On Sun, 12 Jan 2020 at 15:15, Sviatoslav Sydorenko <[email protected]> wrote:
> I can answer this question. Tidelift is a startup that tries to solve > the problem of paying FOSS maintainers. > They offer a sort of FOSS subscription to enterprise customers. > Maintainers can register there and get payouts for their packages > based on the amount of subscribers > Tidelift has for the given project. Thanks. That mostly matches what I understood from their website. What wasn't clear to me was why they needed a GitHub app, and more so, why it had to be registered against the whole PyPA organisation, rather than against individual projects. > Lifters (maintainers) are supposed to execute a series of tasks like > properly marking which versions > of their packages get security updates, which are dangerous, posting > release notes, confirming licenses > and so on. That makes sense - but obviously, whether to commit to this sort of thing would be a per-project decision, not something PyPA-wide. > One of the tasks was to add their GitHub App which was apparently used > to work around GitHub API's > rate limits. But recently they announced that it's no longer necessary > and they're going to get rid of that > task also allowing people to uninstall the integration. > > Ref: https://forum.tidelift.com/t/removing-task-install-github-app/334 > > So I'd say that you can safely ignore the request for adding this GitHub App. Cool, thanks for explaining. Paul -- You received this message because you are subscribed to the Google Groups "pypa-dev" group. To unsubscribe from this group and stop receiving emails from it, send an email to [email protected]. To view this discussion on the web visit https://groups.google.com/d/msgid/pypa-dev/CACac1F8vo2Ee5Ny5nPh_PYjJCAUnaTYVqPBvghmRhyzHPFUosA%40mail.gmail.com.
