This commit reverts db7ef3f02517f9f2a3c56829a22b9fad3c36e374
(though it keeps the year updates)
After discussion with several people, it seems better to mention
copyright owners explicitly. eg. https://reuse.software/faq/#vcs-copyright
explains the issue of using VCSs to track copyright.
As db7ef3f02517f9f2a3c56829a22b9fad3c36e374 only replaced mentions
of my name with 'The Limnoria Contributors', this commit only needs
to undo that + add one person who contributed to setup.py.
I don't understand why this restriction exists. If someone gains access to someone else's owner account, they can do a lot worse damage than just changing the owner password.
People logging in via NickAuth or hostmasks should be able to change their passwords at will, even if the owner doesn't know his previous password.
Since the keyid should always match the master key, regardless of
whether there's a subkey or not, reduced this to simply make keyid be
the last 16 chars of the master key's fingerprint.
Changes one line and adds six to do this:
* change keyid = verified.keyid to be keyid0;
* added an if/else check to see if it's the subkey or master key; and
* then set keyid according the result of that check;
* then continues as normal.
Replacement code which might work to enable advanced keys with signing
subkeys to be correctly handled by the bot by associating the subkey
with the relevant master key.
Signing format still only clearsigning, the key details are more
important and auth via encrypted token and decryption is likely to be
more reliable anyway as there is far less chance of some other protocol
messing with the signed content. Effectively no chance, though the odd
corrupted packet here and there is still possible. Whereas with
clearsigning it can be broken by all manner of rewriting in
transit (which happens often enough with signed email as it is).
See also Issue #1045 for greater detail of what needs to be fixed and
what is to be done about it.
This variable is a list of capabilities that are considered as 'private',
ie. the bot won't tell anyone but admins that a user has it, nor will the
bot give a list of users with this capability.
