Page MenuHomePhabricator

Comments on drafts should not be announced on IRC
Closed, ResolvedPublic

Description

If you submit a comment to a draft revision, the comment is publicly displayed, which shouldn't happen


Version: unspecified
Severity: normal

Details

Reference
bz37538

Event Timeline

bzimport raised the priority of this task from to Medium.Nov 22 2014, 12:30 AM
bzimport added a project: Gerrit.
bzimport set Reference to bz37538.

What we'll want to do here is change the comment-added hook to not log when the refspec is refs/drafts/*.

change-merged and change-abandoned may need poking at too in a similar manner.

patchset-created isn't a problem, since it's not fired on new drafts (by design, sorta, there's debate going on here if you're interested).

I haven't found a straightforward way to do this yet, so I've asked upstream.

If there's not an easy way to do this already, I've got a commit ready for upstream that will make it easy to fix.

Lowering priority on this one, and marking it as blocked on Gerrit 2.5. Since drafts aren't really a secure way to keep changes private, should we really worry about this one at all? We should probably simply recommend that private changes go as patches in Bugzilla or some other place that's a bit more locked down.

Makes me wonder what is the use case of drafts feature anyway.

To do private changesets.

The problem is they aren't private enough. IMHO, they weren't quite ready yet when released :\

(In reply to comment #4)

Since
drafts aren't really a secure way to keep changes private, should we really
worry about this one at all?

I guess we should. AFAIK security fixes are being updated and reviewed using this feature (but I may be wrong).

(In reply to comment #7)

I guess we should [worry about this bug]. AFAIK security fixes are being
updated and reviewed using this feature (but I may be wrong).

We stopped because it isn't private enough (and fixing this bug wouldn't change that problem).

  • Bug 44217 has been marked as a duplicate of this bug. ***

This was done for new patchsets awhile ago, but we never handled the original request for comments.

Our patch: gerrit change 53759
Upstream patch: https://gerrit-review.googlesource.com/43490