npm org and sharing access

[nlf]

As of today, we have created an npm org and begun adding the majority of the published modules in the hapijs github org to it. We are intentionally leaving out hapi itself, as well as any modules that have been flagged as deprecated.

The main goal here is to make sure that at least a small number of people have access to publish each module in the event that a new maintainer has to be sought out and we're unable to contact the current one. Currently only a small number of people have been given access, however we may change that to include the other core contributors or some subset of them.

I'm opening this issue in the interest of transparency and so we can discuss the merits and concerns of sharing or not sharing this access with a greater number of people.

[cjihrig]

Is it too late to change the npm org name to hapijs to match the github name?

[nlf]

we actually have both orgs, we've just added the packages to the hapi one. i'm completely neutral on the matter, but that's a reasonable point.

[AdriVanHoudt]

Hapijs makes more sense since the GitHub org has that name and what is the exact reason to let hapi itself out of it?

[nlf]

keeping hapi itself out of the org maintains its access to only the lead maintainer (Eran), that's not something we intend to change. this is about allowing the lead maintainer, the community lead, and potentially other core contributors to facilitate maintainer handoffs (and interim publishes) for the other modules in the hapi ecosystem.

[AdriVanHoudt]

hmm no way to make exceptions inside npm? if so then fine 👍

[devinivy]

This all sounds good 👍 I'd love it if the github and npm org names matched!

[hueniverse]

Keep in mind the npm org name is just for admin purposes. Unlike the GitHub org, no one should care about the npm one unless you are handling access admin.