From a4a08712ba1664210f2f69a7f425b66a50a07dff Mon Sep 17 00:00:00 2001 From: mary marchini Date: Mon, 14 Sep 2020 11:36:40 -0700 Subject: [PATCH] feat: reduce gthub app/secret requirements Seven days wait + 2 approvals from both committees is quite bureaucratic, and so is 72 hours fast-tracking for an already approved app/secret, Reducing the number of required approvals to one per committee as well as the wait time to 72 hours as well as reducing the fast-track time to 24 hours should allow collaborators to move forward with their work faster, and since it still require approval from committees it shouldn't have a negative impact on security concerns. --- GITHUB_ORG_MANAGEMENT_POLICY.md | 6 +++--- 1 file changed, 3 insertions(+), 3 deletions(-) diff --git a/GITHUB_ORG_MANAGEMENT_POLICY.md b/GITHUB_ORG_MANAGEMENT_POLICY.md index 16e4497f..06628a32 100644 --- a/GITHUB_ORG_MANAGEMENT_POLICY.md +++ b/GITHUB_ORG_MANAGEMENT_POLICY.md @@ -123,8 +123,8 @@ In order to request any of the above, open an issue in the A new request is required each time an application is enabled or a secret is added for a new repository even if it has been done before. -The request must be approved by at least two TSC and two CommComm members and -be open for a minimum of 7 days before landing. +The request must be approved by at least one TSC and one CommComm members and +be open for a minimum of 72 hours before landing. For GitHub Apps already used in the Org, or for secrets already used in other repositories in the Org, the request can be fast-tracked. To fast-track, add @@ -133,7 +133,7 @@ a) a link showing how the GitHub App or the secret being requested is already in use, and b) ask for approvals to fast-track the request. Two members of either TSC or CommComm must approve the fast track request. Fast-tracked requests only need one approval from either TSC or CommComm is required, and -the request must remain open for 72 hours. +the request must remain open for 24 hours. If any objection is made, the request may be moved to a vote in each of the Technical Steering and Community Committees. If either the TSC or CommComm