Hi Paul,
нд, 12 січ. 2020 о 12:27 Paul Moore <
p.f....@gmail.com> пише:
>
> I just saw this request. I took a quick look at the Tidelift website,
> but I'm not clear on what it provides or what implications approving
> it would have. Can someone clarify what this is (presumably Bernat
> would be best able to do so)?
I can answer this question. Tidelift is a startup that tries to solve
the problem of paying FOSS maintainers.
They offer a sort of FOSS subscription to enterprise customers.
Maintainers can register there and get payouts for their packages
based on the amount of subscribers
Tidelift has for the given project.
Lifters (maintainers) are supposed to execute a series of tasks like
properly marking which versions
of their packages get security updates, which are dangerous, posting
release notes, confirming licenses
and so on.
One of the tasks was to add their GitHub App which was apparently used
to work around GitHub API's
rate limits. But recently they announced that it's no longer necessary
and they're going to get rid of that
task also allowing people to uninstall the integration.
Ref:
https://forum.tidelift.com/t/removing-task-install-github-app/334
So I'd say that you can safely ignore the request for adding this GitHub App.
P.S. AFAIK among PyPA projects at least setuptools is enrolled in the
Tidelift's program.
--
Kind regards,
Sviatoslav Sydorenko
email: sviatoslav+/nospam/~@
sydorenko.org.ua
---
https://useplaintext.email/
() ascii ribbon campaign - against html e-mail
/\
www.asciiribbon.org - against proprietary attachments
---