+100 Please!
On Fri, Dec 21, 2018 at 4:34 PM Philippe Mouawad <philippe.moua...@gmail.com> wrote: > Hello, > > +1 for this requirement. > > It should be at minimum possible for a committer to: > > - Close PRs that are not merged > - Add tags > - See traffic on project > - Manage community profile > - Edit release notes > - Possibly administer issues > > > Thanks > > On Sat, Dec 15, 2018 at 2:14 PM Zoran Regvart <zo...@regvart.com> wrote: > > > I've filed an issue with INFRA, to get their view on this: > > > > https://issues.apache.org/jira/browse/INFRA-17449 > > > > zoran > > On Fri, Dec 14, 2018 at 7:41 PM Zoran Regvart <zo...@regvart.com> wrote: > > > > > > Hi all, > > > On Fri, Dec 14, 2018 at 6:45 PM Allen Wittenauer > > > <a...@effectivemachines.com.invalid> wrote: > > > > > On Dec 14, 2018, at 9:21 AM, Joan Touzet <woh...@apache.org> > wrote: > > > > > > > > > > Allen Wittenauer wrote: > > > > >> I think part of the basic problem here is that Github’s view of > > permissions is really awful. It is super super dumb that accounts have > to > > have admin-level privileges for repos to use the API to do some basic > > things that can otherwise be gleaned by just scraping the user-facing > > website. If anyone from Github is here, I’d love to have a chat. ;) > > > > > > > > > Putting my thinking cap on, I wonder if the workaround here > is > > to have a proxy for the REST API that forwards the ’safe’ calls but > > disallows others. Maybe one already exists? I totally get the security > and > > potentially legal ramifications of having accounts that can push. But it > > sure seems like this problem is solvable with a bit of elbow grease. > > > > > > Why can't we have a global username/password for `asfgit` with > > > personal access token that can be used? It seems to be used for GitHub > > > Pull request builder, so I'm guessing that there is already a blessed > > > personal access token in place there with acceptable GitHub OAuth > > > scopes. > > > > > > zoran > > > -- > > > Zoran Regvart > > > > > > > > -- > > Zoran Regvart > > > > > -- > Cordialement. > Philippe Mouawad. >
