Comment by andix
6 hours ago
I see one big difference: with email it was always about sender reputation based on email servers (IPs), maybe about domains. But never about individual users. It's the organizations running the email server, who make sure users behave. So they don't get blacklisted and lose sending privileges for hundreds or thousands of users.
For PRs/issues this is not applicable.
Not necessarily. Orgs exist in GitHub, and it seems reasonable that if the $BIGCORP org limits membership to employees, you can automatically trust all members of that org. Because this way, if one steps out of line, you have both an escalation path (contact admins) and a stick (revoke trust in entire org).
Allowing contributions only from big tech companies sounds ideologically questionable from free/libre software movement perspective, and it emboldens decisions which go against the user's interests, such as removing manifestv2 in Chromium.
Op said nothing about only allowing corporations. Simply stated that one path to allowing large swaths of users without having to approve every single individual user is to trust all users of certain orgs by default.
Presumably you would still allow individual contributions but with restrictions unless someone has vouched for them or some other gating factor.