> Embryonic thought: maybe we could consider > `repository-permissions-updater` to be the source of truth? After all,
+1. Since this is what actually changes the permissions, I thinks it makes sense to handle PRs there as formal requests. > (I still maintain that a separate heads-up to the dev list is in order.) Could we send automatic email notifications to the list as part of the the build given the presence of a special tag in the PR? I’m not sure how useful it would be, since the requester would probably need to reply anyway in an attempt to CC the maintainers, but maybe the consistency would be helpful. > An org admin also needs to update the GitHub permissions via e.g. > > https://github.com/orgs/jenkinsci/teams/build-token-root-plugin-developers/members > > but that could just be a (manual or scripted) consequence of the > `plugin-*.yml` patch. Yes, I think it would be ideal if both Artifactory and GitHub permissions were granted at the same time and managed in the same place. If it were automated, there would need to be a way to specify GitHub usernames in `plugin-*.yml` for users who have different usernames on each platform, and we’d need to be careful that automatic modification of GitHub permissions did not remove permissions from existing users on GitHub who were not specified in `plugin-*.yml`. > We would also want to deprecate the `<developers>` POM field +1 -- You received this message because you are subscribed to the Google Groups "Jenkins Developers" group. To unsubscribe from this group and stop receiving emails from it, send an email to [email protected]. To view this discussion on the web visit https://groups.google.com/d/msgid/jenkinsci-dev/EEB000AD-0F94-4C36-ABB5-D54354452E0F%40cloudbees.com. For more options, visit https://groups.google.com/d/optout.
