►
From YouTube: AsyncAPI SIG meeting 14 (Nov 12, 2019)
Description
This is the recording for the AsyncAPI Special Interest Group (SIG) meeting #14.
Attendees:
- Fran Méndez
- Jonas Lagoni
- Nishchit Dhanani
- Waleed Ashraf
Moderation:
- Fran Méndez
Agenda:
- Paid collaboration program
- Repositories security
- Q&A
A
A
B
A
It
makes
a
bit
simple
to
guess
like
or
impossible
to
guess,
because
file
guessing
the
the
current
path
of
violence
is
possible.
Guessing
their
current
path
of
the
URL
is
also
possible,
but
if
you're
rendering
you're
doing
it
not
running
but
you're
parsing
is
a
string.
There's
no
fat!
No,
this
this
train
is
leaving
nowhere.
It's
not
hosting
any
file
right.
So
that's
why
we
introduces
path
option
and,
as
I
can
see,
we
are
not
using
it
on
the
generator.
C
B
B
A
So
yeah
we
should
have
SMTP
a
string
and
then
following
this
and
object
with
the
path
option,
which
will
be
the
path
of
the
file
or
you
know,
cattle.
But
the
thing
is
that
when
you're
rendering
a
string,
you
don't
have
any
past,
usually
using
scroll
passes.
This
is
pass
it
here.
What's
the
relative
value
good
to
use
yeah,
you
know
what
I
mean,
because
it's
the
string
you're
generating
a
string,
is
there's
no.
B
A
Yeah,
this
is
parsing
a
string
at
them
calling
generate
now.
What
we
doing
here
always
is
most
probably
we're
going
through
these
doors
through
these
function.
This
line-
and
there
are
there's
no
context
about
the
the
location
of
this
file,
which
is
not
a
file,
is
history
right.
We
should
probably
be
able
to
pass
this
past
year.
All
right
relative
path,
so
we
are
able
to
pass
it
to
the
parts
method,
doesn't
make
sense.
Yep.
B
A
A
A
So
it
was
same
yeah.
The
the
so
journalist
is
gonna
create
a
suit,
so
we
don't
forget
to
fix
it.
It's
we
know.
Where
is
it
so
it
will
be
easy
to
fix
it
into
the
but
I.
Remember
that
we
discussed
this
before
I,
don't
know
what
happened.
Maybe
we
just
discuss
about
it
and
if
we
forget
to
fix
it
terrible
so
yeah,
two
things
about
the
agenda.
There
are
two
points
in
the
agenda
today,
which
is
a
collaboration
program
and
repository
security.
A
Yeah,
so
we
were
saying
there
are
two
points
in
the
agenda
which
is
no
penetration
program
and
repository
security
and
I.
Don't
know
what
do
you
think
about
postponing,
maybe
one
of
them,
because
especially
that
the
repository
security?
Yes
I,
would
like
to
counter
with
more
people
into
no
match
more
than,
as
probably
the
four
of
us
about
security,
and
so
we
can
discuss
this
better
right,
the
wild
it
will
be
like
it
would
be
a
great
chat
between
the
four
or
five
but
or
maybe
I
mean
after
you
really.
C
C
A
So,
yes,
I
think
that
the
problem
is
clear.
So,
for
instance,
the
as
he
was
saying,
the
problem
is:
if
anybody
inside
the
organization,
who's,
a
member
of
the
organization
can,
by
default,
push
to
master
or
merciful,
request
right.
So
so
the
problem
is
that
we
have
some
actions
and
Froggy's
associated
with
like
pushing
text,
for
instance
in
some
Reapers.
A
If
you
put
a
new
tag,
it
will
publish
to
NPN,
which
is
cool,
but
it
can
also
be
a
problem
because,
like
he
was
saying
that
there
has
been
many
cases
where
people
gained
your
trust,
you
know
like
they
make
some
contributions
for
a
few
time
and
then,
once
you
give
them
the
access
to
merge,
pull
request
up
to
push
tags.
They
do
Nessa's
tough
right,
like
like
putting
some
lights
of
code,
that
religious
lines
of
code
in
your
tool
in
knowing
that
this
studio
is
gonna,
be
running
on
companies
machines.
A
A
Even
even
though,
if
even
if
I
don't
the
review
of
a
pull
request,
if
you
push
the
master,
I'm
gonna
get
a
notification
myself
because
I
don't
know
if
you
know
it,
but
there
is
a
channel
on
slack
which
is
called
github
activity.
So
everything
is,
it's
gonna
be
logged
there
and
I'm
gonna
get
a
notification
and
then
we're
gonna
see
what
17
right
but
yeah
again,
it's
gonna
be
polished
to
a
p.m.,
so
you
will
have
to
release
a
new
a
new
version
right
to
write
this
so
I.
Think
the
other.
A
C
A
C
D
B
A
A
So
yeah
cool,
so
next
next
the
agenda
is
about
collaboration
program.
So
okay
I
know
we
are.
We
are
not
many
people
here
today,
but
I'm
gonna
share
it
anyway.
So
I
was
thinking
on
some
kind
of
Fanta
collaboration
programs
to
to
give
back
to
the
community
who
are
people
who
are
contributing
to
it.
It's
in
KPI,
because
I
think
it's
unfair
that
I
ask
for
contributions
and
I'm
making
a
living
myself
out
of
icing
KPI
and
then
other
people
are
like
spending
their
free
time
on
that.
A
A
Don't
know
yet
so,
but
before
I
draft
this
program,
I
would
like
to
like
to
know
your
feedback
on
this.
So
how
do
you
feel
about
this
I?
Can?
