Do not ban poeple from participating in PyCQA as a whole because of repository specific / frivolous reasons

[Pierre-Sassoulas]

I can understand if a discussion get heated in a repository and you ban a person from the repository you maintain. But please do not ban someone from the whole organization for something minor. Two examples to illustrate:

• Someone banned recently that only spammed issue with the result of pytest when launched in a specific configuration and doing no effort at all to understand why their tests were failing when the library was working correctly. They're wasting maintainer time, do not want to do any investigation themself... It's probably ok to ban for the whole org.
• Someone was banned for opening an issue to discuss pyproject.toml in flake8. I understand it's a touchy subject for flake8's team but they gave some arguments were polite about it, and were banned on sight at the first interaction. The person banned happens to be a very frequent contributor to pylint and in good standing : More than 25 issues opened, never any problems or argumentativeness as far as I remember. And now they can't contribute at all to pylint which is a complete waste of good will from the community.

This beg the question... What about the one that did not contact us to "appeal" and just stopped contributing altogether ? Did we loose any contributors because of other "touchy subjects" that were challenged in good faith ? Maybe we take a step back before banning someone in a way that affect all the PyCQA repositories ? I'd rather ban the first person myself directly in pylint than silently loose a contributor.

[sigmavirus24]

So let's clarify some things:

• there is no way in an organization to ban from a specific repository
• there is no way if an individual owns a repository to ban there individual (blocking them does not do this)
• a user can only be banned from an organization

The first person you're referencing is a notorious bad actor. Uncontroversial to ban them.

The second person has had numerous interactions where they crossed lines that are explicitly laid out. Violating boundaries is enough to ban someone, preferably on the first offense albeit not for life. Violating them repeatedly, being corrected each time and continuing to do so, across multiple repositories is more than enough to ban someone. I don't ban anyone without having seen them repeatedly such energy out of a project, disrespect maintainers and their time, and sure no signs of improvement after being asked to change before participating again.

To claim you understand why someone was banned and label the reason frivolous is extremely frustrating. Banning people from this org is intended to protect the projects here from having to deal with disrespectful users. It's a family of projects. Not having to maintain N organizations with N blocklists is generally a nice thing. Also, this org will continue to block people for the benefit of maintainers. If blocking us something you philosophically disagree with, I'm happy to explain my reasoning in greater detail to you. It's not frivolous. It's not half-assed. It's deliberate and careful

[Pierre-Sassoulas]

Sorry if the term frivolous was inappropriate. I'm not philosophically opposed to banning people from the org, as I said the first person should be banned. But in my opinion the acceptable number of false positives when it comes to banning is precisely zero. We should not ban someone over a good faith technical disagreement in particular.

Clearly the fact that the pylint's team can interact 25 times with someone without hiccups is an indicator that this particular ban was a false positive for us.

[sigmavirus24]

And I've had exactly 0 good interactions with their condescending attitude and beliefs that boundaries set previously by a project are constantly up for debate. They don't respect the people behind the project and hide that behind "technical disagreement" rather than "I read the template and contributing guidelines and deliberately ignored them".

[sigmavirus24]

To be clear, I banned them because of a pattern of behavior across multiple repositories within and without this organization. One streak of good behavior in one repository isn't enough to make me believe they'll change despite repeatedly being asked to be better.

Your entire issue is based on lack of information and assumptions regarding why someone was banned. I expected better from you

[Pierre-Sassoulas]

Your entire issue is based on lack of information and assumptions regarding why someone was banned. I expected better from you

I have interacted with the person and I think it's a frequent and valuable contributor to pylint. This is how I feel, and this is the only information I have right now. I'm suggesting bans should be very consensual and easy to understand for everyone. Maybe only for clear violations of the "examples of unacceptable behavior" from the code of conduct ?

It seems this discussion is getting very personal and heated. I'm sorry if you feel attacked it wasn't my intention. Do we agree that we need to find a solution that work for everyone when one project don't want to interact with someone and another project want to ?

[sigmavirus24]

There is no way to do that. How do you suggest we enforce that? If we vote on every block, that's going to be useless. We don't need a democracy here, it's not valuable. I suggest you contact GitHub to request the ability to limit specific users from interacting with repositories to support what you're asking for. Spoiler: they don't build this product for us. They build it to sell to companies who don't need this and they don't generally care about independent projects inside an organization that might want to have different block lists.

