Packages wiki page can be edited by *anyone*

[kierenj]

Seems a major security issue!

[jwerle]

@kierenj I did indeed see your tests! We have not had the ability to control this and this hasn't really been an issue for us, yet. However, GitHub now allows us to restrict edit access

I am not sure what the best path here is. We could create a team for authors like: authors. Folks can request access to this team by opening an issue.

cc @stephenmathieson @Isty001 @clibs/core - what do you think?

[stephenmathieson]

IMO we shouldn't fix what isn't broken. We've been using a public wiki for nearly 10 years and haven't had a single problem with it.

[jwerle]

IMO we shouldn't fix what isn't broken. We've been using a public wiki for nearly 10 years and haven't had a single problem with it.

this is true! if it ain't broke, don't fix it!

[kierenj]

No probs, of course I would say there wouldn’t ever be an issue right up until the point in time an issue occurs, but I am not well placed to have much of an opinion on it!

[stephenmathieson]

Fortunately if there is a problem, we can easily revert the change(s) and set up an "authors" group. The wiki is just another Git repository 😄

[hyperupcall]

Another data point, the Bats wiki was defaced on July 15th, 2023. Somewhat odd, especailly considering Bats is a relatively niche tool. They kept the Wiki publically editable afterwards, but plan to make it contributors-only if it becomes a reoccuring problem.

[bcomnes]

+1 on keeping it open until its an issue. I will subscribe to https://github.com/clibs/clib/wiki.atom to help monitor. Any other feed junkies please help out.