From 28adbae1f8572a1d30600b8a036ba44cca983a98 Mon Sep 17 00:00:00 2001 From: Steve Loeppky Date: Mon, 12 Feb 2024 08:59:51 -0800 Subject: [PATCH 01/11] Update ipfs.yml - reduce org owners/admins --- github/ipfs.yml | 8 ++++---- 1 file changed, 4 insertions(+), 4 deletions(-) diff --git a/github/ipfs.yml b/github/ipfs.yml index 4be669a..027ea23 100644 --- a/github/ipfs.yml +++ b/github/ipfs.yml @@ -5,19 +5,19 @@ members: - andyschwab-admin - aschmahmann - autonome + - galargh + - lidel + - Stebalien + member: - BigLep - cwaring - daviddias - - galargh - hsanjuan - jbenet - - lidel - momack2 - olizilla - - Stebalien - vesahc - whyrusleeping - member: - 1015bit - 2color - Aaron1011 From f2a01ba29fad8fc8414d0262b9ba88ca3e85a50b Mon Sep 17 00:00:00 2001 From: BigLep Date: Mon, 12 Feb 2024 17:02:32 +0000 Subject: [PATCH 02/11] fix@7875238694 [skip fix] --- github/ipfs.yml | 31 ++++++++++++++++++++----------- 1 file changed, 20 insertions(+), 11 deletions(-) diff --git a/github/ipfs.yml b/github/ipfs.yml index 027ea23..3ddbe13 100644 --- a/github/ipfs.yml +++ b/github/ipfs.yml @@ -9,15 +9,6 @@ members: - lidel - Stebalien member: - - BigLep - - cwaring - - daviddias - - hsanjuan - - jbenet - - momack2 - - olizilla - - vesahc - - whyrusleeping - 1015bit - 2color - Aaron1011 @@ -50,6 +41,7 @@ members: - avras - b5 - balupton + - BigLep - bigs - bjoyce3 - blackforestboi @@ -64,6 +56,7 @@ members: - codynhat - coryschwartz - cpacia + - cwaring - cyborgshead - daijiale - damedoteth @@ -71,6 +64,7 @@ members: - darkdh - darobin - davidar + - daviddias - dborzov - dchoi27 - deltazxm @@ -113,6 +107,7 @@ members: - harlantwood - hinshun - hosh + - hsanjuan - hugomrdias - ianamunoz - iand @@ -122,6 +117,7 @@ members: - jacobheun - jamiejn - janjanovna + - jbenet - jbenetsafer - jdelgadopin - jesseclay @@ -169,6 +165,7 @@ members: - mishmosh - miyazono - moeghashim + - momack2 - moul - Mr0grog - neogeweb3 @@ -180,6 +177,7 @@ members: - NukeManDan - nunofmn - obo20 + - olizilla - parkan - pepoospina - petar @@ -218,6 +216,7 @@ members: - tv42 - vasa-develop - vasco-santos + - vesahc - victorb - vmx - vojtechsimetka @@ -230,6 +229,7 @@ members: - wemeetagain - whereswaldon - whizzzkid + - whyrusleeping - willscott - Wondertan - yangwao @@ -7071,6 +7071,9 @@ repositories: - web3-bot default_branch: main description: JavaScript implementation of hash array mapped tries for use in sharding + files: + .github/workflows/stale.yml: + content: .github/workflows/stale.yml has_discussions: false merge_commit_message: PR_TITLE merge_commit_title: MERGE_MESSAGE @@ -8417,11 +8420,14 @@ repositories: - web3-bot default_branch: main description: A Delegated Routing V1 server and client for all your routing needs. + files: + .github/workflows/stale.yml: + content: .github/workflows/stale.yml has_discussions: false merge_commit_message: PR_TITLE merge_commit_title: MERGE_MESSAGE - secret_scanning_push_protection: false - secret_scanning: false + secret_scanning_push_protection: true + secret_scanning: true squash_merge_commit_message: COMMIT_MESSAGES squash_merge_commit_title: COMMIT_OR_PR_TITLE teams: @@ -8575,6 +8581,9 @@ repositories: - mishmosh default_branch: main description: IPFS Steering WG + files: + .github/workflows/stale.yml: + content: .github/workflows/stale.yml has_discussions: false merge_commit_message: PR_TITLE merge_commit_title: MERGE_MESSAGE From 1a604d16920ab5c19158e84af35fe06fb230021e Mon Sep 17 00:00:00 2001 From: Steve Loeppky Date: Mon, 12 Feb 2024 17:00:09 -0800 Subject: [PATCH 03/11] Update ipfs.yml - readded vesahc --- github/ipfs.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/github/ipfs.yml b/github/ipfs.yml index 3ddbe13..0ba8df1 100644 --- a/github/ipfs.yml +++ b/github/ipfs.yml @@ -8,6 +8,7 @@ members: - galargh - lidel - Stebalien + - vesahc member: - 1015bit - 2color @@ -216,7 +217,6 @@ members: - tv42 - vasa-develop - vasco-santos - - vesahc - victorb - vmx - vojtechsimetka From 17b61839ff353a632d08eb975d572e0d59cb20b1 Mon Sep 17 00:00:00 2001 From: Steve Loeppky Date: Mon, 12 Feb 2024 17:36:31 -0800 Subject: [PATCH 04/11] Update ipfs.yml - cleanup github-mgmt team. --- github/ipfs.yml | 17 ++++++++++++----- 1 file changed, 12 insertions(+), 5 