About-Us: History, Staff Updates, & Signed Commits

[harding]

This PR contains three somewhat related commits:

1—More Bitcoin.org History & Ownership Info

By multiple request, we've expanded the "Who owns bitcoin.org" section to cover more history and more information about who owns Bitcoin.org. Text highlighted in green below is new or substantially revised:

2—Staff Updates

We simplified titles in the Maintainer section:

Along with the title changes, I (@harding) will be focusing more time on documentation and, shortly after this PR is merged, we will be giving Craig (@crwatkins) edit/commit access to help him more efficiently continue his excellent work on the Choose Your Wallet page.

We've also happily been able to move Will (@Coderwill) from the Inactive Contributor section back to the position of Translation Coordinator:

Finally, we've added a section for the domain co-owners who wish to be publicly listed:

3—Signed Commits For Auto-Building

The final commit doesn't affect the site layout at all, but is related to how the site gets updated. The site is currently automatically re-built whenever a new commit is pushed to the repository master branch. Once this PR is merged, that will only be the case if the tip of the commit tree is signed by one of the authorized keys below:

pub  2048R/D0DE98BD 2014-05-14 David A. Harding <dave@dtrt.org>
sub  2048R/FB3E1276 2014-05-14
sub  2048R/F29EC4B7 2014-05-14
pub  2048R/1B5577B0 2013-03-21 Saivann Carignan <saivann@gmail.com>
sub  2048R/3AC31877 2013-03-21
pub  2048R/2346C9A6 2011-08-24 Wladimir J. van der Laan <laanwj@gmail.com>
uid                            Wladimir J. van der Laan <laanwj@visucore.com>
sub  2048R/890DE427 2011-08-24
pub  2048D/DAB591E7 2010-08-22 Michael Marquardt <michael_m+pgp@mm.st>
uid                            theymos <theymos+pgp@mm.st>
sub  2048g/D3027A4F 2012-08-29 [expires: 2015-08-29]

Saïvann and I can still login to the build server and trigger a manual build for unsigned commits, for example when Craig merges a new wallet.

This allows us to extend edit/commit privileges to contributors more easily, and prevents GitHub administrators or hackers from being able to take over the site. As a future upgrade, we may move to requiring all commits be signed by two people, but that's just an idea for now.

(You can verify the keys above are indeed the authorized keys by running gpg _build/auto-build-committers.gnupg/pubring.gpg on this branch.)

[saivann]

@harding I didn't carefully look at the changes yet but I can think of a minor bug; if a build starts and an unsigned commit is pushed in the next 10 minutes, the ongoing build will abort and the most recent commit won't build. This can probably be easily avoided by using this updated code at the end of the script (careful, untested!):

    # Cancel script if a concurrent script has touched _buildlock
    if [ -e "$SITEDIR/_buildlock" ]; then
        time=`stat -c %Y "$SITEDIR/_buildlock" | cut -d ' ' -f1`
        if [ $time != $lasttime ]; then
            echo "Build cancelled"
            exit
        fi
    fi

[luke-jr]

I don't think git allows multiple people to sign commits? Did I miss something?

Concept ACK.

[wbnns]

Thanks @harding - if it's not too much trouble, please put my name as "Will Binns" and link to my GitHub.

[saivann]

I have submitted a few changes to the script (including the one in my comment above) as a pull request. BTW @Coderwill in case you want to do the same, that often makes things easier.

Otherwise, this LGTM up to 3b50ddb. I have verified that the keys in the keyring are either those I already knew and trusted, or otherwise matched public keys from relatively safe sources. I have also been able to test that the keyring is properly used instead of the system's keyring, and that non-existing signatures as well as untrusted signatures both stop the build script, as expected.

[wbnns]

@saivann I don't think I have access to submit a PR on a branch @harding has made.

EDIT: Nevermind, thanks @saivann .

[harding]

@luke-jr to the best of my knowledge, git does not let multiple people sign commits, which is why I only implemented checking for single-signed commits in this first step. If we decide later that we really do need multiple-signed commits, we'll have to look at using git tags or some sort of metadata store.

@saivann and @Coderwill I'll begin reviewing your PRs momentarily. Thanks!

[gurnec]

@harding Speaking as one of the people who was interested in an expanded "Who owns bitcoin.org" section, I think this is a very nice improvement. Thanks!

[harding]

@gurnec You're welcome!

I should've mentioned this in my original PR message, but thanks also goes to @theymos who provided all of the history up to 2013. He even tried to contact Sirius to see if he could get more details about the site's early days.

[wbnns]

Thanks @theymos.

[harding]

Updated with @saivann's proposed patches to the build script.

In the absence of critical feedback, this pull will be merged on Monday.

[saivann]

@harding Fantastic, thanks for this great improvement!

[harding]

I'm going to upgrade the build server now using the code from this, and I'll test that it works by merging some of the minor merges scheduled for today using signed/unsigned merge commits.

Once I'm satisfied that it's working correctly, I'll merge this PR.

[ABISprotocol]

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

I wasn't aware this (multiple-signed commits) might be possible
here... how would this be done? I'm also curious about the use of
GitTorrent (a project by @cjb).

On 06/26/2015 08:13 AM, David A. Harding wrote:

@luke-jr https://github.com/luke-jr to the best of my knowledge,
git does not let multiple people sign commits, which is why I only
implemented checking for single-signed commits in this first step.
If we decide later that we really do need multiple-signed commits,
we'll have to look at using git tags or some sort of metadata
store.

@saivann https://github.com/saivann and @Coderwill
https://github.com/coderwill I'll begin reviewing your PRs
momentarily. Thanks!

— Reply to this email directly or view it on GitHub
<#918 (comment)
115723460>.

---

http://abis.io ~
"a protocol concept to enable decentralization
and expansion of a giving economy, and a new social good"
https://keybase.io/odinn
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1

iQEcBAEBAgAGBQJVlG+tAAoJEGxwq/inSG8CWxsH/0Umi1Vmh/V25JiUm/X+BNHR
rOI5Tzn0/sICx6W6kxld2hOIOn9iPf5VDlBALgY6jX6Dk9a6vpx1FYna0PwxAkNm
FE+M1J/7V2/NBzNDVVUBir0pCVxfkOZaquE9JM1UYJI8eiE4vUu+c31ygtpB9B68
GtM16qKjoZzVTJrqP+Sf4GQus2ZF1AXTX1ojlg75KWQ5jPIuJBQCj0eOAnAJ8UXE
0x9el0bG3Ynk0FgmanaUC3kBNlthGYbOwNLkKJ1iL02+vFR7iyhIn6RzQZY1QzB1
ASik+WRR2coKjMEor3ZsZIlBY7wYdJtR6sObppXhoz26lJtwhlWwGj76RzKoTb8=
=VXZr
-----END PGP SIGNATURE-----