Page MenuHomePhabricator
Create Task
Maniphest T264159

Revisit list of owners of the GitHub wikimedia organization
Open, Needs TriagePublic
Actions

Description

The GitHub wikimedia organization (https://github.com/wikimedia) has 56 owners and 2 bots having owner role. The owner role grants full privileges to the whole organization such as deleting any repository, access to all private repositories, change billing etc.

Some owners are not employees nor contractors to the Wikimedia Foundation. Some are from external entities such as Wikimedia Deutschland. There is at least two volunteers (great) I believe both having NDA.

The purpose of this task is:

The complete list of account https://github.com/orgs/wikimedia/people?query=role%3Aowner

Numbers from a previous audit: T245526: Audit @wikimedia GitHub org access (2020)

Related Objects

Event Timeline

hashar created this task.Sep 30 2020, 7:53 AM
Restricted Application added a subscriber: Aklapper. · View Herald TranscriptSep 30 2020, 7:53 AM
hashar added a comment.Sep 30 2020, 7:55 AM

The topic came after a private conversion with @JoeWalsh regarding who has access to GitHub private repositories. Individual with the owner role have access to all private repositories and the list is rather large. Hence this task intending to shrink the list of owners.

Peachey88 subscribed.EditedSep 30 2020, 8:36 AM

The 2020 user audit by the Security-Team is/was T245526: Audit @wikimedia GitHub org access (2020)

hashar updated the task description. (Show Details)Sep 30 2020, 2:12 PM
MarcoAurelio subscribed.Sep 30 2020, 5:47 PM
Peachey88 moved this task from Backlog to config on the Wikimedia-GitHub board.Nov 22 2020, 4:41 AM
Krenair subscribed.Nov 22 2020, 4:42 AM
Krinkle updated the task description. (Show Details)Nov 30 2020, 5:43 PM
Krinkle subscribed.EditedNov 30 2020, 6:07 PM

Some changes I made since the last audit, mostly relating to staff leaving or recent hires added without a team associated:

  • chelsyx from member to outside collaborator, currently no teams or repos associated.
  • kaldari from owner to member, remains on specific repos.
  • jayvdb from owner to member, added to Pywikibot.
  • nosmo from owner to member, added to PET/CPT/Services.
  • sharvaniharan from owner to member, added to mobile.
  • tobijat from owner to member, added to wikidata.

I don't know who should approve new owner additions, but for now I'll assume new members don't need ownership and I defer to @thcipriani and @greg for deciding and approving otherwise.

Content licensed under Creative Commons Attribution-ShareAlike (CC BY-SA) 4.0 unless otherwise noted; code licensed under GNU General Public License (GPL) 2.0 or later and other open source licenses. By using this site, you agree to the Terms of Use, Privacy Policy, and Code of Conduct. · Wikimedia Foundation · Privacy Policy · Code of Conduct · Terms of Use · Disclaimer · CC-BY-SA · GPL