deletions(-) diff --git a/github/ipfs.yml b/github/ipfs.yml index 0ba8df1..33ca204 100644 --- a/github/ipfs.yml +++ b/github/ipfs.yml @@ -1,6 +1,11 @@ # yaml-language-server: $schema=.schema.json members: + # Admin permissions map to "org owner" permissions listed in + # https://docs.github.com/en/organizations/managing-peoples-access-to-your-organization-with-roles/roles-in-an-organization#permissions-for-organization-rolesare + # These permissions are very broad, and thus, the list of people is intentionally minimal. + # Permissions are distributed across 3-4 separate organizations. + # One can request additional permissions for specific repos using ipld/github-mgmt. admin: - andyschwab-admin - aschmahmann @@ -8957,16 +8962,18 @@ teams: # using a team instead of direct collaborators because we want to reference it in the CODEOWNERS file description: Users that are effectively org admins members: - # WARN: membership here should be treated exactly as cautiously as having an org admin role + # WARN: membership here should be treated as cautiously as having an "org owner" role, + # since one can escalate their privileges accordingly. # ATTN: members are expected to: # - be familiar with GitHub Management # - be ready to triage/review org configuration change request in github-mgmt - maintainer: - - aschmahmann - - BigLep - - lidel + # Intentionally don't have any "maintainers" so that additional membership is done through github-mgmt rather than the GitHub UI. + # That said, since most of these people are also "org owners" ("members.admin" above), + # they can still make changes in the UI. member: + - aschmahmann - achingbrain + - lidel - willscott privacy: closed Go Core Team: From 389bb1f6a46d6bde786f1b9746ff403b33d7ada9 Mon Sep 17 00:00:00 2001 From: BigLep Date: Tue, 13 Feb 2024 01:37:37 +0000 Subject: [PATCH 05/11] fix@7880486036 [skip fix] --- github/ipfs.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/github/ipfs.yml b/github/ipfs.yml index 33ca204..3542b9b 100644 --- a/github/ipfs.yml +++ b/github/ipfs.yml @@ -8971,8 +8971,8 @@ teams: # That said, since most of these people are also "org owners" ("members.admin" above), # they can still make changes in the UI. member: - - aschmahmann - achingbrain + - aschmahmann - lidel - willscott privacy: closed From 40d6004126ec012934d8b7411ab7472162545e94 Mon Sep 17 00:00:00 2001 From: "ipfs-mgmt-read-write[bot]" Date: Wed, 14 Feb 2024 17:33:22 +0000 Subject: [PATCH 06/11] fix@7905104937 [skip fix] --- github/ipfs.yml | 3 +++ 1 file changed, 3 insertions(+) diff --git a/github/ipfs.yml b/github/ipfs.yml index 6a96d79..d6f7dc5 100644 --- a/github/ipfs.yml +++ b/github/ipfs.yml @@ -8203,6 +8203,9 @@ repositories: - web3-bot default_branch: main description: Checks which public gateways are online or not + files: + .github/workflows/stale.yml: + content: .github/workflows/stale.yml has_discussions: false merge_commit_message: PR_TITLE merge_commit_title: MERGE_MESSAGE From d085d340d946baff097c97b1419c484eef46d9ea Mon Sep 17 00:00:00 2001 From: Steve Loeppky Date: Thu, 15 Feb 2024 14:37:10 -0800 Subject: [PATCH 07/11] Update github/ipfs.yml Co-authored-by: Oli Evans --- github/ipfs.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/github/ipfs.yml b/github/ipfs.yml index d6f7dc5..e59e6c1 100644 --- a/github/ipfs.yml +++ b/github/ipfs.yml @@ -5,7 +5,7 @@ members: # https://docs.github.com/en/organizations/managing-peoples-access-to-your-organization-with-roles/roles-in-an-organization#permissions-for-organization-rolesare # These permissions are very broad, and thus, the list of people is intentionally minimal. # Permissions are distributed across 3-4 separate organizations. - # One can request additional permissions for specific repos using ipld/github-mgmt. + # One can request additional permissions for specific repos using ipfs/github-mgmt. admin: - andyschwab-admin - aschmahmann From 3ae7fc16c1e6915d578aef21ae2927dbcac9a2ae Mon Sep 17 00:00:00 2001 From: Steve Loeppky Date: Thu, 15 Feb 2024 17:43:47 -0800 Subject: [PATCH 08/11] Further reduce github org owners --- github/ipfs.yml | 66 +++++++++++++++++++++++++++++++++++++++---------- 1 file changed, 53 insertions(+), 13 deletions(-) diff --git a/github/ipfs.yml