FYI. In short, we are part of an early access program from github that should allow us to have better ability to manage pull requests and issues in Github.
https://github.com/blog/2020-improved-organization-permissions Thanks, Nikhil -----Original Message----- From: David Nalley [mailto:[email protected]] Sent: Wednesday, July 15, 2015 7:38 PM To: Nikhil Khandelwal Cc: [email protected] Subject: Re: Github - Ability to add tags to pull requests Hi Nikhil: This (and related issues with pull requests) are a frequent request from projects. So we have a number of things going on right now with regards to github that will be of interest, but won't solve this problem for you (at least yet). So today, the permissions for Github are pretty coarse, there are essentially three levels: read, write, and admin. Unfortunately to do anything much more than comment on a review, you need write level. Currently we don't have anyone with write level access because the repos are mirrors only. (A subset of the root@ infrastructure team has admin access to the Apache organization.) Earlier this year we began exploring the possibility of making Github our canonical repository (meaning committers would get write access) and while most of the issues we found were solvable, the current blocker on that Github doesn't expose push logs to us. They feel they have a duty to protect their users privacy. We feel that we need to see push logs for provenance purposes. You can see that decision in the April Legal Affairs board report. [1]. We are continuing the conversation with Github, and have even talked as recently as this week about the situation as we continue to try and sort it out. Separately from that, Github is just now starting early access to improved org permissions that features greatly enhanced granularity of permissions[2], including granting permissions to manipulate pull requests and issues separate from write access to the repositories. We've asked, and been told we'll be included in the early access program, but as of yet, that hasn't yet begun; though we hope it will come to fruition in the coming weeks and we'll start working on deploying that. Completely separately from those two - IF the improved org permissions doesn't come about in a timely manner, or if it doesn't meet our needs, we have some code that authenticates and authorizes based on the ASF's LDAP service, and then proxies requests to Github using one of service accounts at Github. We don't want to stand this up service if it's going to be obviated by Github in a matter of days or weeks. --David [1] https://whimsy.apache.org/board/minutes/Legal_Affairs.html [2] https://github.com/blog/2020-improved-organization-permissions On Wed, Jul 15, 2015 at 6:23 PM, Nikhil Khandelwal <[email protected]> wrote: > I am a committer in the Apache Cordova community and we use github > extensively to accept code contributions from others in the community. > We had been fortunate to have a high number of contributions coming in > over the > 40+ github repos that we maintain. One of the challenges has been to > 40+ ability > to organize the list of pull requests by using assignees, tag for > milestones, severity, or feature area. > > > > Currently, we have over 240 pull requests open: > http://s.apache.org/cordovaPulls > > > > Github UI offers great features to tag, and track pull requests and > none of these are available to committers. > > > > I would like to figure out a way for committers to be able to get > access to this on github. I want to use this thread to explore the > feasibility of this. > > > > -Nikhil
