Express TC Meeting 07-31-2019 #85
Comments
|
Proposed Items:
|
|
@wesleytodd updated agenda with those 👍 |
|
From the Package Maintenance WG meeting today, it would be great if we could also discuss release automation. @dominykas mentioned work being done which might help us. |
|
This a bit late for me (2:30am...) - is this always on at the same time? |
|
Typically it is. I wonder, could you point us to some of the work you have done on this, and we could check it out and schedule a follow up discussion at a time better for you? |
|
One thing that would need to be discussed re automation is how we can still keep npm 2FA publishes intact, which was a big issue from the npm compromised accounts. |
I think this is specifically what @dominykas can offer some help with. |
|
This is the tool I mentioned: https://github.com/nearform/optic - it's a PoC, but it works and is relatively easy to run (I have an instance running at https://optic.goodnight.to [no SLA] if you're interesting in playing with it, but security paranoid people should run this themselves anyways). To try it out on my instance:
This also works if you add this app to your homescreen on Android, although there might be more work needed there. This means that it is possible to set up a publish with 2FA from CI by passing the I also have a PR open to enable this for |
|
Thanks for that. I will be checking it out, as that was really the main thing that stood in the way of more automated (and consistent) releases, especially as I continue to see chatter around surfacing if a package is published with 2FA or not made me really hesitant to turn it off for a CI setup. I really appreciate you pushing forward to get 2FA support. And TIL npm accepts a --opt option, even. |
|
Top Priority issue starter list: pillarjs/router#48 TODO for @wesleytodd:
|
|
@wesleytodd I can help on type definitions in whichever modules are needed, feel free to point me to specific repos and I'll work through them as I have time. It sounds like the router is the first one. My main issue has been the stance on TypeScript within Express.js and other repos. I use a lot of the modules and would love to type them correctly if we're officially supporting the definitions. A lot of the lower-level modules in |
|
This would be great @blakeembrey! I mentioned you on the call but I didn't want to volunteer you for something :) Maybe we can make a "TypeScript Support" discussion issue where we can organize the plan? That way I can add that to the "Key Objectives" issues so that we can get others who want to be involved in the TS story to get onboard. |
|
Sorry for missing this meeting 😞
I'm happy to help out with TypeScript definitions 🙋♂ |
|
@dougwilson One of the things we talked about in the meeting last week was having another meeting today, but I don't see a new issue. Are you available this afternoon? |
|
Hi @wesleytodd yes, we did talk about a follow up meeting, but I wasn't 100% sure if we had settled on 1 week or 2, though I didn't end up being around the end of last week (including Wednesday), so sorry I had missed your message above. I created the issue for this Wednesday, though: #86 and I know I'm likely missing some items. |
|
meeting happened long back, closing. Please re-open if anything is outstanding here. |
Who
The entire community is welcome to tune in and observe the meeting live at the time below. The following people are listed here as explicit invitees to get an email notification about the upcoming meeting:
Invited:
When
Jul 31, 2019 - 23:30 UTC
Where
YouTube Live
Agenda
reqprototype to separate repo #82Propose other agenda topics which can be added to this list.
The text was updated successfully, but these errors were encountered: