Release coordination assistance for AI Experiments plugin

[JeffPaul]

As I'm unable to administer the AI Experiments plugin, will you please help with the following:

1. Add to Committers (so they can review the ​Release Confirmations): dkotter, isotropic, flixos90, swissspidy.

2. Update the SVN_USERNAME and SVN_PASSWORD ​repository secrets in the GitHub repo to either wordpressdotorg or wordpressorg or whatever WPORG user should be used by project-owned canonical plugins.

[Otto42]

1. You are a committer on that plugin. You do have access to add other committers yourself. The form is on this page: ​https://wordpress.org/plugins/ai/advanced/

2. I am not certain what those values should actually be, which is why I didn't set them. I'll message Dion to see if he knows.

[Otto42]

Actually, looking a couple of the other examples, it seems that either we can use your username and password to put in the Github secrets, or you can create a specific user to do the committing for you.

Gutenberg, for example, created a "gutenbergplugin" user account to do their commits: ​https://plugins.trac.wordpress.org/log/gutenberg/

So it's pretty free form actually. We don't have a dedicated user for all those plugins. And the
"wordpressdotorg" user is not set up to any committing at all, as it doesn't have a SVN password setup for it.

[dd32]

We don't have a dedicated user for all those plugins.

We do, it's the githubsync bot, it's credentials are set as organization secrets: ​https://github.com/organizations/WordPress/settings/secrets/actions which is exposed to a selected set of repo's.

Some plugins have their own account, such as gutenberg and performance-lab because they rejected the forced plugin-release-confirmation that comes with having githubsync on the account or being owned by wordpressdotorg.

I've

• Added the githubsync user to the plugin committers list
• Enabled those org secrets for that repo
• Rotated the users SVN password because why not

You are a committer on that plugin. You do have access to add other committers yourself.

@Otto42 No he can't :) He's required to contact the plugins team to do that, not create a Meta ticket. Only plugin reviewers can alter the committers for the plugin.

This applies to all plugins in the 'Beta' category.

The actual message shown to such users is:

Management of this plugin has been limited for security reasons. Please contact the plugins team for assistance to add/remove committers, or to perform other actions that are unavailable.

Add to Committers: dkotter, isotropic, flixos90, swissspidy.

Done. In future, please email plugins@… for this, or ask for help in #meta

[JeffPaul]

Was just coming here to share that warning message and apologize that I missed the bit in there about the plugins team. Perhaps an adjustment to the warning to something like:

Management of this plugin has been limited for security reasons. Please contact the plugins team (plugins@…) for assistance to add/remove committers, or to perform other actions that are unavailable.

[dd32]

In 14644:

Plugin Directory: Beta/Featured plugins: These plugins have limited self-management capabilities, they're required to contact the plugins team for alterations.

This makes it clear on how to contact them, and shows the limitation warning to plugin reviewers (or super-admins) to ease confusion.

Props JeffPaul for suggestion.
See #8160.