Comments (5)
One thing we need to keep in mind when transferring repositories over to the omniauth organization is that we'll also require access to cut new gems.
from omniauth-org.
Here's what I think moving a gem into the organization should look like:
- Create a new team in the organization for the gem maintainers
- Add all maintainers to the team
- Request that the maintainers add an Omniauth organization owner as an Outside Collaborator with Admin privileges
- Owner transfers the repository to @omniauth
- Owner grants the new team Admin access to the transferred repository
It's possible that there may be cases where we want an "admin" team that is separate from the "write" team for a particular gem or set of gems. It's also possible that step 3 and 5 may be unnecessary since we allow members to create new repositories. I believe that allows them to assign privileges to teams they are part of.
from omniauth-org.
@tmilewski I think the discussion of whether anyone needs to grant access to deploy gems is separate. I don't see the purpose of this organization as being centralized management of all things Omniauth, but rather an umbrella that makes it easier to find Omniauth-related gems.
from omniauth-org.
@md5 [Happy to move this to another thread, if need be.]
I completely agree that the organization's goal shouldn't be around centralized management.
I only mentioned that due to the fact that I think we've all seen a number of OA gems go unmaintained for some time. Heck, some were sitting on major security issues for years.
I feel that having the ability to update access, enabling (new) maintainers to cut gems, is important. Limiting that to the maintainers listed each respective team sounds good to me so long as it's two or more.
This all comes from personal experience wherein one sole person had access to cut OA gems and was 100% MIA. I simply couldn't get a hold of said person despite attempting to contact them via multiple mediums.
from omniauth-org.
Hi,
I just wanted to bring to your attention:
I think OpenID Connect is important enough to have it under the maintenance of the organisation and not an individual.
from omniauth-org.
Related Issues (4)
Recommend Projects
-
React
A declarative, efficient, and flexible JavaScript library for building user interfaces.
-
Vue.js
🖖 Vue.js is a progressive, incrementally-adoptable JavaScript framework for building UI on the web.
-
Typescript
TypeScript is a superset of JavaScript that compiles to clean JavaScript output.
-
TensorFlow
An Open Source Machine Learning Framework for Everyone
-
Django
The Web framework for perfectionists with deadlines.
-
Laravel
A PHP framework for web artisans
-
D3
Bring data to life with SVG, Canvas and HTML. 📊📈🎉
-
Recommend Topics
-
javascript
JavaScript (JS) is a lightweight interpreted programming language with first-class functions.
-
web
Some thing interesting about web. New door for the world.
-
server
A server is a program made to process requests and deliver data to clients.
-
Machine learning
Machine learning is a way of modeling and interpreting data that allows a piece of software to respond intelligently.
-
Visualization
Some thing interesting about visualization, use data art
-
Game
Some thing interesting about game, make everyone happy.
Recommend Org
-
Facebook
We are working to build community through open source technology. NB: members must have two-factor auth.
-
Microsoft
Open source projects and samples from Microsoft.
-
Google
Google ❤️ Open Source for everyone.
-
Alibaba
Alibaba Open Source for everyone
-
D3
Data-Driven Documents codes.
-
Tencent
China tencent open source team.
from omniauth-org.