Successfully reported this slideshow.
We use your LinkedIn profile and activity data to personalize ads and to show you more relevant ads. You can change your ad preferences anytime.

PAUSE Permissions


Published on

A lightning talk I gave at the London Perl Workshop 2012

Published in: Technology
  • Be the first to comment

  • Be the first to like this

PAUSE Permissions

  1. 1. PAUSE::Permissions A lightning talk given at London Perl Workshop 2012 The permissions model that controls who can upload what modules to CPAN, via PAUSENeil Bowers Andreas KönigNEILB ANDK
  2. 2. PAUSE::Permissions A module for querying the data behind the modelNeil Bowers Andreas KönigNEILB ANDK
  3. 3. PAUSE and CPAN
  4. 4. $CPAN/modules/06perms.txt• Who has what permissions for which modules
  5. 5. $CPAN/modules/06perms.txt Time::Fake,ROSULEK,f Time::Fields,PIP,f Time::Format,PGOLLUCCI,f Time::Format,ROODE,m Time::Format_XS,ROODE,f Time::Frame,PIP,f Time::Fuzzy,JQUELIN,m Time::GPS,ZEFRAM,fTime::HiRes, JHI, c Time::HR,AGOLOMSH,f Time::HiRes,DEWEG,c Time::HiRes,JHI,c module PAUSE id Time::HiRes,ZEFRAM,m Time::HiRes::Value,PEVANS,f permission Time::Human,JHOBLITT,f Time::Implementation,FOTANGO,f Time::Implementation,STIG,c Time::Interval,AHICOX,f
  6. 6. Upload a new module• If you’re the first to upload a module to CPAN, you get the f permission (“first come”) Module::Path,NEILB,f• You’re considered the owner
  7. 7. Register module on module list• If you register the module, you get an m permission Graph::Reader,NEILB,m• Internally you also still have f• m takes precedence over f
  8. 8. You register modules, not dists• I registered PAUSE::Permissions• The dist also includes PAUSE::Permissions::Module PAUSE::Permissions,NEILB,m PAUSE::Permissions::Module,NEILB,f• What should you do with other modules in dists? • If they’re public-facing, consider registering them • Otherwise f is fine
  9. 9. Co-maintainers• The owner of a module can grant co-maint perms • Using the PAUSE web interface• They get a c permission. PAUSE::Permissions,ANDK,c PAUSE::Permissions,NEILB,m PAUSE::Permissions::Module,ANDK,c PAUSE::Permissions::Module,NEILB,f• Co-maints can upload new versions of a module• Co-maints cannot grant co-maint permissions
  10. 10. Permissions are on modules• Years back I created some Locale:: modules• I handed them to SBECK, hes expanded the dist Locale::Codes,SBECK,f Locale::Constants,NEILB,c Locale::Codes::Constants,SBECK,f Locale::Country,NEILB,c Locale::Codes::Country,SBECK,f … lots more modules … Locale::Currency,NEILB,c Locale::Constants,SBECK,f Locale::Country,SBECK,m Locale::Language,NEILB,c Locale::CountryCodes,SBECK,f Locale::Script,NEILB,c Locale::Currency,SBECK,m Locale::CurrencyCodes,SBECK,f Locale::Language,SBECK,m Locale::LanguageCodes,SBECK,f Locale::Script,SBECK,f Locale::ScriptCodes,SBECK,f• I have co-maint on the original modules • but not on those hes subsequently added.
  11. 11. Someone elses module• If you upload a module you dont have perms for • The dist will make it to your author directory • The offending module wont be indexed (but ok modules will be)• will shout at you
  12. 12. Deleting dists from CPAN• You can only delete dists that you uploaded • Regardless of whether youre the owner• Permissions are associated with modules, not dists, remember• If you dont like a co-maints release • Revoke co-maint, then supersede with a new release • But talk to them first!
  13. 13. Namespace squatting• Upload a module, then delete the dist (via PAUSE)• The module wont exist on CPAN• But youll have an f permission No::Such::Module,NEILB,f• No-one else will be able to use that name• Free it up using PAUSE ("Change Permissions")
  14. 14. Developer releases• Developer releases dont trigger permissions• If your first release of a module is a developer release, you wont get any permissions. • Someone else could gazump you• "This may change" - ANDK
  15. 15. Transfer of ownership• You can transfer ownership to another user• They get your m or f• You get cPAUSE::Permissions,ANDK,mPAUSE::Permissions,NEILB,cPAUSE::Permissions::Module,ANDK,fPAUSE::Permissions::Module,NEILB,c
  16. 16. Taking over a module"Usually, after all this hassle,we are reasonably quick at assigning co-maintenance permissions,but dont hold your breath"
  17. 17. Anomaly #1: different m and f• Modules with different m and f users?• This cant happen TM Catalyst::Engine::Apache,AGRUNDMA,m Catalyst::Engine::Apache,MSTROUT,f• But when it does • m is the owner • f is treated as a co-maint• There are some special conventions • Eg P5P has f on some modules Tie::SubstrHash,LWALL,m Tie::SubstrHash,P5P,f
  18. 18. Anomaly #2: modules with no owner• There are 1000+ modules with co-maints only DBIx::Class::Loader,AMS,c DBIx::Class::Loader,DMAKI,c DBIx::Class::Loader,KRAIH,c DBIx::Class::Loader,MRAMBERG,c DBIx::Class::Loader,SRI,c DBIx::Class::Loader,TEMPIRE,c• How does this come about? • You can give up your permissions: "Change Permissions" on PAUSE• Make your case to PAUSE admins for ownership • PAUSE Admins:
  19. 19. Anomaly #3: modules with no perms• Some modules are on CPAN but not in 06perms.txt• Upload a module, then give up your f permission • Its open season on the module name again
  20. 20. PAUSE::Permissionsuse PAUSE::Permissions;my $pp = PAUSE::Permissions->new;my $mp = $pp->module_permissions(PAUSE::Permissions);my $owner = $mp->owner; # NEILBmy @comaints = $mp->co_maintainers; # ANDK
  21. 21. Finally• Largest number of co-maints any module has?• Tidy up your permissions please