Regarding blocking only for what's in the code of conduct, your first example wouldn't be blocked either then. The code of conduct is the bare minimum anyone has to trip over to participate respectfully in the organization. Also, if you're limiting actions to things that have happened in this repository, you're advocating for allowing harassment from other organizations and repositories to leak over here and contribute to the burnout of maintainers in the organization. The Blocklist can not correlate 100% to code of conduct violations. That first person, has consumed months of other people's time to debug an issue affecting only them. That's not a CoC violation. They repeatedly open low quality issues despite being asked repeatedly to provide more information and fill out a issue template. That's also not entirely in the scope of the CoC. What is in the scope is their fascist ideology they spread on social media that includes killing off members of this org. That's not happening here though so they don't get blocked by your logic.

---

To be clear, you've made accusations about reasoning and motivations here rather than assuming good intent of fellow pycqa members and drew incorrect conclusions from limited information. You haven't acknowledged that you didn't have all the information or that you were wrong about the justification.

You made a judgement and accusation that something happened in bad faith and decided to publicly accuse a person for acting in bad faith here. You made no attempt to seek out additional information. You drew a conclusion and judged someone. You made it inherently personal

[Pierre-Sassoulas]

You haven't acknowledged that you didn't have all the information or that you were wrong about the justification.

Well you can expand on "pattern of behavior across multiple repository" if that's relevant, but if there was something obvious and consensual like racism, sexual harassment or wasting maintainers time, you would have already talked about it, right ? The pylint's team had a different experience and a lot of data to base our judgement on. It's impossible for us to just "trust your decision on this" because we have an informed opposite opinion based on our own data, can you acknowledge that ?

You made a judgement and accusation that something happened in bad faith and decided to publicly accuse a person for acting in bad faith here. You made no attempt to seek out additional information. You drew a conclusion and judged someone. You made it inherently personal

No, I only stated my feeling about a person that was banned (Did not even know by whom) that I feel should not have been banned because it's affecting pylint negatively. Then I suggested possible solutions and opened a discussion about the process for banning a person, because right now it's not working for us and it feels pretty dictatorial and arbitrary to be frank.

We don't need a democracy here, it's not valuable.

Please walk in our shoes for a moment. A valuable contributor was banned from contributing to our repository. This is hours of community management wasted and more work for pylint's maintainer in the future. On top of that we learned about it only because said contributor had our email and reached to us. Would it be acceptable for you if someone banned a frequent contributor in a repository you maintain, then you learn that it could have happened before silently ?

How do you suggest we enforce that?

I don't know much about github organizations to be honest so I came to this with an open mind, but If there's no technical solution, it's still possible to ban people only for clear violations of the code of conduct. Bans decision that affect everyone should be consensual among all the maintainers that are affected. No one is going to argue if the BDFL is banning a racist, sexual harasser, a bot, or a troll without consulting everyone. By the way you probably banned a lot of such account and I thank you for that. Maybe we can discuss bans publicly only if the person opened more than 10 issues / 2 pull requests when it's a "pattern of behavior".

[asottile]

here's my somewhat brief thoughts

• I'm not ok with unbanning the former
  • they've posted anti-semetic and white nationalist content off platform
  • they've wasted thousands of maintainer hours on self-inflicted problems
  • they've ban-evaded our previous blocks on gitlab with sockpuppet accounts and gitlab (mis)features
• I'm ok with unbanning with some agreement (or keeping the latter banned idrc)
  • with some sort of temporary period, and another violation would become permanent
  • despite them intentionally ignoring explicit directions at multiple stages
  • despite their previous off-PyCQA actions (Ian had them previously blocked on their personal account)
  • despite their behaviour in a private email conversation where they did not respect my boundaries and wishes for them to stop contacting
• github doesn't give us the power to do per-repository blocks
• I don't think public deliberation of bans is a good idea, it compromises anonymity for the individuals involved (I'm assuming the 2 users above that are being referred to based on context)

it may also be that the collection known as the PyCQA doesn't really make sense -- we're all loosely associated at best and are going to have different opinions on blocks and various other governance things

[gitpushdashf]

I don't understand why https://github.com/PyCQA/flake8/issues/1598 was locked without response. I've yet to see a formal response about Python 3.11's native TOML support and whether or not it opens up the possibility of flake8 supporting pyproject.toml.

I think this kind of behavior is bad for the Python ecosystem, regardless of personal views about pyproject.toml which practically every other major Python tool supports.

[asottile]

because that individaul as well as you did not read the issue template: https://github.com/PyCQA/flake8/issues/1655#issuecomment-1206701541

[sigmavirus24]

So I'm taking care of my infant child all day but he's with up at 4:00 and I have some time to reply from my phone (yet again).

