<p></p>
<h2>On the recent inability to assign issues to team members</h2>
<h3>The problem</h3>
<p>An issue has cropped up several times recently in which I or other people have been unable to assign an issue to a given GitHub user ID. For example, see <a class="issue-link js-issue-link" data-error-text="Failed to load title" data-id="255026820" data-permission-text="Title is private" data-url="https://github.com/bisq-network/roles/issues/30" data-hovercard-type="issue" data-hovercard-url="/bisq-network/roles/issues/30/hovercard?comment_id=667965511&comment_type=issue_comment" href="https://github.com/bisq-network/roles/issues/30#issuecomment-667965511">#30 (comment)</a>. <a class="user-mention" data-hovercard-type="user" data-hovercard-url="/users/wiz/hovercard" data-octo-click="hovercard-link-click" data-octo-dimensions="link_type:self" href="https://github.com/wiz">@wiz</a> discovered that this was happening is because the would-be assignee did not have explicit read access to the repository in question.</p>
<h3>The cause</h3>
<p>This was a non-issue until recently when I changed the default repository permissions for the bisq-network GitHub org. When creating the bisq-network/security repository, we wanted to have it be fully private and invite-only, such that only members of the <a class="team-mention js-team-mention" data-error-text="Failed to load team members" data-id="3799613" data-permission-text="Team members are private" data-url="/orgs/bisq-network/teams/security/members" data-hovercard-type="team" data-hovercard-url="/orgs/bisq-network/teams/security/hovercard" href="https://github.com/orgs/bisq-network/teams/security">@bisq-network/security</a> team could see and interact with it. The only way to achieve this was to switch the default repository access for organization members from 'read' to 'none'. This worked well for the purpose, but had the side effect of making it impossible to assign issues to anyone that does not have explicit read access to the repository. This is a bummer.</p>
<h3>The 'solution' that doesn't really work</h3>
<p>All organization members are (or should be) added to the <a class="team-mention js-team-mention" data-error-text="Failed to load team members" data-id="3611645" data-permission-text="Team members are private" data-url="/orgs/bisq-network/teams/dao/members" data-hovercard-type="team" data-hovercard-url="/orgs/bisq-network/teams/dao/hovercard" href="https://github.com/orgs/bisq-network/teams/dao">@bisq-network/dao</a> team via one or more specific sub-teams. This means that technically, we could assign read access to all repositories (except security) to the <a class="team-mention js-team-mention" data-error-text="Failed to load team members" data-id="3611645" data-permission-text="Team members are private" data-url="/orgs/bisq-network/teams/dao/members" data-hovercard-type="team" data-hovercard-url="/orgs/bisq-network/teams/dao/hovercard" href="https://github.com/orgs/bisq-network/teams/dao">@bisq-network/dao</a> team, and all members would once again be able to be assigned to any issue in any repository. Unfortunately, we have a lot of repositories, and GitHub's UI doesn't allow for doing this kind of thing in bulk, so, I've taken a 'best efforts' approach for now, see below.</p>
<h3>The current, imperfect solution</h3>
<p>For now, I've just assigned the <a class="team-mention js-team-mention" data-error-text="Failed to load team members" data-id="3611645" data-permission-text="Team members are private" data-url="/orgs/bisq-network/teams/dao/members" data-hovercard-type="team" data-hovercard-url="/orgs/bisq-network/teams/dao/hovercard" href="https://github.com/orgs/bisq-network/teams/dao">@bisq-network/dao</a> team read access to the ops, proposals and roles repositories, as these are the ones that (IIRC) had issues lately. If any further repositories need the same treatment, just request that your friendly GitHub Admin to do so. It's probably only a small minority of our total set of repositories where this problem will manifest in practice, so this shouldn't be too much hassle over time.</p>
<h3>An idea how to eliminate this problem altogether</h3>
<p>Thus far, the security repository hasn't seen much action (there's just one issue open there at present), and it seems like overkill to have to deal with everything I wrote above just to keep that repository private. One alternative would be to create a bisq-security repository outside of the bisq-network organization, and invite the members of the <a class="team-mention js-team-mention" data-error-text="Failed to load team members" data-id="3799613" data-permission-text="Team members are private" data-url="/orgs/bisq-network/teams/security/members" data-hovercard-type="team" data-hovercard-url="/orgs/bisq-network/teams/security/hovercard" href="https://github.com/orgs/bisq-network/teams/security">@bisq-network/security</a> team to it individually. That localizes the 'hassle' to the team that needs and cares about the repository, instead of externalizing it on potentially everyone else in the org, as is the status quo.</p>

<p style="font-size:small;-webkit-text-size-adjust:none;color:#666;">—<br />You are receiving this because you are subscribed to this thread.<br />Reply to this email directly, <a href="https://github.com/bisq-network/roles/issues/16#issuecomment-671527142">view it on GitHub</a>, or <a href="https://github.com/notifications/unsubscribe-auth/AJFFTNTSLXEAJH2LQU2PORTSAA6V3ANCNFSM4DZPNCKA">unsubscribe</a>.<img src="https://github.com/notifications/beacon/AJFFTNUWGOSJWUK2YVBCWXDSAA6V3A5CNFSM4DZPNCKKYY3PNVWWK3TUL52HS4DFVREXG43VMVBW63LNMVXHJKTDN5WW2ZLOORPWSZGOFADLBZQ.gif" height="1" width="1" alt="" /></p>
<script type="application/ld+json">[
{
"@context": "http://schema.org",
"@type": "EmailMessage",
"potentialAction": {
"@type": "ViewAction",
"target": "https://github.com/bisq-network/roles/issues/16#issuecomment-671527142",
"url": "https://github.com/bisq-network/roles/issues/16#issuecomment-671527142",
"name": "View Issue"
},
"description": "View this Issue on GitHub",
"publisher": {
"@type": "Organization",
"name": "GitHub",
"url": "https://github.com"
}
}
]</script>