I asked too many times Ezio Melotti and R. David Murray to give the bug triage permission to a contributor, so they decided to give me the “Coordinator” role on bugs.python.org I was worried that we had not enough “Coordinators”, but there are 26 Coordinators!
Problem: in the list, they are core devs who are inactive for more than 5 years. I’m worried about the security of bugs.python.org, since the authentication is a “simple” login/password: there is no 2-factor authentication (2FA).
For security reasons, I suggest to remove the Coordinator role from inactive coordinators. I’m not sure how to identify who is inactive. Maybe just iterate on the list and check online activity (mailing list, discourse, bug tracker, GitHub, etc.) of each coordinator?
Once we have a list of inactive coordinators: send them an email to ask them if they want to keep this role. If they want to keep it: do nothing. If they don’t reply in 1 month: remove the role.
If a coordinator comes back, we will give them immediately the role again. It’s only a matter of security.
Another issue with inactive coordinators is to have an idea of how many moderators we have to handle spam on bugs.python.org. Maybe they are way less than 26 persons looking frequently for spam?