Pietro Albini
Pietro Albini
> For @rust-bus I would love to have ability to add a co-owner of a crate who does not have permission to kick out other owners. This is how crates-io...
@lu-zero @joshtriplett sounds good, changed the text to split `publish` in `publish-new` and `publish-existing`.
@kornelski > For CI publishing, adding limits to tokens reduces damage they can do, but I still don't feel safe about using them in CI, because scopes doesn't do anything...
> It seems like the main use case is defining low-privilege tokens for use in CI. It seems like those tokens will only want "publish-update." Can the proposal be simplified...
> [*jsha's proposal to use GitHub teams for crate scopes*](https://github.com/rust-lang/rfcs/pull/2947#issuecomment-660702197) That's an interesting proposal! I still kinda prefer some kind of pattern, but I feel like using teams *could* work....
> I don't think this would lock us into GitHub any more than the current Teams feature does. For users that need this particular feature (tokens restricted to a set...
Note: I'm currently really busy with other stuff, I hope to address all feedback in the coming weeks.
Ok, I believe I addressed all the feedback: * Fixed an error with the regex (@8573) * Added an explicit `legacy` scope that grants access to all the endpoints except...
> One more question about governance: The current draft says: "The library team and/or moderation team will designate a Responsible Party." I think if the crates.io team reviews their work...
Downgrading the `python-debian` dependency to 0.1.40 instead of 0.1.42 seems to fix the issue.