Comments (19)
legendecas
commented on July 23, 2024
1
I believe the pypi account can follow the npm account ownership.
from admin.
legendecas
commented on July 23, 2024
1
Account created and saved in 1password.
from admin.
targos
commented on July 23, 2024
1
I rotated the npm credentials and saved them in 1Password too.
from admin.
targos
commented on July 23, 2024
1
Secrets repo updated.
from admin.
benjamingr
commented on July 23, 2024
SGTM
from admin.
MoLow
commented on July 23, 2024
+1. there is also this package that can benefit from such an account: nodejs/tap2junit#56
from admin.
targos
commented on July 23, 2024
Should this be owned by the build WG or the TSC?
from admin.
legendecas
commented on July 23, 2024
Is https://www.npmjs.com/~nodejs-foundation owned by the build WG or the TSC?
from admin.
targos
commented on July 23, 2024
Build WG
from admin.
targos
commented on July 23, 2024
@nodejs/build wdyt?
from admin.
richardlau
commented on July 23, 2024
I think the question is, who needs access to it?
The original reasons that the Build WG owns the npm account was as an emergency access in the event that people become inactive/leave the project (so we could manage who could publish modules). Initially we did not actively use the account (i.e. individuals published the modules under their own accounts). Over time that changed and I think we now publish modules under that account via GitHub Actions. Possibly another reason might be the TSC at the time didn't have a solution for storing secrets (there's a 1Password account now, I believe), i.e. the account's log in details (I may be misremembering this one).
from admin.
mhdawson
commented on July 23, 2024
+1 from me. I think using 1password might make the most sense unless this is somehow related to build/infra
from admin.
targos
commented on July 23, 2024
+1 on 1password + moving the npm credentials there too
from admin.
legendecas
commented on July 23, 2024
I have submitted request to create a orgnanization named nodejs on pypi.org. Still waiting for response.
from admin.
abmusse
commented on July 23, 2024
+1 on using 1 password to manage credentials
from admin.
richardlau
commented on July 23, 2024
I rotated the npm credentials and saved them in 1Password too.
@targos could you update build/test/test_logins.md in the secrets repo, which previously recorded the account name, password and 2fa recovery codes? I don't mind if we move that to 1Password, but we currently document
Lines 37 to 38 in a2d01cf
from admin.
targos
commented on July 23, 2024
Ok but can I move them to infra level? IMO this doesn't belong to test
from admin.
richardlau
commented on July 23, 2024
Ok but can I move them to infra level? IMO this doesn't belong to test
SGTM
from admin.
mhdawson
commented on July 23, 2024
+1 to moving to infra or storing all the info in 1 password. We need the recovery info.
from admin.
Related Issues (20)
- Archive https://github.com/nodejs/js-native-api-test HOT 8
- Archive https://github.com/nodejs/ci-config-github-actions HOT 4
- Creation of an official Discord server for the Node.js project HOT 57
- Node.js Bug Tracker Project HOT 8
- Better process for communicating feedback to members by the TSC HOT 3
- Non-violent communication / strategic workplace conflict resolution training for the TSC and moderation team HOT 9
- Redirect `nodejs.github.io` to `nodejs.org` HOT 7
- New labels for `nodejs/help`
- Create repository nodejs/ambassadors HOT 3
- The Future of nodejs/examples? HOT 18
- Creating a new nodejs/nbytes repo HOT 5
- Temporay admin access for @bensternthal HOT 3
- Give Triagers More Control Over Issues HOT 2
- Transfer elastic/require-in-the-middle to the org HOT 8
- Enable GitHub fine-grained personal access tokens HOT 2
- @nodejs team permissions HOT 13
- Transfer amaro to the org HOT 5
- Remove coverage-admins team? HOT 2
- Remove dtrace-mdb team? HOT 2
- Remove the social-media-delegates team HOT 2
Recommend Projects
-
React
A declarative, efficient, and flexible JavaScript library for building user interfaces.
-
Vue.js
🖖 Vue.js is a progressive, incrementally-adoptable JavaScript framework for building UI on the web.
-
Typescript
TypeScript is a superset of JavaScript that compiles to clean JavaScript output.
-
TensorFlow
An Open Source Machine Learning Framework for Everyone
-
Django
The Web framework for perfectionists with deadlines.
-
Laravel
A PHP framework for web artisans
-
D3
Bring data to life with SVG, Canvas and HTML. 📊📈🎉
-
Recommend Topics
-
javascript
JavaScript (JS) is a lightweight interpreted programming language with first-class functions.
-
web
Some thing interesting about web. New door for the world.
-
server
A server is a program made to process requests and deliver data to clients.
-
Machine learning
Machine learning is a way of modeling and interpreting data that allows a piece of software to respond intelligently.
-
Visualization
Some thing interesting about visualization, use data art
-
Game
Some thing interesting about game, make everyone happy.
Recommend Org
-
Facebook
We are working to build community through open source technology. NB: members must have two-factor auth.
-
Microsoft
Open source projects and samples from Microsoft.
-
Google
Google ❤️ Open Source for everyone.
-
Alibaba
Alibaba Open Source for everyone
-
D3
Data-Driven Documents codes.
-
Tencent
China tencent open source team.
from admin.