|Version 17 (modified by hasienda, 4 years ago) (diff)|
Username Policy for trac-hacks.org
For reasons and ongoing discussion please visit and participate in #10092 .
- number of characters: 5 .. 30 allowed
rationale: lower limit helps i.e. with most common acronyms, company names and Trac version numbers rationale: upper limit is a bit arbitrary here, but nevertheless should exist
- contains maximum of 3 characters repeated in a row
rationale: depreciate something like 'aaaaa', as we already witness several examples for that
- contains maximum of 3 numeric characters
rationale: depreciate phone numbers or PGP key-IDs
- no space in-between (use '_' instead)
this might be obsolete - need to look more closely to registration core for this
- doesn't contain some blacklisted character sequences, i.e.: 'test'
World-wide there are strong feelings about brands, and we'd better steer clear of even the possibility of getting involved into infringement accusations of any kind ASAP.
- new usernames must not differ from any existing username only by casing
- Unicode chars allowed - planned after upgrading to Trac 1.0
a phonetic/all-latin transcription is strongly recommended on the user wiki page to ease developer conversation (commonly done in English)
Ideally we'll implement all rules in the registration procedure provided by AccountManagerPlugin. Current status:
- 1: plan: use REGEXP, see #5295 for existing patch, that is especially lacking a useful error message (similar to a conclusion for the analog enhancement request for email validation in #8076)
- 2: plan: use REGEXP combined with 1
- 3: plan: use REGEXP combined with 1 + 2
- 4: solution: use username_char_blacklist = :  - note the blank in-between
- 5: plan: best to approach with a blacklist of character sequences, each on a line, read from a dedicated wiki page
- 6: more discussion required: not easily done by blacklisting or similar code, maybe moderation (#843) is the best approach here, but that would largely obsolete the other points and shift all the burden towards moderators, what might or might not be acceptable
- 7: solution: use username_dup_case = true to extend existing checks towards being optionally case-less (since )
Of course that doesn't help for existing accounts, and we need to called the following users for clearance:
Exceptions should all get documented openly. We must advertise at the mailing-list and send notifications to existing email contacts. If the user is not responsive within a reasonable amount of time, say 3 months, we'll close the account and remove it after another 3-month-period.
Reason given as reference to rules above
Reasons by number:
- plugin author/maintainer or developer who actually did commits to t-h.o repository
- persons clear name/contact is matching username
- valid link to homepage