I'll leave some notes:

There are, if I remember correctly, 5 people that are organization "owners" (admin)

• me
• 2 pylint maintainers
• a pycodestyle maintainer who probably needs to be demoted due to inactivity
• I think a baron maintainer (who probably should also be removed for inactivity)

The only person who approves all integration and other button pushing nonsense? Me. The person who handles the moderation request queue for hostile "contributors"? Me. The person who keeps birds and spam off the mailing list? Me with a new mod added last week who has helped a bit but who does not work on these projects in general. The person with half of their 50+ PyPI projects marked critical existing then to many many more hostile people in a daily basis? Me. I say this to explain that there are people who could be doing more and already have the power. They could just as easily unblock this person and given how the limitations of the GitHub app, I wouldn't know.

As much as I can, when I see someone be disrespectful, great others in a way that will contribute to burnout or dissuade new, less experienced, under-privileged contributors who would strengthen a project beyond the hostile person's technical abilities (whatever they are), I'm happy to block them. I usually wait for them to be given opportunities to improve (I even remind them or give them additional feedback) which I have done with both people you mentioned. If I see that they give zero fucks about doing so and repeat the behavior, that's when I block and then maybe ban where I can. I want to protect the folks housing their projects here, but maybe that's frivolous. When I see the issue it reminded me of the horrible interactions I've witnessed and experienced in the past and the clear fact they ignored the issue template made it easy to block them in my opinion.

I've heard from no one else in pylint that this person must be unblocked for whatever reason and the argument of effort towards building a community (of just this one person?) rings hole to me based on my knowledge of how they treat others. Someone like this is a poison pill rotting a community and turning off newcomers.

To expound just a little more, there's a suggestion to only block for "clear violations of the code if conduct". I've done that with others on the organization's current block list but that wouldn't be apparent to anyone since there's no good way to document it. You also apparently only want to block them if they were in violation here which would erase maybe 60-80% of the accounts. Finally, asking me to search over 50 projects for all the evidence for each of those people is unreasonable just as I don't have the time or capacity to do it for this one person now since I primarily do everything from my phone at them moment when I'm not caring for my child. Finally, for people that want to report CoC violations to us, there are people who handle that. I've received reports about one pylint person because they closed an issue as a duplicate and one other report because the thread was locked after the discussion became geared and went off the rails and future issues related to it were auto-locked without comment. The free speech absolutists in both cases were told there was no violation and not just by me but also by the other folks who can be reported to.

Finally, this is the only python org I know of that bothers with any of this and I'm basically managing it alone. PyPA has people who have stalked people at PyCon maintaining projects as well as sexually harassing people but still they're maintainers. PSF org houses someone who has conned the community out of over $30,000 and also sexually harassed people. Both have the same code of conduct. Neither seem to bother to enforce it.

I personally want to raise the bar for the community, but maybe I'm just idealistic

[DanielNoord]

I've heard from no one else in pylint that this person must be unblocked for whatever reason and the argument of effort towards building a community (of just this one person?) rings hole to me based on my knowledge of how they treat others.

I'll just comment on this as an active pylint contributor/maintainer. It's difficult to follow this discussion as collaborators within a repository (as far as I know) don't have any insights into organisation wide bans. Thus, I have no idea who these discussions are about.

I think it would be good if there was some clarity about this, but this should probably be fixed by GitHub rather than having the organisation owner spend extra time in also updating some sort of ban list somewhere.

I personally want to raise the bar for the community, but maybe I'm just idealistic

I think this is never a bad thing! 👍

Some more general comments: I'm sympathetic to both sides here. I can see how it is frustrating to have someone banned from a project where they haven't misbehaved based on misbehaviour in other projects. However, reading @sigmavirus24's explanation it seems as if they thought carefully about this. For me, that's the most important thing here. I can disagree or agree with a ban, but as long as I'm sure that bans are still being considered carefully and the decision making is sound I'm okay with them.

The flake8 pyproject.toml thing is a recurring issue. I must confess I was also wondering what the state of it was now that CPython has tomllib. The recent update (https://github.com/PyCQA/flake8/issues/234#issuecomment-1206730688) by Anthony should hopefully help with that. Perhaps it would help to provide a link to a pip issue about their change in behaviour with pyproject.toml presence? Or if it doesn't exist, explicitly state so in the recent update.

Lastly, if you need any help with moderation or organisation maintenance @sigmavirus24 feel free to reach out. I'm happy to help you with some of the tasks you mentioned.

