RLS feature has been committed

Hi,

I'm posting my reply to Stephen's mail at
http://archives.postgresql.org/message-id/20140919163839.GH16422%40tamriel.snowman.net
in a new thread because I think it's a important discussion and many
people probably stopped following the RLS thread at some point.

On 2014-09-19 12:38:39 -0400, Stephen Frost wrote:
> * Robert Haas (robertmhaas(at)gmail(dot)com) wrote:
> > I specifically asked you to hold off on committing this until there
> > was adequate opportunity for review, and explained my reasoning. You
> > committed it anyway.
>
> Hum- my apologies, I honestly don't recall you specifically asking for
> it to be held off indefinitely. :( There was discussion back and
> forth, quite a bit of it with you, and I thank you for your help with
> that and certainly welcome any additional comments.

> > This patch, on the other hand, was massively revised after the start
> > of the CommitFest after many months of inactivity and committed with
> > no thorough review by anyone who was truly independent of the
> > development effort. It was then committed with no warning over a
> > specific request, from another committer, that more time be allowed
> > for review.
>
> I would not (nor do I feel that I did..) have committed it over a
> specific request to not do so from another committer. I had been hoping
> that there would be another review coming from somewhere, but there is
> always a trade-off between waiting longer to get a review ahead of a
> commit and having it committed and then available more easily for others
> to work with, review, and generally moving forward.

c.f. http://archives.postgresql.org/message-id/CA%2BTgmoaX%2BptioOxx42rxJxsgrvxPfUVyndkpeR0JsRiTeZ36Ng%40mail.gmail.com

> > I'm really disappointed by that. I feel I'm essentially getting
> > punished for trying to follow what I understand to the process, which
> > has involved me doing huge amounts of review of other people's patches
> > and waiting a very long time to get my own stuff committed, while you
> > bull ahead with your own patches.
>
> While I wasn't public about it, I actually specifically discussed this
> question with others, a few times even, to try and make sure that I
> wasn't stepping out of line by moving forward.

> That said, I do see that Andres feels similairly. It certainly wasn't
> my intent to surprise anyone by it but simply to continue to move
> forward- in part, to allow me to properly break from it and work on
> other things, including reviewing other patches in the commitfest.
> I fear I've simply been overly focused on it these past few weeks, for a
> variety of reasons that would likely best be discussed at the pub.

I've now slept a couple days on this. And my position hasn't changed.

This patch has been pushed in a clear violation of established policy.

Fundamental pieces of the patch have changed *after* the commitfest
started. And there wasn't a recent patch in the commitfest either - the
entry was moved over from the last round without a new patch. It didn't
receive independent review (Robert explicitly said his wasn't a full
review). It wasn't marked ready for committer. The intention to commit
wasn't announced publically. There were *clear* and unaddressed
objections to committing the patch as is, by a committer (Robert)
nonetheless.

It'd be a somewhat different thing if this weren't about a security
sensitive feature, the patch only needed minor cleanup after the start
of the CF, or there at least had been constant public progress over the
last months. Neither is the case.

The circumstances around this being committed make me deeply
uncomfortable. It's setting a very bad precedent. I don't think we want
to go down that route.

> All-in-all, I feel appropriately chastised and certainly don't wish to
> be surprising fellow committers. Perhaps we can discuss at the dev
> meeting.

I really don't know what you understand under "appropriately chastised"
- but I think there's a pretty obvious way to do handle this
appropriately.

And waiting till the dev meeting obviously makes the whole discussion
moot.

Greetings,

Andres Freund