Skip to content
Merged
Changes from all commits
Commits
File filter

Filter by extension

Filter by extension

Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
54 changes: 54 additions & 0 deletions meetings/2019-07-15.md
Original file line number Diff line number Diff line change
@@ -0,0 +1,54 @@
# Node.js Foundation Security WorkGroup Meeting 2019-07-15

## Links

* **Recording**: https://www.youtube.com/watch?v=ADJQRq2gvDo&feature=youtu.be
* **GitHub Issue**: https://github.com/nodejs/security-wg/issues/561
* **Minutes Google Doc**: https://docs.google.com/document/d/1Lx6QF7qQ4q_PIxVrE3-xpqKVGRXJ3kgfrdbL6o1fX4U/edit

## Present

* Security wg team: @nodejs/security-wg
* Vladimir de Turckheim @vdeturckheim
* Bradley Farias @bmeck
* Liran Tal @lirantal
* Andre Eleuterio @aeleuterio
* Colin Ihrig @cjihrig


## Agenda

## Announcements

Highlight on PR #28614 for Node.js core which need security opinions.

*Extracted from **security-wg-agenda** labelled issues and pull requests from the **nodejs org** prior to the meeting.

### nodejs/security-wg

* should there be security-wg presentation at nodeconf.eu? [#504](https://github.com/nodejs/security-wg/issues/504)

We are passed the CFP. But since it’s a long conference, there might be something we can do here. Speakers are already announced.
Closing but we could explore if there are still slots around the conference we can help with.

* Eligiblity criteria for meeting bug bounties [#503](https://github.com/nodejs/security-wg/issues/503)

We have some policy that is short on modules, bu we need to expand it.
Let’s check which high visibility modules already have vulnerabilities and reach out to them.
Vladimir to reach out to Bootstrap maintainers back.

* \[ANN - APR 26th 2019\] Migrating vulnerabilities database into its own repository [#494](https://github.com/nodejs/security-wg/issues/494)

Tierney to reach out to Foundation Marketing (Rachel) and to prepare announcement on social media.
Let’s merge this week! (Will need an update to the sync-up script on the second repo).

## Q&A, Other


## Upcoming Meetings

* **Node.js Foundation Calendar**: https://nodejs.org/calendar

Click `+GoogleCalendar` at the bottom right to add to your own Google calendar.