github's noreply emails have a known format:
<github user source ID>+<username>@users.noreply.github.com
this gives us two ways to resolve to the user:
- extract the user ID from the email and (somehow) make an api call with that (if possible) to fetch public profile data.
- extract the login username from the email and use the existing user api that we currently do (maybe even cross checking against the source ID)
All of this can be done with only an email address and the single api call to fetch their public profile. this may pretty substantially help us resolve users with noreply addresses.
That said, this may also introduce the edge case where, if we rely solely on the email address (a user-controlled field), and someone decides to make a commit in someone elses name, that will get resolved to the other person.
github's noreply emails have a known format:
<github user source ID>+<username>@users.noreply.github.comthis gives us two ways to resolve to the user:
All of this can be done with only an email address and the single api call to fetch their public profile. this may pretty substantially help us resolve users with noreply addresses.
That said, this may also introduce the edge case where, if we rely solely on the email address (a user-controlled field), and someone decides to make a commit in someone elses name, that will get resolved to the other person.