Skip to content

Owner cleanup #112

Description

@schneems

Hello @jkakar, @geemus, @brandur, @djcp, @mathias, @schneems, @beanieboi. I hope this issue finds you well.

I'm reviewing owner access on the gem and wanting to tighten things up. You are the current RubyGems owners. While this repo was conceived at Heroku, and I think Heroku is probably the largest consumer, it's in a different org and is operated like an OSS project. I don't think someone HAS to work at heroku to contribute or own this, however, it's how I got my access, and mostly that's how it's been run.

I want to reduce the Rubygems owners to @mathias and me. If you want to get access back, you're all still in good standing. You can reach me via commenting below, but I'm also regularly drowning in a sea of GH emails/notifications, so I might not see it come in. Following up on my Mastodon https://ruby.social/@schneems is appreciated and will likely get the fastest response.

Thanks a ton for all your work over the years. This is purely a principle of least privilege (PoLP) strategy to reduce the number of tokens in the wild that have access to release this. I'm also taking other measures, such as requiring MFA for releases.

Metadata

Metadata

Assignees

No one assigned

    Labels

    No labels
    No labels

    Type

    No type

    Fields

    No fields configured for issues without a type.

    Projects

    No projects

    Milestone

    No milestone

    Relationships

    None yet

    Development

    No branches or pull requests

    Issue actions