Re: [Savannah-users] Removing old user accounts with no past activity

[Nicodemo Alvaro]

On 7/30/09, Sylvain Beucler <address@hidden> wrote:
> On Thu, Jul 30, 2009 at 12:35:37PM -0500, Nicodemo Alvaro wrote:
>> On 7/30/09, Sylvain Beucler <address@hidden> wrote:
>>
>> > We're talking about 30-40,000 users, sadly.
>>
>> Other than keeping accurate statistics, how will it help to remove a
>> huge portion of the unknown registered users.
>>
>> If it is a hardware issue, I thought Savannah would be getting an
>> upgrade sooner or later.
>>
>> If it is load issue on the database, is there no other way around this?
>
> I don't think there's any performances issue at stake.
>
> Keeping accurate statistics sounds important to me, if only to get a
> clearer idea of far we can support non-full-automated features or make
> exceptions.  The more users, the more work, the shier the sysadmins.

The more users does not mean more support requests. More users making
more support requests means more support requests. I would think that
administrators may find it exciting that they are helping a site that
supports 60,000 users. Those 60,000 users are also evidence that free
software is active. Even if they did not use their account to do
anything, they did at least make some effort to create an account. If
you want different statistics, why not adjust the measure you are
using? Removing your user accounts is a very risky thing to do for the
purpose of statistics.

> In addition I'm generaly in favor of trimming data that is not useful,
> to prevent it from piling up. I think maintaining data always has a
> cost, we're experiencing it when migrating the user base to the new
> frontend in test.

Why was it not asked "What alternatives can we do to make our
transition from the old to the new?"

I think that there must be another way around this. Managing users
seems to be a recurrent problem across many different systems at the
FSF. I would imagine that the volunteers could come up with a
universal system. For example, Davi is working very hard to implement
an XML-RPC service for GNU Herds and Savannah integration. Why can it
not be done that there would be a central user account system, that
Savannah or any other FSF approved system, authenticate against?

I would hope such a system would be created, since having so many
different accounts is a user issue because we have to create many
different user accounts and therefore weaker passwords to help us
remember. Maybe, one could say that I should create a unique strong
password for all FSF associated accounts, and that would achieve the
same purpose. I don't know.

>> Are there no other reasons someone would login to Savannah without
>> keeping a record? How about to find the mailing list address of the
>> project or to contact the developer privately? Some people may not
>> prefer the system that savannah uses to track issues, so why force
>> them out of these avenues. I forget which one, but some projects may
>> not even use savannah's tracking system. Are they wrong to do this?
>
> It's not about enforcing a tracking system.  It just sounds weird to
> have an account for a year and not having made a single comment in a
> news or tracker item, and not being part of any project.

To me it seemed that the way around getting an account deleted forcing
users into the tracking system in your reply to Randy's case.

> I did not remember about the e-mail obfuscation issues, you're right
> that people may have registered accounts just to get that piece of
> information (mailing lists adresses are present on the linked mailman
> pages but that doesn't apply to the user contact info indeed).
>
> So maybe we need to implement a way to precisely identify the "last
> login" date before trimming accounts, even if they have no past
> activity.
>
> I can however trace a subset of ~19200 accounts that weren't used for
> the past 5 years - because their password was reset following the 2003
> crack and never changed since then.  1400 out of them have a trace on
> the system.  I'm in favor of removing the other ones.
>
>
> You also sound a bit vindicative - is it just me, or is there another
> reason why removing unused account is a problem for you? :)

I did not find a reason for the removal of thousands of users, and I
found it perplexing. We can hardly expect that everyone hears the
announcement that savannah is removing accounts. I admit something I
have to work on is my tone, but this is a great place to start!

-- 
Nicodemo