3.31.1 patch request for permissions sync commits

[bobheadxi]

@sourcegraph/distribution I am requesting the following commits be included in a patch release. They are already merged into main:

• fa91928 (authz/github: repo-centric perms sync from team/org perms caches #24328)
• 46c8ed9 (authz/github: fixes for oauth scopes check #24471)

The intent of the questions below is to ensure we keep Sourcegraph high quality and only create patch releases based on a strict criteria. If you can answer yes to many or most of these questions, we will be happy to create the patch release.

I have read when and why we perform patch releases and answer the questions as follows:

Are users/customers actively asking us for these changes and cannot wait until the next full release?

Yes

Are the changes extremely minimal, well-tested, and low risk such that not testing as we do in a full release is OK?

They are not minimal, but they are reasonably unit/integration tested, and are also feature-flagged (authorization.groupsCacheTTL). The changes have been deployed to both cloud and dogfood where the default behaviour continues to work as expected.

Is there some functionality completely broken that warrants redacting the prior release of Sourcegraph and advising users wait for the patch release?

No

This will interrupt our regular planned work and release cycle, taking one full working day of our time, and will take up all of our site admin's valuable time by asking them to upgrade or producing noise for them if they don't need to upgrade.

Do you believe the changes are important enough to warrant this?

Yes - this is relevant to a number of high-priority customers in trial

Patch releases are a signal we can do something better to improve the quality of Sourcegraph. Have you already scheduled a call (or created a google doc) to perform a retrospective and identify ways we can improve?

There are ongoing discussions about balancing customer and product requirements, such as RFC 457, to avoid having functionality like this be urgently requested on short time frames.

---

For the release captain - after reviewing and approving this request:

• If there is already an upcoming patch release, add the listed commits alongside a link to this issue
• If there is no upcoming patch release, create a new one:
  • Update dev/release/release-config.jsonc with the patch release in upcomingRelease and releaseDate (and open a PR to main to update it)
  • yarn release tracking:issues
  • Add the listed commits alongside a link to this issue to the generated release tracking issue

Comment and close this issue once the relevant commit(s) have been cherry-picked into the release branch.

[github-actions]

Heads up @davejrt @ggilmore @daxmc99 @dan-mckean - the "team/distribution" label was applied to this issue.

[bobheadxi]

Comment and close this issue once the relevant commit(s) have been cherry-picked into the release branch.

Closing this 👍