Giters

CycloneDX / cyclonedx-property-taxonomy

A taxonomy of all official CycloneDX property namespaces and names

Home Page:https://cyclonedx.github.io/cyclonedx-property-taxonomy/

Geek Repo:Geek Repo

Github PK Tool:Github PK Tool

[CHORE] Use CODEOWNERS to delegate namespace authority

coderpatros opened this issue · comments

commented

@jkowalleck, hoping I can get your advice on this one.

For example, PRs for the gomod namespace should go to Go Maintainers team for review and merging.

Is that possible while limiting access to other areas of this repo?

And, to make it easier to define, should the existing file cdx/gomod.md be moved to a sub-directory? i.e. all Go related files go under the cdx/go directory or something like that?

commented

@coderpatros

Is that possible while limiting access to other areas of this repo?

yes

And, to make it easier to define, should the existing file cdx/gomod.md be moved to a sub-directory? i.e. all Go related files go under the cdx/go directory or something like that?

no idea. we could see how the repo evolves and adapt in the future.

hoping I can get your advice on this one.

i thins a CODEOWNERS file for this repo could look like this:

## see the docs: https://docs.github.com/en/repositories/managing-your-repositorys-settings-and-features/customizing-your-repository/about-code-owners
## see the teams: https://github.com/orgs/CycloneDX/teams

*               @CycloneDX/core-team
/cdx/gomod.md   @CycloneDX/core-team @CycloneDX/go-maintainers
/cdx/go/        @CycloneDX/core-team @CycloneDX/go-maintainers

PS: github requires the codeowners to have certain permissions. jsut drop in a CODEOWNERS file in the repo and view it in the master branch - github will then tell which permissions need to be granted, to make it work

commented

@coderpatros the pullrequest #50 suggests, that the code owners need write access to this repository.
This is shown on the pull request:

This CODEOWNERS file contains errors

 CODEOWNERS errors

    Unknown owner on line 11: make sure the team @CycloneDX/go-maintainers exists, is publicly visible, and has write access to the repository

    /cdx/gomod.md  @CycloneDX/go-maintainers @CycloneDX/core-team

    Unknown owner on line 13: make sure the team @CycloneDX/javascript-maintainers exists, is publicly visible, and has write access to the repository

    /cdx/npm.md  @CycloneDX/javascript-maintainers @CycloneDX/core-team

    Unknown owner on line 15: make sure the team @CycloneDX/php-maintainers exists, is publicly visible, and has write access to the repository

    /cdx/composer.md  @CycloneDX/php-maintainers @CycloneDX/core-team

    Unknown owner on line 17: make sure the team @CycloneDX/python-maintainers exists, is publicly visible, and has write access to the repository

    /cdx/pipenv.md  @CycloneDX/python-maintainers @CycloneDX/core-team

    Unknown owner on line 18: make sure the team @CycloneDX/python-maintainers exists, is publicly visible, and has write access to the repository

    /cdx/poetry.md  @CycloneDX/python-maintainers @CycloneDX/core-team
commented

to fully close this, the repo permissions need to be adjusted:
#1 (comment)