Skip to content
New issue

Have a question about this project? # for a free GitHub account to open an issue and contact its maintainers and the community.

#

By clicking “#”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? # to your account

Jump to bottom

Node.js Security WorkGroup Meeting 2023-05-25 #994

Closed
mhdawson opened this issue May 22, 2023 · 1 comment · Fixed by #1004
Closed

Node.js Security WorkGroup Meeting 2023-05-25 #994

mhdawson opened this issue May 22, 2023 · 1 comment · Fixed by #1004
Assignees
@mhdawson

Comments

@mhdawson
Copy link
Member

Time

UTC Thu 25-May-2023 14:00 (02:00 PM):

Timezone Date/Time
US / Pacific Thu 25-May-2023 07:00 (07:00 AM)
US / Mountain Thu 25-May-2023 08:00 (08:00 AM)
US / Central Thu 25-May-2023 09:00 (09:00 AM)
US / Eastern Thu 25-May-2023 10:00 (10:00 AM)
EU / Western Thu 25-May-2023 15:00 (03:00 PM)
EU / Central Thu 25-May-2023 16:00 (04:00 PM)
EU / Eastern Thu 25-May-2023 17:00 (05:00 PM)
Moscow Thu 25-May-2023 17:00 (05:00 PM)
Chennai Thu 25-May-2023 19:30 (07:30 PM)
Hangzhou Thu 25-May-2023 22:00 (10:00 PM)
Tokyo Thu 25-May-2023 23:00 (11:00 PM)
Sydney Fri 26-May-2023 00:00 (12:00 AM)

Or in your local time:

Links

Agenda

Extracted from security-wg-agenda labelled issues and pull requests from the nodejs org prior to the meeting.

nodejs/security-wg

  • Nominate Ashish Kurmi #989
  • Requirement: It MUST be possible to configure the software so that smaller keylengths are completely disabled #988
  • Requirement: Secure development knowledge #987
  • Requirement: Publicly known medium-high vulnerabilities unpatched for +60 days #986
  • Requirement: Static source code analysis daily or per commit #985
  • Access to security tab in Github for key projects #984
  • Initiative for CII-Best-Practices for Nodejs Projects #953
  • Permission Model - Roadmap #898
  • Update Charter / Readme.md #874
  • Automate security release process #860
  • Assessment against best practices (OpenSSF Scorecards ...) #859
  • Discussion about policy-integrity integration on Windows #856
  • Automate updates of all dependencies #828

Invited

  • Security wg team: @nodejs/security-wg

Observers/Guests

Notes

The agenda comes from issues labelled with security-wg-agenda across all of the repositories in the nodejs org. Please label any additional issues that should be on the agenda before the meeting starts.

Joining the meeting

https://zoom.us/j/92309450775

  • link for participants: <>
  • For those who just want to watch We stream our conference call straight to YouTube so anyone can listen to it live, it should start playing at https://www.youtube.com/c/nodejs+foundation/live when we turn it on. There's usually a short cat-herding time at the start of the meeting and then occasionally we have some quick private business to attend to before we can start recording & streaming. So be patient and it should show up.
  • youtube admin page: https://www.youtube.com/my_live_events?filter=scheduled
@mhdawson mhdawson self-assigned this May 22, 2023
@UlisesGascon
Copy link
Member

cc: @laurentsimon in case that you can make it this time 😉

@RafaelGSS RafaelGSS mentioned this issue May 25, 2023
Merged
@KoolTheba KoolTheba mentioned this issue Jun 3, 2023
Merged
# for free to join this conversation on GitHub. Already have an account? # to comment
Assignees

@mhdawson mhdawson

Labels
None yet
Projects
None yet
Milestone
No milestone
Development

Successfully merging a pull request may close this issue.

doc: add meeting minutes 25-05-23 RafaelGSS/security-wg
2 participants
@UlisesGascon @mhdawson