[Infrastructure] GitHub permissions & RFC 3647 Template

Ryan Sleevi sleevi at google.com
Wed Jul 1 12:38:21 MST 2020


OK, I've enforced this for administrators as well, and to avoid any
mangling of history, enforced linear history (this only matters for merge
commit weirdness)

On Wed, Jul 1, 2020 at 3:17 PM Wayne Thayer <wthayer at gmail.com> wrote:

> +1
>
> On Wed, Jul 1, 2020 at 12:11 PM Tim Hollebeek <tim.hollebeek at digicert.com>
> wrote:
>
>> I agree.
>>
>>
>>
>> -Tim
>>
>>
>>
>> *From:* Infrastructure <infrastructure-bounces at cabforum.org> *On Behalf
>> Of *Jos Purvis (jopurvis)
>> *Sent:* Wednesday, July 1, 2020 2:02 PM
>> *To:* Ryan Sleevi <sleevi at google.com>; Ben Wilson <bwilson at mozilla.com>
>> *Cc:* infrastructure at cabforum.org
>> *Subject:* Re: [Infrastructure] GitHub permissions & RFC 3647 Template
>>
>>
>>
>> I definitely agree: at most, it would require two administrators to make
>> a quick change like that, which seems like a good idea. Four-eyes principle
>> FTW. 😊
>>
>>
>>
>>
>>
>> --
>> Jos Purvis (jopurvis at cisco.com)
>> .:|:.:|:. cisco systems | Cryptographic Services
>> PGP: 0xFD802FEE07D19105 | Controls and Trust Verification
>>
>>
>>
>>
>>
>> *From: *Infrastructure <infrastructure-bounces at cabforum.org> on behalf
>> of Ryan Sleevi <sleevi at google.com>
>> *Date: *Wednesday, July 1, 2020 at 1:53 PM
>> *To: *Ben Wilson <bwilson at mozilla.com>
>> *Cc: *"infrastructure at cabforum.org" <infrastructure at cabforum.org>
>> *Subject: *Re: [Infrastructure] GitHub permissions & RFC 3647 Template
>>
>>
>>
>> I wanted to hear from other members, especially since many of the GitHub
>> administrators are on the list, before unilaterally making any changes :)
>>
>>
>>
>> On Wed, Jul 1, 2020 at 1:46 PM Ben Wilson <bwilson at mozilla.com> wrote:
>>
>> Hi Ryan,
>>
>> I have the setting window open in Github.  Should I mark that checkbox ("
>> Enforce all configured restrictions above for administrators.")?
>>
>> Thanks,
>>
>> Ben
>>
>>
>>
>> On Wed, Jul 1, 2020 at 11:05 AM Ben Wilson <bwilson at mozilla.com> wrote:
>>
>> Yeah, I agree.
>>
>>
>>
>> On Wed, Jul 1, 2020 at 10:26 AM Ryan Sleevi <sleevi at google.com> wrote:
>>
>> Hey Ben,
>>
>>
>>
>> Not to try and call you out, but I noticed you directly committed
>> https://github.com/cabforum/documents/commit/1e60f228aefc9dabd20ab3ccd39c295c1b895aec to
>> the master without any form of pull request or review (AFAICT)
>>
>>
>>
>> That's definitely not ideal, especially because it's unfortunately not
>> valid markdown.
>>
>>
>>
>> We currently have branch protections enabled to prevent this, but I think
>> you may have been able to bypass these protections because we don't have
>> them enforced for administrators.
>>
>>
>>
>> I think we should enforce them for administrators (via Settings ->
>> Branches -> Branch Protection -> Master -> "Include Administrators"). I
>> realize this may make it harder to make infrastructure-related changes, but
>> that seems to be a net win, overall. Do other folks agree?
>>
>> _______________________________________________
>> Infrastructure mailing list
>> Infrastructure at cabforum.org
>> https://lists.cabforum.org/mailman/listinfo/infrastructure
>>
>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.cabforum.org/pipermail/infrastructure/attachments/20200701/a89cdc46/attachment.html>


More information about the Infrastructure mailing list