New tools for open source maintainers

Whether you want to make repository conversations more productive or keep your code safe from accidental pull requests, our new maintainer tools are for you. Minimized comments, retired namespaces for popular projects, and new pull request requirements are just a few of the ways we’re making it easier for maintainers to grow healthy open source communities on GitHub. Here’s some more information about how they work:

Minimized comments

Developers use comments in issues and pull requests to have conversations about the software they’re building on GitHub, but not all of the comments are equally constructive. Sometimes contributors share comments that are off-topic, misleading, or offensive.

While maintainers can edit or delete disruptive comments, they may not feel comfortable doing this, and it doesn’t allow the comment author to learn from their mistake. As part of our tiered moderation tools available to project owners, maintainers can now click in the top-right corner to minimize and hide comments—in addition to editing, deleting, or reporting them.

minimize

Minimized comments will be hidden by default with a reason for why it was minimized, giving more space to the comments that advance the conversation. Developers who view the project can choose to temporarily expand minimized comments by clicking “Show comment”.

Learn more about minimized comments

Many package managers allow developers to identify packages by the maintainer’s login and the project name, for example: Microsoft/TypeScript or swagger-api/swagger-codegen. This is an efficient way to describe a dependency, but sometimes maintainers delete or rename their accounts, allowing developers to intentionally or unknowingly create projects with the same name.

To prevent developers from pulling down potentially unsafe packages, we now retire the namespace of any open source project that had more than 100 clones in the week leading up to the owner’s account being renamed or deleted. Developers will still be able to sign up using the login of renamed or deleted accounts, but they will not be able to create repositories with the names of retired namespaces.

Accidental and “drive-through” pull request prevention

Popular open source projects receive lots of pull requests. While most of them are constructive, occasionally project owners receive a pull request from a collaborator who suggests changes from a stale branch or another collaborator’s fork.

Since the author can’t always respond to feedback on the proposed changes, these pull requests create noise for maintainers and do little to push the project forward.

To minimize noise, we no longer allow pull requests from contributors unaffiliated with the project or the changes proposed. Specifically, pull requests will be restricted if:

  • There’s no explanation of changes in the body of the pull request, and
  • The author is not a bot account, and
  • The author is not the owner or a member of the owning organization, and
  • The author doesn’t have push access to the head and the source branches

This should not affect automated workflows, private repositories, or repositories on GitHub Enterprise.

Learn more

If you have questions about how these tools make it easier for your to grow welcoming communities around your project, check out this guide on building open source communities or get in touch with us.

Have feedback on this post? Let @github know on Twitter.
Need help or found a bug? Contact us.

Changelog

Subscribe

Discover new ways to build better

Try Marketplace apps free for 14 days

Learn more