • The dist will make it to your author directory • The offending module won't be indexed (but ok modules will be) • search.cpan.org will shout at you
  • 12. Deleting dists from CPAN • You can only delete dists that you uploaded • Regardless of whether you're the owner • Permissions are associated with modules, not dists, remember • If you don't like a co-maint's release • Revoke co-maint, then supersede with a new release • But talk to them first!
  • 13. Namespace squatting • Upload a module, then delete the dist (via PAUSE) • The module won't exist on CPAN • But you'll have an 'f' permission No::Such::Module,NEILB,f • No-one else will be able to use that name • Free it up using PAUSE ("Change Permissions")
  • 14. Developer releases • Developer releases don't trigger permissions • If your first release of a module is a developer release, you won't get any permissions. • Someone else could gazump you • "This may change" - ANDK
  • 15. Transfer of ownership • You can transfer ownership to another user • They get your 'm' or 'f' • You get 'c' PAUSE::Permissions,ANDK,m PAUSE::Permissions,NEILB,c PAUSE::Permissions::Module,ANDK,f PAUSE::Permissions::Module,NEILB,c
  • 16. Taking over a module "Usually, after all this hassle, we are reasonably quick at assigning co-maintenance permissions, but don't hold your breath"
  • 17. Anomaly #1: different m and f • Modules with different 'm' and 'f' users? • This can't happen TM Catalyst::Engine::Apache,AGRUNDMA,m Catalyst::Engine::Apache,MSTROUT,f • But when it does • 'm' is the owner • 'f' is treated as a co-maint • There are some special conventions • Eg P5P has 'f' on some modules Tie::SubstrHash,LWALL,m Tie::SubstrHash,P5P,f
  • 18. Anomaly #2: modules with no owner • There are 1000+ modules with co-maints only DBIx::Class::Loader,AMS,c DBIx::Class::Loader,DMAKI,c DBIx::Class::Loader,KRAIH,c DBIx::Class::Loader,MRAMBERG,c DBIx::Class::Loader,SRI,c DBIx::Class::Loader,TEMPIRE,c • How does this come about? • You can give up your permissions: "Change Permissions" on PAUSE • Make your case to PAUSE admins for ownership • PAUSE Admins: modules@perl.org
  • 19. Anomaly #3: modules with no perms • Some modules are on CPAN but not in 06perms.txt • Upload a module, then give up your 'f' permission • It's open season on the module name again
  • 20. PAUSE::Permissions use PAUSE::Permissions; my $pp = PAUSE::Permissions->new; my $mp = $pp->module_permissions('PAUSE::Permissions'); my $owner = $mp->owner; # NEILB my @comaints = $mp->co_maintainers; # ANDK
  • 21. Finally • Largest number of co-maints any module has? • Tidy up your permissions please