dave2wave commented on issue #60: URL: https://github.com/apache/tooling-docs/issues/60#issuecomment-3536861967
Some policies we'll need to add: 1. Permission for committers to take the role of Release Manager. One idea is to have a PMC member elevate their privileges. The current policy is a blanket choice one way or another by the PMC and enforced by setting auth in svn. 2. Standard prefix for auth tokens so that systems like GH Actions will know to obfuscate these if they happen to get logged. 3. Requiring MFA. 4. Finishing the release and contingent approval. -- This is an automated message from the Apache Git Service. To respond to the message, please log on to GitHub and use the URL above to go to the specific comment. To unsubscribe, e-mail: [email protected] For queries about this service, please contact Infrastructure at: [email protected] --------------------------------------------------------------------- To unsubscribe, e-mail: [email protected] For additional commands, e-mail: [email protected]
