* Patrick Georgi firstname.lastname@example.org [151105 19:00]:
2015-11-04 16:57 GMT+01:00 Martin Roth email@example.com:
- Are there any required login methods? Does it need to support the
login types that review.coreboot.org supports?
redmine has an omniauth plugin that should allow OpenID and OAuth2 (Google/Github flavor). I'd prefer using that over yet another account database.
- Is (anonymous) public reporting desired, or do we want to require
sign-in and user validation first? (I'd vote for sign in)
We're lucky with gerrit (or maybe OpenID is enough of a hurdle), but anonymous bug trackers tend to be extremely maintenance heavy to sort out the spam. I'd go for requesting OpenID/OAuth accounts, similar to gerrit.
Looking at how long it took for people to stop sending award bios disassemblies around to the mailing list, I strongly encourage not having an anonymous service. It's not doing the project a good service.