[sigmavirus24]

I should also add that I've unblocked people who I've had a conversation with in the past. I've given the person in question feedback before. My email is public. If they felt this was something they were going to try to do better on, they could have let me know and I would give them another chance but at this point they've ignored my past feedback, flake8's clearly documented boundaries, and chosen to send Anthony a bunch of mail despite requests to stop.

Perhaps my threshold is also lower for inappropriate behavior than the pylint maintainers because I've witnessed so many people burnout in Open Source from interactions like I've had with this person and I've burned out and come back several times. I haven't reviewed pylint or their interactions with the person because despite demanding a list of evidence from me, I've been given no links to their apparently astoundingly good behavior. I'm also not asking for evidence because fundamentally this is the conversation every open source project has "do we block people who have provided quality technical contributions because they can't seem to behave well with certain groups of others"? Everytime a community bargains around this it shows how willing it is to compromise on how welcoming it can be to less privileged people whether they're simply not maintainers or whether they're not people that person thinks it's worth being respectful or kind towards

[Pierre-Sassoulas]

despite their behavior in a private email conversation where they did not respect my boundaries and wishes for them to stop contacting

I think that's borderline, but was it after being banned, @asottile ? I've also been contacted a lot. I think they are significantly affected by the ban as they invested a lot (for them 😉) of time in the python tooling ecosystem already, think the ban is unfair, and would like to keep contributing.

it compromises anonymity for the individuals involved (I'm assuming the 2 users above that are being referred to based on context)

I think explaining a ban's reason publicly for contentious case would help with misunderstanding and make the decision more legitimate. The anonymity is relative anyway. I'm pretty sure anyone wanting to know which person we're talking about is going to find out who they are in less than 5mn.

only want to block them if they were in violation here which would erase maybe 60-80% of the accounts.

At least 60% of bans are not clear violations of the COC ? Why were these potential contributors banned for then ?

asking me to search over 50 projects for all the evidence for each of those people is unreasonable just as I don't have the time or capacity to do it for this one person now

I'm not saying you should do it, I think everyone should do it. Also we don't have to check for everything, but checking the contributions from their profile in another lib from PyCQA is fast (unless they have thousands of contributions in a lot of repo) and is the bare minimum imo. Yes, I think If you don't have a clear violation of the COC nor the time to do proper research or discussion before banning someone, you should not ban them. There's a person behind the screen, maybe a young mother like you. And she probably has a lot less clout than you in the open source world and a lot more reasons to want to become visible.

5 people that are organization "owners" (admin) ... 2 pylint maintainers I don't have the time or capacity to do it for this one person now since I primarily do everything from my phone at them moment when I'm not caring for my child. Finally, this is the only python org I know of that bothers with any of this and I'm basically managing it alone.

During the last 2 years there was 3 commits from one of those pylint maintainers. That's 0.1% of the total commits. The team has changed a lot recently.

I've asked @sigmavirus24 three time since march on discord to be able to add account to Pylint's team, because PCManticore is not going to add me without your approval and most of those very active maintainers/contributors are not PyCQA members (they should) and can't be added to the pylint dev/maintainer groups because of that.

I'm pretty sure we could reduce the burden for you if you make @DanielNoord, @jacobtylerwalls or me admin @sigmavirus24.

My proposal to not ban anyone unless there's a very clear violation of the COC would also reduce the burden for admins. As I said I don't mind doing more moderation work myself if it means that there is no false positives. I wanted to ban one person in 8 years (a talkative machine learning bot). Maybe with less PyCQA moderation and more to do myself, I will change my mind about this. Ever way it's less work for you.

Perhaps my threshold is also lower for inappropriate behavior than the pylint maintainers because I've witnessed so many people burnout in Open Source

"do we block people who have provided quality technical contributions because they can't seem to behave well with certain groups of others"? Everytime a community bargains around this it shows how willing it is to compromise on how welcoming it can be to less privileged people whether they're simply not maintainers or whether they're not people that person thinks it's worth being respectful or kind towards

This particular contributor is just opening issues in pylint regularly. They have no right to commit : they are the newcomer, they don't have the power to bully anyone. They are the little guy that should feel welcome and isn't. Not making the little contributors flee is a way to have a bigger community and avoid burnout. At least this is the approach I'm trying to have, by being ego-less, explaining, keeping the discussion open when reasonable and reconsidering my position when I'm wrong. I think this is working great so far. I'm glad contributor such as @DanielNoord are now part of pylint, even if I disagreed with some of his proposal and had to re-explain things that were "clearly documented". We're being unwelcoming to external contributors by banning them on sight or based on personal feeling, but not taking other PyCQA members opinion into account is also a problem.

