Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Node.js Security WorkGroup Meeting 2022-08-18 #822

Closed
mhdawson opened this issue Aug 15, 2022 · 3 comments · Fixed by #825
Closed

Node.js Security WorkGroup Meeting 2022-08-18 #822

mhdawson opened this issue Aug 15, 2022 · 3 comments · Fixed by #825
Assignees
@mhdawson

Comments

@mhdawson
Copy link
Member

Time

UTC Thu 18-Aug-2022 14:00 (02:00 PM):

Timezone Date/Time
US / Pacific Thu 18-Aug-2022 07:00 (07:00 AM)
US / Mountain Thu 18-Aug-2022 08:00 (08:00 AM)
US / Central Thu 18-Aug-2022 09:00 (09:00 AM)
US / Eastern Thu 18-Aug-2022 10:00 (10:00 AM)
EU / Western Thu 18-Aug-2022 15:00 (03:00 PM)
EU / Central Thu 18-Aug-2022 16:00 (04:00 PM)
EU / Eastern Thu 18-Aug-2022 17:00 (05:00 PM)
Moscow Thu 18-Aug-2022 17:00 (05:00 PM)
Chennai Thu 18-Aug-2022 19:30 (07:30 PM)
Hangzhou Thu 18-Aug-2022 22:00 (10:00 PM)
Tokyo Thu 18-Aug-2022 23:00 (11:00 PM)
Sydney Fri 19-Aug-2022 00:00 (12:00 AM)

Or in your local time:

Links

Agenda

Extracted from security-wg-agenda labelled issues and pull requests from the nodejs org prior to the meeting.

nodejs/security-wg

  • Best Practices Document #819
  • Automatic check for dependencies' vulnerabilities in Node.js CI #802
  • Threat Model #799
  • Permission Model #791
  • What security guidance would be most useful for Node.js developers? #488
  • feature request for require.pure(id) or pkg.pure:true #467

Invited

  • Security wg team: @nodejs/security-wg

Observers/Guests

Notes

The agenda comes from issues labelled with security-wg-agenda across all of the repositories in the nodejs org. Please label any additional issues that should be on the agenda before the meeting starts.

Joining the meeting

https://zoom.us/j/92309450775

  • link for participants: <>
  • For those who just want to watch We stream our conference call straight to YouTube so anyone can listen to it live, it should start playing at https://www.youtube.com/c/nodejs+foundation/live when we turn it on. There's usually a short cat-herding time at the start of the meeting and then occasionally we have some quick private business to attend to before we can start recording & streaming. So be patient and it should show up.
  • youtube admin page: https://www.youtube.com/my_live_events?filter=scheduled
@mhdawson mhdawson self-assigned this Aug 15, 2022
@UlisesGascon
Copy link
Member

I won't be able to attend but I will follow the video and notes after the weekend

@mhdawson
Copy link
Member Author

I'm going to miss the first half hour again, but hope we can continue to discss what is/is not a vuln in the second half our that I will make.

@arhart
Copy link

arhart commented Aug 18, 2022
edited
Loading

I won't be able to attend either, but I've added some comments and suggestions to the (Threat Model) document.

This was referenced Aug 18, 2022
Merged
Closed
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees

@mhdawson mhdawson

Labels
None yet
Projects
None yet
Milestone
No milestone
Development

Successfully merging a pull request may close this issue.

doc: add meeting minutes 2022-08-18 RafaelGSS/security-wg
3 participants
@arhart @UlisesGascon @mhdawson