We can't figure out how to allow devs to collaborate

we’ve been exhaustively experimenting with github organization roles/permissions settings, to enable our developer community to collaborate, but can’t find a solution.

  • our repo has a large git lfs data library. for this reason, it’s not feasible to expect devs to fork our repo, because it will soon exceed their free github account lfs data quotas. this means, we need to be able to add them onto an organization team, that allows them to push branches.
  • we can’t figure out how to enable the members on that team to push branches without being able to overwrite or delete other user’s branches.
  • we want users to, effectively, have ownership over their own branches, without being able to disturb branches created by other users on the team.
  • as an open source project, we need to allow hundreds of collaborators onto this team, and we can’t vet them all to ensure they have good intentions. we need to allow them to contribute without doing damage to the work of the other devs.

what settings might we be missing or misunderstanding? is there a valid way to configure this project to securely enable open source collaborations?

we can now consider this issue fixed.

doing more research, we noticed the following information in github documentation

Pushing large files to forks of a repository count against the parent repository’s bandwidth and storage quotas, rather than the quotas of the fork owner.

  • this discards our misunderstanding, thinking that forking an lfs repo means cloning all its data to that user’s github account. it doesn’t.
  • :tada: this means the traditional fork-and-pullrequest workflow is viable for volunteer devs to collaborate.

however, as a side-issue, this information is a little concerning: it sounds like anybody can fork any public git lfs repo, and maliciously dump huge amounts of data onto its lfs storage, until quotas are exceeded, effectively disabling the project. that doesn’t sound too good… i suppose that’s something for github support to work out when such an attack occurs…