b/github/ipfs.yml index e59e6c1..ca78e6b 100644 --- a/github/ipfs.yml +++ b/github/ipfs.yml @@ -1,20 +1,36 @@ # yaml-language-server: $schema=.schema.json +# This org leans hard into managing github permissions and settings with ipfs/github-mgmt. +# One can request additional permissions for specific repos using ipfs/github-mgmt. members: # Admin permissions map to "org owner" permissions listed in # https://docs.github.com/en/organizations/managing-peoples-access-to-your-organization-with-roles/roles-in-an-organization#permissions-for-organization-rolesare - # These permissions are very broad, and thus, the list of people is intentionally minimal. - # Permissions are distributed across 3-4 separate organizations. - # One can request additional permissions for specific repos using ipfs/github-mgmt. + # These permissions are very broad, and thus, the list of people is intentionally minimal. + # Day-to-day administrating is done by those in the "github-mgmt Stewards" team (see team below). + # "github-mgmt Stewards" team can still escalate into org owner permissions if/when needed. + # This minimal owner set plus supporting rationale was documened and discussed in https://github.com/ipfs/ipfs/issues/511. admin: + # Why @andyschwab-admin? + # 1. leader of [Sodal](https://sodal.io/) + # 2. has close access to [sead](https://www.sead.ai/), which is charged with sysadmin for critical systems within the wider Protocol Labs Network + # 3. general long-standing sysadmin for these organizations with his past roles at PL Inc + # 4. This isn't andyschwab's day-to-day GitHub account - andyschwab-admin + # Why @galargh? + # 1. co-founder of [IPDX](https://ipdx.co), and IPDX is contracted to look after GitHub for this organization. + # 2. Multiple years of experience managing GitHub organizations of open source projects, including this org. + - galargh + # Why @vesahc? + # 1. THIS IS TEMPORARY: please remove by 2024-03-31 if not sooner. + # Escalation of permissions needed while moving Fleek accounts for various ipfs repos: + # https://github.com/ipfs/github-mgmt/pull/189#issuecomment-1939238972 + # 2. @veshac also has history and ties with sysadmining with PL Inc and some of the projects that have spun out (Sodal, Sead). + - vesahc + member: - aschmahmann - autonome - - galargh - lidel - Stebalien - - vesahc - member: - 1015bit - 2color - Aaron1011 @@ -8943,22 +8959,46 @@ teams: - magik6k privacy: closed github-mgmt stewards: - # NOTE: created to capture users with push+ access to github-mgmt repository - # using a team instead of direct collaborators because we want to reference it in the CODEOWNERS file - description: Users that are effectively org admins + # Notes: + # 1. These members have push+ access to the github-mgmt repository (in addition to the ipdx team and the org owners listed in "members.admin" above). + # 2. This team also has the org-level "moderator" and "security manager" role. + # This is configured through the GitHub UI, not in GitHub management. + # (Org-level role documentation: https://docs.github.com/en/organizations/managing-peoples-access-to-your-organization-with-roles/roles-in-an-organization) + # 3. Having a team instead of direct collaborators on the github-mgmt repository also enables easy reference in the github-mgmt CODEOWNERS file. + # 4. Leaning on "github-mgmt stewards" for day-to-day admin over true org owners was done + # as part of the effort to reduce org owners in https://github.com/ipfs/ipfs/issues/511 + description: Users that are effectively org owners/admins members: # WARN: membership here should be treated as cautiously as having an "org owner" role, # since one can escalate their privileges accordingly. # ATTN: members are expected to: # - be familiar with GitHub Management # - be ready to triage/review org configuration change request in github-mgmt - # Intentionally don't have any "maintainers" so that additional membership is done through github-mgmt rather than the GitHub UI. - # That said, since most of these people are also "org owners" ("members.admin" above), - # they can still make changes in the UI. + # INFO: Intentionally don't have any "maintainers" so that additional membership is done through github-mgmt