I'd be up for programmatically making it impossible for any user (user or TU) to accept their own requests. However, that does bring some complications into play in regards to deleting packages. Currently, on the /packages search page (for a TU), it is possible to delete packages without a request. In the new FastAPI implementation of aurweb, we have countered this accountability issue by auto-generating requests for the action performed. That being said, removing the ability for TUs to accept their own requests would also mean that TUs would not really be allowed to blanket delete packages on their own without a request; furthermore, they couldn't create a request themselves and go through the path. So... the behavior would have to be changes to only allow blanket deletions on packages which already have a request from _another_ user. This decision is really up to the Trusted User community of the AUR; not its developers. Some return feedback on this topic would be greatly appreciated. It would, without a doubt, remove some of Trusted User's freedoms. But it would also force sort of community-shared accountability, which may be a good thing. What do you all think? Regards, Kevin On Mon, Nov 08, 2021 at 04:34:20PM +0100, alad via aur-general wrote:
On Sun, 7 Nov 2021 17:47:16 -0800 Brett Cornwall via aur-general <aur-general@lists.archlinux.org> wrote:
On 2021-11-07 18:26, George Rawlinson via aur-general wrote:
What is the issue with handling one's own requests, specifcally?
I guess I don't see anything on the Wiki. I was under the impression that we didn't service our own requests so that there were sanity checks to keep us all in check.
When I was still handling requests, I'd only accept my own in "exceedingly obvious cases"... like a repo or "-latest" duplicate.
-- alad <alad@archlinux.org>
-- Kevin Morris Software Developer Identities: - kevr @ Libera