[Infrastructure] GitHub permissions & RFC 3647 Template
Wayne Thayer
wthayer at gmail.com
Wed Jul 1 12:17:09 MST 2020
+1
On Wed, Jul 1, 2020 at 12:11 PM Tim Hollebeek <tim.hollebeek at digicert.com>
wrote:
> I agree.
>
>
>
> -Tim
>
>
>
> *From:* Infrastructure <infrastructure-bounces at cabforum.org> *On Behalf
> Of *Jos Purvis (jopurvis)
> *Sent:* Wednesday, July 1, 2020 2:02 PM
> *To:* Ryan Sleevi <sleevi at google.com>; Ben Wilson <bwilson at mozilla.com>
> *Cc:* infrastructure at cabforum.org
> *Subject:* Re: [Infrastructure] GitHub permissions & RFC 3647 Template
>
>
>
> I definitely agree: at most, it would require two administrators to make a
> quick change like that, which seems like a good idea. Four-eyes principle
> FTW. 😊
>
>
>
>
>
> --
> Jos Purvis (jopurvis at cisco.com)
> .:|:.:|:. cisco systems | Cryptographic Services
> PGP: 0xFD802FEE07D19105 | Controls and Trust Verification
>
>
>
>
>
> *From: *Infrastructure <infrastructure-bounces at cabforum.org> on behalf of
> Ryan Sleevi <sleevi at google.com>
> *Date: *Wednesday, July 1, 2020 at 1:53 PM
> *To: *Ben Wilson <bwilson at mozilla.com>
> *Cc: *"infrastructure at cabforum.org" <infrastructure at cabforum.org>
> *Subject: *Re: [Infrastructure] GitHub permissions & RFC 3647 Template
>
>
>
> I wanted to hear from other members, especially since many of the GitHub
> administrators are on the list, before unilaterally making any changes :)
>
>
>
> On Wed, Jul 1, 2020 at 1:46 PM Ben Wilson <bwilson at mozilla.com> wrote:
>
> Hi Ryan,
>
> I have the setting window open in Github. Should I mark that checkbox ("
> Enforce all configured restrictions above for administrators.")?
>
> Thanks,
>
> Ben
>
>
>
> On Wed, Jul 1, 2020 at 11:05 AM Ben Wilson <bwilson at mozilla.com> wrote:
>
> Yeah, I agree.
>
>
>
> On Wed, Jul 1, 2020 at 10:26 AM Ryan Sleevi <sleevi at google.com> wrote:
>
> Hey Ben,
>
>
>
> Not to try and call you out, but I noticed you directly committed
> https://github.com/cabforum/documents/commit/1e60f228aefc9dabd20ab3ccd39c295c1b895aec to
> the master without any form of pull request or review (AFAICT)
>
>
>
> That's definitely not ideal, especially because it's unfortunately not
> valid markdown.
>
>
>
> We currently have branch protections enabled to prevent this, but I think
> you may have been able to bypass these protections because we don't have
> them enforced for administrators.
>
>
>
> I think we should enforce them for administrators (via Settings ->
> Branches -> Branch Protection -> Master -> "Include Administrators"). I
> realize this may make it harder to make infrastructure-related changes, but
> that seems to be a net win, overall. Do other folks agree?
>
> _______________________________________________
> Infrastructure mailing list
> Infrastructure at cabforum.org
> https://lists.cabforum.org/mailman/listinfo/infrastructure
>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.cabforum.org/pipermail/infrastructure/attachments/20200701/0e967f1a/attachment-0001.html>
More information about the Infrastructure
mailing list