rather than the GitHub UI. + # INFO: There are others who could certainly qualify to be members of this team. + # There is a balance to be had to ensure there are enough knowledgeable people available to support the needs/requests of the github org, + # and reducing risk by not having too many with the escalation path that this role affords. member: - - achingbrain + # Why @aschmahmann? + # 1. Long-time and still very active contributor to important repos like kubo and specs + # 2. Director of IP Shipyard, which is an organization receiving significant grant funding for IPFS development and maintenance. + # 3. Leader of multiple public IPFS working groups (dapps, implementers) - aschmahmann + # Why @lidel? + # 1. ipfs specs champion, past and present + # 2. Key technical leader on IP Shipyard + # 3. Owner of IPFS implementers working group, active in others (browsers, ecosystem, dapps). - lidel + # Why @mishmosh? + # 1. Director of the being-stood-up-in-2024 IPFS Foundation + - mishmosh + # Why @stebalien? + # 1. Not involved in the IPFS day-to-day currently, but has a lot of historical knowledge. Provides an informed outside perspective. + # 2. Familiar with github-mgmt responsibilities in other orgs. + - stebalien + # Why @willscott? + # 1. Active maintainer in and around IPFS projects for multiple years now. + # 2. Active and experienced with github-mgmt in other organizations (e.g., ipld). - willscott privacy: closed Go Core Team: From aae46cb3e06b535f741fab1ede82f906942d7e65 Mon Sep 17 00:00:00 2001 From: BigLep Date: Fri, 16 Feb 2024 01:44:46 +0000 Subject: [PATCH 09/11] fix@7924838401 [skip fix] --- github/ipfs.yml | 8 ++++---- 1 file changed, 4 insertions(+), 4 deletions(-) diff --git a/github/ipfs.yml b/github/ipfs.yml index ca78e6b..8d4e1bb 100644 --- a/github/ipfs.yml +++ b/github/ipfs.yml @@ -27,10 +27,6 @@ members: # 2. @veshac also has history and ties with sysadmining with PL Inc and some of the projects that have spun out (Sodal, Sead). - vesahc member: - - aschmahmann - - autonome - - lidel - - Stebalien - 1015bit - 2color - Aaron1011 @@ -59,7 +55,9 @@ members: - arajasek - arcalinea - arsstone + - aschmahmann - AuHau + - autonome - avras - b5 - balupton @@ -166,6 +164,7 @@ members: - kylehuntsman - laurentsenta - leshokunin + - lidel - listenaddress - litzenberger - locotorp @@ -224,6 +223,7 @@ members: - ShishKabab - SidHarder - smihaylov + - Stebalien - stefanhans - steven004 - stongo From 1729730c368634d6cec92bf5f30a7e6b364240aa Mon Sep 17 00:00:00 2001 From: Steve Loeppky Date: Thu, 15 Feb 2024 17:48:58 -0800 Subject: [PATCH 10/11] fix typo --- github/ipfs.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/github/ipfs.yml b/github/ipfs.yml index 8d4e1bb..83ec274 100644 --- a/github/ipfs.yml +++ b/github/ipfs.yml @@ -8,7 +8,7 @@ members: # These permissions are very broad, and thus, the list of people is intentionally minimal. # Day-to-day administrating is done by those in the "github-mgmt Stewards" team (see team below). # "github-mgmt Stewards" team can still escalate into org owner permissions if/when needed. - # This minimal owner set plus supporting rationale was documened and discussed in https://github.com/ipfs/ipfs/issues/511. + # This minimal owner set plus supporting rationale was documented and discussed in https://github.com/ipfs/ipfs/issues/511. admin: # Why @andyschwab-admin? # 1. leader of [Sodal](https://sodal.io/) From 07e8ba64e7ade3108776e2442dfb87e8020eb63b Mon Sep 17 00:00:00 2001 From: Steve Loeppky Date: Thu, 15 Feb 2024 20:50:51 -0800 Subject: [PATCH 11/11] Update ipfs.yml --- github/ipfs.yml | 2 -- 1 file changed, 2 deletions(-) diff --git a/github/ipfs.yml b/github/ipfs.yml index 83ec274..93bae8d 100644 --- a/github/ipfs.yml +++ b/github/ipfs.yml @@ -1,7 +1,5 @@ # yaml-language-server: $schema=.schema.json -# This org leans hard into managing github permissions and settings with ipfs/github-mgmt. -# One can request additional permissions for specific repos using ipfs/github-mgmt. members: # Admin permissions map to "org owner" permissions listed in # https://docs.github.com/en/organizations/managing-peoples-access-to-your-organization-with-roles/roles-in-an-organization#permissions-for-organization-rolesare