You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
In order to prevent people from failing to RTFM and posting one-off forks and/or testing packages, we can provide a gentle reminder on the submit page along with a link or two. We can also say, "this is important because deleting packages is a very special case and not something we do lightly" or some such. Whatever wording makes the most sense and is not confusing. :)
We can also hook into the specialized VCS drivers (say, GitHub's) and see if we can detect whether or not the repository is authoritative or not. (i.e., if it is a GitHub fork, it is more than likely not authoritative) In this case, the follow up, "we've detected [vendor/package], si this correct?" prompt can also show a much more aggressive message like:
This package looks to be a fork of another project. Are you sure you want to add this package? Remember, we take package removal very seriously so do not add forks unless you are planning to maintain this code for a very long time. If you want to test your package, you can define a VCS repository in your composer.json file. link
This will not block forks from being submitted (as there are valid use cases where a fork makes sense) but it should hopefully give people yet one more chance to think about what they are doing.
The text was updated successfully, but these errors were encountered:
Ah yes, forgot. But yes let's close it. It's good enough, and it doesn't seem like we have a long queue of people willing to implement it better anyway ;)
In order to prevent people from failing to RTFM and posting one-off forks and/or testing packages, we can provide a gentle reminder on the submit page along with a link or two. We can also say, "this is important because deleting packages is a very special case and not something we do lightly" or some such. Whatever wording makes the most sense and is not confusing. :)
We can also hook into the specialized VCS drivers (say, GitHub's) and see if we can detect whether or not the repository is authoritative or not. (i.e., if it is a GitHub fork, it is more than likely not authoritative) In this case, the follow up, "we've detected [vendor/package], si this correct?" prompt can also show a much more aggressive message like:
This will not block forks from being submitted (as there are valid use cases where a fork makes sense) but it should hopefully give people yet one more chance to think about what they are doing.
The text was updated successfully, but these errors were encountered: