Allow to contribute using GitHub organizations #33
Conversation
Updated the path in the README for contributed scalars to reflect the correct naming convention.
|
In theory not against it because as you say the namespace is shared with user names. But: you would have to decide how to check if the user is allowed to make a contributions in the name of the organization. Do we have to a way to ensure that? |
|
I see. I was operating under a good faith assumption. It's not like we get thousands of scalar requests and we can probably manually verify for now. But it's true that scalars being immutable, it makes mistakes really hard to undo. And drafting a process is hard. First thing that comes to mind is asking an org admin to add you to their org to verify ownership and then remove you but that comes with questions (does that give you access to stuff you shouldn't have, etc, etc...). An alternative option would be allow DNS style and do the TXT record dance but now that we have started with GitHub, it would make the urls look a bit awkward 😄 |
Just to be clear: I am in favor of allowing it, but we need to have some kind of check in place. Can be totally manual and cumbersome of course, but I don't think we can do completely without it. How about we add a note that says "manual verification if the author is allowed to make the contribution in the name of the org is required"? |
That works for me, I have added some language around this. Only issue is if someone complains later and that process is not publicly recorded, then it's hard to justify. But I'd rather have more contributions to the scalars so I'm ready to leave that problem to my future self. |
|
I think we can merge that. |
See #32 (comment)
I think it's OK to allow organization names. Users and Organizations share the same namespace in GitHub so there is no risk of clash.
It also allows to acknowledge the work that some organizations put in the community.