Rolled forward from T13102, see PHI364. An install encountered a held lock issue in a cluster which resolved itself immediately when I appeared onsite. It seemed plausible that this was because read synchronization does not put a timeout on git fetch, so if git fetch hangs for some network-related reason the lock could be held indefinitely.
See PHI466. This isn't totally concrete yet, but it looks like a user who has resigned from a revision but is still part of a package/project can continue getting notifications (just not email) in some situations; they should not.
See PHI488. See T11145. Workflow forms do not disable their submit buttons when submitted. Also, at least in Chrome and Firefox, if you click extremely fast you can still double-submit a form even though we're disabling the button immediately in the event handler (???). We can deploy stronger locks on submission against these browsers.
These were moved to T13110: