Closed q3k closed 1 year ago
You can check out the Gerrit config of TVL (https://cl.tvl.fyi) , where the authors of a CL can also submit.
No harm in allowing this, here's a CL to change the config: https://review.monogon.dev/c/Public-Projects/+/1761.
[access "refs/heads/*"]
+ submit = group Registered Users
I can think of two situations where restricting it to maintainers would help:
Some Gerrit installs use a "LGTM with comments" workflow with sticky CR+1. In these cases, it would be possible to sneak in malicious changes, and it would be appropriate to restrict it to trusted maintainers. This does not apply to us, since our copyCondition
is strict and will only allow trivial rebases and commit message changes to be sticky. Someone could still troll us by changing the commit message but that would be rude.
Sequencing of submits of complex changes to minimize merge conflicts. Maintainers have more contextual awareness here, but it's not a problem we currently have (+we should build a smart autosubmitter instead once we do).
Done! Thanks for the contribution
Over in https://review.monogon.dev/c/monogon/+/1725 we received an external contribution which went through the intended flow of V-R-CI +1 -> V +1 -> C-R +1 but then ended up getting stuck at the contributor unable to actually submit the change.
We should either document this somehow to external contributors (eg. have some bot comment that a maintainer will have to submit the change) if this is intended behaviour, or fix this behaviour so that changes in the appropriate state can be submitted by external contributors.