Set Up Teams on GitHub

[ElDragonRojo]

We are currently adding everyone we want to have repository access to the Owners Team, but we might be better off using a different team for that purpose, and limiting the Owners Team to the literal owners, i.e. the board members.

Here's why: according to the Owners Team page itself:

Owners have full access to all repositories and have admin rights to the organization.

For many things, that's fine. That's what we intended. But we need to keep that in mind, and consider if granting some limited set of rights, and only on specific repositories, isn't a better strategy.

Owners can change billing info and cancel organization accounts.

This line is what tells me we should limit the Owners Team to literal owners, because this team touches the finances.

Maybe at this point worrying about permissions seems like overkill, but I think it's a good opportunity to learn to use these tools as provided, because they will make us better prepared for whatever happens in the future—and probably forestall problems against which they were designed.

[whakkee]

I agree, but if I click on that link, I get a 404 ;-)

[ElDragonRojo]

Interesting. Thanks for testing that. I had a feeling that would happen, because you're not on the Owner's Team.

[matteom]

Yes, I think that this should be handled by different teams. It prevents not only malice, but also human error.