Thanks for sharing Nikhil with the broader audience On Fri, Jul 17, 2015 at 1:51 PM Nikhil Khandelwal <[email protected]> wrote:
> FYI. In short, we are part of an early access program from github that > should allow us to have better ability to manage pull requests and issues > in Github. > > https://github.com/blog/2020-improved-organization-permissions > > Thanks, > Nikhil > > > -----Original Message----- > From: David Nalley [mailto:[email protected]] > Sent: Wednesday, July 15, 2015 7:38 PM > To: Nikhil Khandelwal > Cc: [email protected] > Subject: Re: Github - Ability to add tags to pull requests > > Hi Nikhil: > > This (and related issues with pull requests) are a frequent request from > projects. So we have a number of things going on right now with regards to > github that will be of interest, but won't solve this problem for you (at > least yet). > > So today, the permissions for Github are pretty coarse, there are > essentially three levels: read, write, and admin. > > Unfortunately to do anything much more than comment on a review, you need > write level. Currently we don't have anyone with write level access because > the repos are mirrors only. (A subset of the root@ infrastructure team > has admin access to the Apache organization.) > > Earlier this year we began exploring the possibility of making Github our > canonical repository (meaning committers would get write access) and while > most of the issues we found were solvable, the current blocker on that > Github doesn't expose push logs to us. They feel they have a duty to > protect their users privacy. We feel that we need to see push logs for > provenance purposes. You can see that decision in the April Legal Affairs > board report. [1]. We are continuing the conversation with Github, and have > even talked as recently as this week about the situation as we continue to > try and sort it out. > > Separately from that, Github is just now starting early access to improved > org permissions that features greatly enhanced granularity of > permissions[2], including granting permissions to manipulate pull requests > and issues separate from write access to the repositories. > We've asked, and been told we'll be included in the early access program, > but as of yet, that hasn't yet begun; though we hope it will come to > fruition in the coming weeks and we'll start working on deploying that. > > Completely separately from those two - IF the improved org permissions > doesn't come about in a timely manner, or if it doesn't meet our needs, we > have some code that authenticates and authorizes based on the ASF's LDAP > service, and then proxies requests to Github using one of service accounts > at Github. We don't want to stand this up service if it's going to be > obviated by Github in a matter of days or weeks. > > > --David > > > [1] https://whimsy.apache.org/board/minutes/Legal_Affairs.html > [2] https://github.com/blog/2020-improved-organization-permissions > > On Wed, Jul 15, 2015 at 6:23 PM, Nikhil Khandelwal <[email protected]> > wrote: > > I am a committer in the Apache Cordova community and we use github > > extensively to accept code contributions from others in the community. > > We had been fortunate to have a high number of contributions coming in > > over the > > 40+ github repos that we maintain. One of the challenges has been to > > 40+ ability > > to organize the list of pull requests by using assignees, tag for > > milestones, severity, or feature area. > > > > > > > > Currently, we have over 240 pull requests open: > > http://s.apache.org/cordovaPulls > > > > > > > > Github UI offers great features to tag, and track pull requests and > > none of these are available to committers. > > > > > > > > I would like to figure out a way for committers to be able to get > > access to this on github. I want to use this thread to explore the > > feasibility of this. > > > > > > > > -Nikhil >
