Extend basic privileges of the PyPA GitHub org members to `Triage`


Even though I have commit/admin privileges on one project under PyPA, I often find myself participating in various review activities in other repositories under the GitHub orgs.

Sometimes after some initial discussion/reviews there’s a need to request a review from the maintainers of that specific project to help contributors move their PRs forward.

One workaround would be to tag those maintainers in comments. But this may flood PR subscribers with unnecessary notifications. If I only want to notify specific folks/teams I’d like to use a review feature instead.

The current privilege setting is “Read”, I suggest switching it to “Triage” (see: https://docs.github.com/en/free-pro-team@latest/github/setting-up-and-managing-organizations-and-teams/repository-permission-levels-for-an-organization#repository-access-for-each-permission-level)

This will basically allow any PyPA org member to have a little bit more non-destructive access to other projects under the PyPA umbrella.

One of the most annoying places where I cannot request reviews is pypa/packaging.python.org which is technically a common maintainership project but only several people can perform these simple tasks there…


Makes sense to me. We have a “Gardeners” team already (https://github.com/orgs/pypa/teams/gardeners) but it’s not widely used. If we can just set this across all PyPA org members instead, I don’t see why not.

1 Like

I never realized what was its purpose, FWIW looks like only @sumanah is on that team.

Without thinking about whatever the PEP 609 world means, I’m on board for this too!

1 Like

Very good idea as this should help dealing with fresh issues and PRs, and lower the load on cores.

@dustin it doesn’t look like we’ll get any extra opinions here. Sounds like a PEP 609 vote needs to be initiated, right?

I don’t think this requires a vote, as it doesn’t fall under anything listed at https://www.python.org/dev/peps/pep-0609/#pypa-committer-votes. I think it just makes sense and we should just do it.


Alright, so I guess you could go ahead and implement this. I think this still may require announcing the change on the ML so that folks won’t be caught by surprise.

Looks like it’s not possible to set “Triage” or “Maintain” as a base permission:

Oh, is PyPA on a legacy tariff plan by any chance?

I’ve checked a few of my orgs and none of them seems to allow using Triage as a base privilege…

@dustin I’ve given this some thought and here’s what I propose:

  1. Add info about Gardeners to https://www.pypa.io/en/latest/members/ so that it’s better discoverable.
  2. We could automate adding all org members to Gardeners so that everybody has access. I’ve attempted searching an existing GitHub App but I can’t seem to find any, though. So unless somebody can find prior art, I’d be up to writing a simple GitHub App for this case: I’m pretty sure it’ll fit in about 50 LOC.

@pradyunsg @dustin WDYT about this idea?

I think what might have a lower maintenance requirement is just creating an “PyPA org member onboarding checklist” that includes adding the given person to Gardeners as well as adding their email to pypa-committers@.

It happens infrequently enough that I don’t think it needs to be automated in some way.


Well, my offer still stands if we’ll need that in the future. I was talking to @pradyunsg some time ago and another thing we identified that sometimes people are given access to PyPA while still not having a good understanding of what’s going on or what the structure/processes are. This means that another activity that needs to be done when adding people is linking pypa.io and maybe something extra. I’m pretty sure there’s more things that usually should happen but get forgotten. So it could be in fact useful to have some automation that attempts to remind about such a checklist that would also be documented “as a code” style. The app could be sending out some common links, pointers to places for conversation, and maybe encouraging people to post intros.

Back to the main reason, I started this topic: could you please add me to the gardeners team?

Given that I just did some cleanup of the PyPA org membership and also set 2FA to required for all members, I think it’s reasonable to just add all members to a “Gardeners” team. I’ll do this in ~24 hours unless anyone is opposed.


This is a little more time-consuming than I anticipated because each team member needs to be invited individually. Instead of doing that, I’ve just invited you @webknjaz, and am happy to add any other PyPA member upon request.