Hacker News new | ask | show | jobs
by lawl 1712 days ago
I realize it's weird to argue against you, because you wrote the article and are the one affected by this.

But, i disagree. Even if it were an entirely different company. The fact that GitHub didn't send an e-mail and that repos can be hijacked like that, is in itself something GitHub needs to address. And thus at the very least, GitHub needs to be dragged in.
2 comments
robmen 1712 days ago
Meh. Other people here have pointed out it sends email to the people in the GitHub Enterprise. So, they probably missed a place to add auditing.

To that point, I've had GitHub people tell me they never imagined the feature I used to get out of GitHub Enterprise to be used that way. I got lots of emails (since I owned the target organization) but maybe the GitHub Enterprise did not?

link
pnt12 1712 days ago
The email would be nicer, but what's the solution exactly? The admin of one project moved it somewhere else - how do you restrict that, if the admin has total control over a project?

Are there improvements that could be done to allow these bots to perform with less rights? That would be something maybe github could tackle but it's not the worst thing about this problem.

link
lawl 1712 days ago
> how do you restrict that, if the admin has total control over a project?

This isn't a new problem, how do you prevent a rougue admin from kicking all other admins and taking over. The simplest and a pretty effective solution is to have another privilege level: Founder. Of which there can only be one, and admins can do everything, except strip the founder of their rights. (And/or transfer the repo, if the founder can't easily undo that.)

link
ethbr0 1712 days ago
Why not just require admin consensus for privileged actions?

E.g. removing other admins, or other permissions-related actions like the re-orging in question

If your problem case is "one rogue admin," having multiple admins and requiring consensus seems an easy fix.

link
robmen 1712 days ago
You should raise that feature request with GitHub. It's a good idea.
link
lmm 1710 days ago
> The admin of one project moved it somewhere else - how do you restrict that, if the admin has total control over a project?

Even an admin shouldn't be able to avoid other admins getting notified and seeing an audit log of what they've done.

link