llvm dev - Oct 2021 - Phabricator Creator Pulling the Plug

Hi folks,

Arcanist not working any longer is really unfortunate. Phroge also has a
fork of Arcanist, however I haven't seen any SSL-related patches:
https://we.phorge.it/source/arcanist/browse/master/

1) Replacement for Herald rules.


I suppose the notification problem is solvable. I just took a quick look at
the GitHub APIs and wrote a proposal for a quick-and-dirty solution:
https://github.com/ChristianKuehnel/llvm-iwg/blob/gerald_design/pull_request_migration/gerald_design.md

Concerning privacy and storing user emails this solution is less than
ideal. However contributors are already sharing their email addresses in
the git logs. If we want to hide all personal information, a simple config
file is not enough, then we would need to have some UI where users
configure their rules. However this would be an even larger effort (web UI,
database, user authentication, Github SSO, ...).

I just checked GitHUb's public roadmap and did not find anything that
sounds like Herald:
https://github.com/github/roadmap/projects/1

Best,
Christian
-------------- next part --------------
An HTML attachment was scrubbed...
URL:
<http://lists.llvm.org/pipermail/llvm-dev/attachments/20211001/ed2f2922/attachment.html>

On 01/10/2021 10:05, Christian Kühnel via llvm-dev
wrote:
> Concerning privacy and storing user emails this solution is less than 
> ideal. However contributors are already sharing their email addresses in 
> the git logs. If we want to hide all personal information, a simple 
> config file is not enough, then we would need to have some UI where 
> users configure their rules. However this would be an even larger effort 
> (web UI, database, user authentication, Github SSO, ...).
Storing email addresses in git is a very bad idea for legal compliance 
reasons.  They count as PII for several privacy laws and so I believe a 
legal request to expunge them will require rewriting history of the git 
repo.  This is the kind of thing I wouldn't want to do until after 
talking to a lawyer and I generally find that I can maximise my 
happiness by minimising my time spent talking to lawyers about 
compliance questions.  Note that several lawyers have already written 
opinions about retaining the name / email in git commit messages after 
being asked to delete them and that situation is already quite 
complicated.

I don't really understand why they're needed here though.  Gerald is 
sending GitHub notifications, users can configure these to forward to 
email addresses (and can even forward them to different email addresses 
for different projects, so that you can send work and personal project 
notifications to different email addresses, for example).  If I'm 
subscribed to an issue / PR, I get an email for every new message. 
Reimplementing this sounds like a lot of effort for no gain.

David