How
do
you
feel
about
contributing?
How
do
you
feel
about
getting
paid
about
contribution?
I
guess
you'll
find
well
like
nobody.
It's
gonna
complain
about
getting
paid
right,
but
but
yeah
like
I,
don't
know
like
how
much
do
you
think
the
amounts
will
be
depending
on
it's
also,
depending
on
the
complexity
of
the
issue
of
this.
A
B
A
And
this
one
is
actually
is
this
one
yeah
it's
actually
for
this,
like
you
can
put
some
issues
there
meet
Elise,
is
there
and
assign
a
value,
and
so
people
can
work
on
that
I
think
the
first
one
who
completes
the
issue
is
a
completes
that
issue
and
validated
is
a
writer
that
user
gets
larger
pool
of
us
gets
merged.
Is
the
one
who's
gonna
get
the
money?
So
probably
we
can
use
something
like
this.
C
A
Yeah
I'm
asking
because
I
have
no
I,
have
not
experienced
myself
either
so
I'll
have
to
explore
this.
Nobody
has
experience
in
this.
It's
nonsense
to
keep
asking
because
you'll
be
in
the
same
positions
as
I
am
so
so
yeah
cool.
So
that
was
a
really
quick
meeting
today.
If
you
have
questions
and
answer,
questions,
I
or
suggestions,
I
mean
I,
always
call
it
enough
questions
and
answers.
But
this
is
over
you
having
troubles
with
something
and-
and
you
want
to
ask
for
new
feature
whatever
I
think
that's
the
right
time.
A
D
Actually
at
this,
this
is
my
first
meeting
with
testing
APA
and
let
me
introduce
myself
and
just
thought
and
our
fat
camp
right
now
we
are
implementing
some
of
the
specifications
from
the
s
in
KPI
in
fat
camp.
It's
still
under
a
beta
version,
so
I
think
onward.
I
will
try
to
attend
almost
every
meeting
I'm,
so
if
they
work
and
I'm
sure
it
could
be,
it
has
a
potential
to
change
the
entire
industry
standards.
Combining
all
of
today's
specification
is
protocols
within
that.
D
B
B
D
A
D
There's
a
great
question:
let
me
show
how
we
are
using
I.
Think
API
to,
let
me
see
for
sure,
would
aspire
camp
so
far,
can
a
single
platform
of
a
developer
or
engineer
and
a
stout
debug
out
every
protocol
and
every
technologies
we
are.
We
are
saying
this
right
now:
is
the
protocol
agnostic
a
pH
to
do
so?
The
logo
can
test
out.
Any
API
is
regardless
of
any
portable.
D
If
we
have
created
a
one
project
and
we
have
added
a
multiple
requests
within
that
project,
like
a
couple
of
them,
are
htps
requests
couple
of
our
thoughts
of
it,
which
one
is
it,
and
so,
but
I/o
requests
and
impurities.
Well.
So
now,
if
you
want
to
export
this
project
and
how
we
can
do
it,
we
have
to,
we
have
to
have
some
specifications,
because
the
export
is
one
a
file
it
will
share
with
colleagues
with
community.
We
can
put
it
a
public
file,
so
anyone
can
use
it
import
it
within
the
fire
camp.
D
A
D
B
D
D
A
D
Actually,
I
have
seen
that
right
now
we
are
going
I.
Think
API
is
going
absolutely
in
the
future.
We
would
have
the
couple
of
extra
standard
specifications
actually
at
this
moment.
I
am
also
learning
the
essence
of
a
so
I
am
not
sure
how
it
be,
how
we
can
use
it
with
the
how
we
can
cover
this.
Almost
every
technologies
and
protocol
you,
but
I
will
try
to
put
my
F
values
like
whenever
we
will
do
the
amputee
anything
else,
then
I
would
like
to
add
it
into
the
single
payer.
So.
A
B
A
D
A
A
101
method
right
because
it's
a
this
endpoint
was
actually
like,
for
instance,
think
about
Kafka.
When
you
want
to
send
a
message
to
Kafka,
there
is
also
a
HTTP
Kafka
connector
and
you
can
send
messages
to
dump
by
using
an
HTTP
POST
request.
It's
it's
just
for
this.
For
these
cases,
right
for
this
case
or
for
simple
cases
like
you
have
a
HTTP
streaming
AP
right,
you
only
have
one
method,
one
path
and
everything
and
hangs
from
there
right.
Yes,
yeah
we
can.
We
can
probably
add
this
to
the
to
the
HTTP
binding.
A
D
A
B
D
I
am
completely
agree
with
you,
because
I
have
also
learned
that
the
fbi's
have
a
lot
of
standards
like
open.
Api
specification
is
the
wash
out
of
dead
till
now.
So
it's
it's
completely
fine
to
use
the
open,
OS
open
up
a
specification
plus
I
syncope
ice.
So
if
you
use
we
use
both
specifications,
then
we
can
definitely
cover
the
lot
more
things,
but
I
am
not
sure
about
graph
QL.
If
we
put
beautiful,
has
only
one
endpoint
yeah
yeah,
so
there
might
be
some
possibilities.
We
can.
B
A
B
A
B
A
Be
suitable
for
you,
but
and
it's
gonna
be
a
pain
in
really
experience
for
others
right.
So
that's
a
thing.
The
reason
we
we
are
trying
to
converge.
For
instance,
nobody
buying
we're
trying
to
converge
on
JSON
schema
specification.
So
all
the
schemas
that
you
have
an
open,
API
and
async
API.
They
are
terrible,
they're
interchangeable
right
that
you
can.
You
can
use
whatever
you
declared
for
open
API.