The title came from a comment from one of the maintainers of the WiX Toolset. I called the initial missteps a "maintainer kerfuffle" and he responded, "As long as it doesn't turn into a brouhaha".
Now that I think about it, I didn't write the blog post for the uninitiated. If you didn't understand what was going on, that was fine, it was content for you.
I don't know how I ended up here on Hacker News. :)
I think it is well established by now that this .NET Foundation is ultimately answerable to Microsoft. Also, Claire - who started the "kerfuffle" - is a Microsoft employee.
Given how especially Scott always has a big opinion about how great OSS is and how much Microsoft loves OSS, and given how it was ultimate MS employees that were responsible for creating this current distrust, I think it would be very appropriate for them to voice their opinion about this.
And, who knows, maybe they are doing something behind closed doors. But I very much doubt they'll embarrass their employer by speaking up in public. They know who pays their salary and are much to good at corporate politics to do that.
I might agree with parts of what you are saying but when the channel to communicate back to the "powers that be" is broken and you face (what feels like) an existential threat, the public forum is an enticing, sometimes effective but very messy option.
Something is really wrong right now that's why they might be meeting every day.
Your experience with the Eclipse Foundation is very different from how the .NET Foundation has interacted. On top of that, communication has been very poor for a long time. I believe those two differences are at or near the root of all of these issues.
I realize it's weird to argue against you, because you wrote the article and are the one affected by this.
But, i disagree. Even if it were an entirely different company. The fact that GitHub didn't send an e-mail and that repos can be hijacked like that, is in itself something GitHub needs to address. And thus at the very least, GitHub needs to be dragged in.
Meh. Other people here have pointed out it sends email to the people in the GitHub Enterprise. So, they probably missed a place to add auditing.
To that point, I've had GitHub people tell me they never imagined the feature I used to get out of GitHub Enterprise to be used that way. I got lots of emails (since I owned the target organization) but maybe the GitHub Enterprise did not?
The email would be nicer, but what's the solution exactly? The admin of one project moved it somewhere else - how do you restrict that, if the admin has total control over a project?
Are there improvements that could be done to allow these bots to perform with less rights? That would be something maybe github could tackle but it's not the worst thing about this problem.
> how do you restrict that, if the admin has total control over a project?
This isn't a new problem, how do you prevent a rougue admin from kicking all other admins and taking over. The simplest and a pretty effective solution is to have another privilege level: Founder. Of which there can only be one, and admins can do everything, except strip the founder of their rights. (And/or transfer the repo, if the founder can't easily undo that.)
