[tc] Assuming control of GitHub organizations

James E. Blair corvus at inaugust.com
Fri Jun 28 14:49:10 UTC 2019

Thierry Carrez <thierry at openstack.org> writes:

> James E. Blair wrote:
>> Especially if the folks who manage this are also folks who work on these
>> repos, we're one "git push" away from having egg on our collective face.
>> If the folks managing the GitHub presence are also developers, I would
>> encourage the use of a shared or secondary account.
> That is a fair point that I had not considered.
> That said, wouldn't the risk be relatively limited if the "admins"
> never checkout or clone from GitHub itself ?

Yes, the biggest risk is if one of the admins is a regular user of
GitHub.  If they don't have their own GitHub-forks of the OpenStack
repos, and they only ever clone their local copies from OpenDev (or,
they are not developers at all), then I think the risk of accidents on a
personal account is fairly low.


More information about the openstack-discuss mailing list