Evaluate granting "Maintainer" permissions to project leads by default

To improve self-service capabilities for projects and reduce administrative overhead, we should consider to give the Maintainer role to project leads by default. This would require a patch for the GitLab sync script.

Recent requests that the projects could have handled themselves:

• Change default branch (https://gitlab.eclipse.org/eclipsefdn/gitlab/-/issues/15)
• Edit push rules (https://gitlab.eclipse.org/eclipsefdn/gitlab/-/issues/16)

Permission overview: https://gitlab.eclipse.org/help/user/permissions.md#project-members-permissions

The following additional permissions are given to a "Maintainer" compared to a "Developer":

Action	Risk
Delete packages	Low
Request a CVE ID (FREE ONLY)	None
Use environment terminals	Low
Run Web IDE's Interactive Web Terminals (ULTIMATE ONLY)	Medium
Add new team members	High (team members should be elected)
Enable/disable branch protection	Low
Push to protected branches	Medium
Turn on/off protected branch push for devs	Medium
Enable/disable tag protections	Medium
Edit project settings	Medium (can all project settings be changed?)
Edit project badges	Low
Export project	Low
Share (invite) projects with groups	Medium
Add deploy keys to project	Low
Configure project hooks	Low
Manage runners	Medium
Manage job triggers	Low
Manage CI/CD variables	Low
Manage GitLab Pages	Low
Manage GitLab Pages domains and certificates	Medium
Remove GitLab Pages	Low
Manage clusters	High
Manage Project Operations	Low
Manage Terraform state	Medium
Manage license policy (ULTIMATE)	High
Edit comments (posted by any user)	High
Manage Error Tracking	Low
Delete wiki pages	Low
View project Audit Events	Low
Manage push rules	Low
Manage project access tokens (CORE ONLY)	Medium

The risk assessment in this table is only a very rough guesstimate.

Are there any (other) potential risks, where projects could add/remove/edit something that is not in line with the Eclipse Development Process?