killerbees commented on issue #305: URL: https://github.com/apache/tooling-trusted-releases/issues/305#issuecomment-3528815400
Hi, from Infra perspective I don't think that this covers all the uses cases, it covers the one where we assume the actor is well-intentioned, but not where this may be false. Instead I'd like to propose that we have a two-keys feature for irreversable, or reputationally damaging actions, such as pushing things to Maven Central. There are parallels for this that fit nicely with our community practices. One example is temporary elevated permissions, where any member of a trusted group (PMC) can temporarily elevate any other member's permission so that they can complete a specific gated task, another would be where a Release Manager asks any single PMC member to approve an action. In any case I think this would be a neat feature to mitigate potential supply chain issues. -- This is an automated message from the Apache Git Service. To respond to the message, please log on to GitHub and use the URL above to go to the specific comment. To unsubscribe, e-mail: [email protected] For queries about this service, please contact Infrastructure at: [email protected] --------------------------------------------------------------------- To unsubscribe, e-mail: [email protected] For additional commands, e-mail: [email protected]