As I said I'm not trying to tell flake8's maintainer how to maintain their libraries (as I don't want the flake8 team to tell me how to maintain pylint or ban contributors that are not toxic in my opinion) but since this is the elephant in the room, and very relevant to the ban we're talking about I'm going to comment on it: Flake8's position on PEP 621 is hard to understand with the information publicly available at the time of the ban. The original issue was blocked for non contributors so communication was impossible. The flake8's issue template has a line specifically to tell you not to open a new issue but but there was no update in the original issue when the stated conditions changes, so there was no way to discuss or get to know the thoughts of the maintainers, except opening a new issue. A small update in the original issue would alleviate a lot of misunderstanding imo. My actual point being that it was very easy to violate "flake8's clearly documented boundaries" when you honestly thought that the conditions were now met. When you're experienced you know that you not only have to walk on eggshells, but also avoid the discussions entirely and hope that some day the situation will evolve, but not everyone is experienced (nor should they have to be in order to be able to contribute to projects with lesser standard than flake8.)

So for me it explains that someone how would ire the flake8's team can be a non problematic contributor elsewhere.

[PCManticore]

Folks, I don't have any opinions around the banning of people, just wanted to mention that I added @Pierre-Sassoulas to https://github.com/orgs/PyCQA/teams/owners-team/members instead of me. Once Pierre confirms has access, I can remove myself from the list as I do not see myself contributing to open source any longer, thus to this organisation as well.

I hope this would alleviate the maintenance burden on PyCQA organisation, and that it will allow Pylint folks to address any issues pertaning to ownership. Thanks.

[Pierre-Sassoulas]

Thank you @PCManticore !

I'm going to close. If someone is banned unfairly they can contact me and I will open an issue to discuss the ban between PyCQA members to resolve the issue with a discussion on a case by case basis. I don't think this will happen often enough that it would be a problem.

[sigmavirus24]

I see that Pierre hasn't bothered to fix the issue of pylint members being invited to the org but has chosen to clear many people blocked from the org. @PCManticore and @Pierre-Sassoulas I'll be removing you as owners on the org because the records purpose was to alleviate burden, not increase it

[sigmavirus24]

I've made @DanielNoord an owner to continue the frivolous work of sending invitations for pylint projects that people ignore and allow to expire. I've been trying to get to them in batches as I do with every group in the org.

If pylint would rather work without a code of conduct to allow for some perverted sense of free speech (of which many essays have been written by far smarter people than me explaining why that doesn't apply here) I'm happy to share the tooling I use to let them set up in another organization of their choice

[Pierre-Sassoulas]

As I said I would have discussed it with other PyCQA member before unblocking anyone. To set the record straight: the only thing I did since I've been made a PyCQA admin by PC Manticore was to make Daniel Jacob and Marc pylint admins and to invite some pylint contributors as members so they can be part of the pylint-dev group.

This issue had nothing to do with free speech, I never said we shouldn't ban Nazi sympathizer or time wasters. But it had to do with bringing more democracy and transparency in the process of PyCQA. PcManticore and me are the two main pylint contributors since it's been open-sourced, and we've been consecutively release managers of pylint for the last 10 years. What is the point of creating an organization to collaborate between project with similar interests, if you're going to arbitrarily ban or demote members that contribute to or even runs important part of it ? I can't articulate how far removed from the principle of open source this feels to me.

Anyway, thank you for promoting @DanielNoord, and best of luck in the future.

[sigmavirus24]

Well I guess it was just the magic of the end of the year that removed someone (not the person that spurred this thread) who made bomb threats towards conference organizers who had a code of conduct, attempted to sue Rails Bridge organizers for running an organization for women, and have made death threats against folks who speak about issues of inequality in tech.

They were the first person I noticed was missing this morning. Given the lack of activity of every other owner of the org, and the fact that some of the people unbanned are this dangerous, I wouldn't have done it. Unless GitHub is running such a poor product that it drops bans. It seems the least unlikely issue to be that someone who believes that abuse outside this org and abusive emails sent to maintainers in this org isn't a violation of the code of conduct might have unbanned both the person who was the subject of this thread as well as others since there's no way to attach context in the UI.

Maybe I'm wrong. Maybe GitHub is really suddenly experiencing problems here and I'll open a support ticket. But forgive me for not extending someone the assumption of good intent who immediately assumed petty, and malicious intent of me and has repeatedly attempted to attack my character outside of this thread.