Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Email cleanup tracking #182

Open
2 of 12 tasks
Trott opened this issue Feb 23, 2022 · 6 comments
Open
2 of 12 tasks

Email cleanup tracking #182

Trott opened this issue Feb 23, 2022 · 6 comments

Comments

@Trott
Copy link
Member

Trott commented Feb 23, 2022

  • Audit admin/accounts/build email addresses
  • The ci email address goes solely to @joaocgreis. It would be good to find out what it's for, whether it gets any email, and who else might be added to it.
  • Audit ci-alert email address
  • The build-security address has @mmarchini and two other people who are (AFAIK) not active (@maclover7 and @gibfahn). It would be good to find out what it's for, whether it gets any email, and who else might be added to it.
  • The security-ecosystem address goes to HackerOne. I don't believe it is taking any more reports. We should probably remove that email address? Or set up an auto-reply? Or maybe HackerOne sends a decent auto-reply?
  • The user-feedback email address is likely unused?
  • Are we still doing CrowdIn and the nodejs-crowdin email address? If so, are @zeke and @obensource still the right people for that email address? Are there others?
  • Audit i18n similar to nodejs-crowdin .
  • Audit github-bot. It's mostly inactive people. Is the email address used?
  • The node-slack-bot address goes to one (inactive?) person (@gdams). Does it get any email? Would it make sense to add some other folks?
  • The website-redesign email doesn't seem to have the current and active website-redesign people? Is that email even necessary? Seems like the GitHub team is sufficient.
  • Audit zoom-nodejs. (Seems like a somewhat weird mix of people. Who is on there and why? What is the purpose of the email address?)

Originally posted by @Trott in #181 (comment)

@richardlau
Copy link
Member

richardlau commented Feb 23, 2022

  • The ci email address goes solely to @joaocgreis. It would be good to find out what it's for, whether it gets any email, and who else might be added to it.

It's linked to https://github.com/nodejs-ci and is used by our Jenkins CI to authenticate to GitHub, including accessing the private repos. It got one mail when I invited it to the private libuv org/repo in May last year (Joao followed up with me).

For completeness, the build email is linked to https://github.com/node-forward-build. I don't have the history as to why we have two GitHub accounts associated with the build WG. Details for both of the accounts are in the build secrets repo under build/infra.

@mhdawson
Copy link
Member

I believe we can also remove crypto-report

@mhdawson
Copy link
Member

Audit zoom-nodejs. (Seems like a somewhat weird mix of people. Who is on there and why? What is the purpose of the email address?)

Anybody who hosts zoom calls using the Node.js account should be on this list. Needed to get authentication tokens that are sometimes needed.

@UlisesGascon
Copy link
Member

The security-ecosystem address goes to HackerOne. I don't believe it is taking any more reports. We should probably remove that email address? Or set up an auto-reply? Or maybe HackerOne sends a decent auto-reply?

Are we clear on this, @RafaelGSS ? Should we include it to the next meeting?

@RafaelGSS
Copy link
Member

Yes, we should probably remove that email address.

@mmarchini
Copy link
Contributor

The build-security address has @mmarchini and two other people who are (AFAIK) not active (@maclover7 and @gibfahn). It would be good to find out what it's for, whether it gets any email, and who else might be added to it.

No idea what that was for, didn't know it existed. Also seems like it was removed so you can check that as done: e8e43b2

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Labels
None yet
Projects
None yet
Development

No branches or pull requests

6 participants