-
Notifications
You must be signed in to change notification settings - Fork 11
Repo and npm accesses of related projects #8
Comments
Personnally, I'd go with "organizing things in a similar way to WG" to keep consistency throughout foundation. Although, I'm not sure which emoji option represents that... second one I guess? |
@Tiriel If we want to keep the list of people having write access to all projects short, we can also form a subteam ( |
I am with with @Tiriel. Personally, I'm a rookie here, so I'm not sure if I should have write access to all. |
@alopezsanchez These repos will be public so anyone can open pull requests. |
So another way to organize things is:
Alghough it does not work well with the monorepo idea...maybe subteams for releasers only? |
@joyeecheung automation-collaborators seems good for me! Being in the team is really cool, but I don't want to mess things up accidentally while I'm not yet full Collaborator. IMHO your last org graph is cool, but should include this automation-collaborators team. |
I'm +1 for having a two-team structure, "collaborators/maintainers" who can merge in PRs, and other folks who are acknowledged as being regular contributors. As for npm releases, I think there should either be an automated system for publishing (but that's a whole nother conversation) so that this isn't a concern, or a very short list of folks so that publishing can't happen by mistake or without enough communication. |
@JasonEtco Yes, nodejs/TSC#406 (comment) mentioned semantic-release, that seems like a good fit. |
"automation-collaborators" structure is actually a great idea 👏 . I believe this structure will protect our collaboration from mistakes. |
I like the idea of having wider commit access to nodejs/automation, and then a smaller subgroup that will handle npm releases. I'm not sure if it's a good idea to have separate teams for each tool, since the teams would probably be small-ish, and there would also probably be a lot of overlap between the tools. |
So on a second thought, this is what I am leaning towards right now:
|
@joyeecheung I'm definitely with you on the last one |
So given the responses in #8 (comment), I think we can try out the subteam structure first. I have created the two subteams, will open a PR to explain it in the readme & see if there are any more opinions on this later. |
https://github.com/nodejs/core-validate-commit and https://github.com/nodejs/node-review (EDIT: also https://github.com/nodejs/branch-diff and https://github.com/nodejs/changelog-maker) have already been moved into the Node.js orgnization and there will be more repos get transferred later. (also the github bot is probably going to be handed over to the automation team as well). We need to figure out how to organize the accesses of these projects.
Repository access
Including write access(commit) and admin access(add new people).
A few options that I have in mind:
If we do want to adopt the monorepo idea(see #1 (comment)), then after the transition we can probably just go with option 2.
NPM publish access
So first thing to do is to add the foundation account to the collaborator list as a safety net. We should keep the existing npm collaborators, other than that, I can think of a few options:
Personally I would prefer to see the releasers turn on 2FA on their npm accounts as well.
So...
👍 if you want subteams with repo/npm accesses
😄 if you want a big team with repo accesses, and small teams of releasers for each project
Or discuss in this thread about any other ideas that you have!
The text was updated successfully, but these errors were encountered: