►
From YouTube: Package Maintenance Team meeting - 24 March 2020
A
B
A
C
A
Governance
models
and
methodologies
for
package
maintainers
and
actually,
let
me
flip
back
to
the
github
issue,
because
I
took
a
few
notes
there
by
accident,
as
opposed
to,
though
I'm
Owen
chimed
in
basically
and
said
that
he
wasn't
able
to
make
it.
He
didn't
have
anything
to
update
this
week,
but
we'll
hope
to
have
something
to
have
time
to
work
on
the
next
few
weeks
and
give
us
an
update
next
time.
A
A
A
A
That's
done
so
actually
I've
got
the
current
next
two
actions
error
right.
So,
basically,
in
terms
of
next
steps,
next
steps,
this
one
was
basically
the
the
first
one
was
to
tweeted
reference,
the
funding
proposal,
fields
which
is
done,
and
the
next
one
is
to
update
the
validation
tool.
So,
yes,
that
is
the
next
tool
which
we
need
to
get
started
that
won't
actually
I
did
I.
A
Guess
we
don't
have
everybody
here,
but
there
had
been
some
work,
so
I
think
maybe
I'll
open
an
issue
to
discuss
how
we
move
forward
on
that,
because
some
people
had
worked
on
it
and
figure
out
who
wants
to
be
involved
and
don't
want
to
people
have
already,
maybe
even
done.
Some
more
work
want
to
make
sure
we
take
advantage
of
that.
First.
A
B
There's
been
some
issues
raised
before
and
finding
dependents
and
they've
been
that
there's
actually
one
one
in
there
already.
The
the
only
thing
is
I
thought
it
might
be
useful
if
we
could
get
Darcy
or
Rui
from
the
actual
registry.
That's
do
someone
off
once
and
I.
Give
you
a
straightforward
example:
I'm
looking
at
take,
you
know
taking
a
deeper
interest
in
the
session
module
for
expressed,
and
there
are
many
tools
that
use
it.
B
You
know
there
are
Redis
as
there
many
many
DB's
and
I
can
and
they're
basically
put
lots
of
things
in
the
read
means
and
I
need
to
know
which
ones
are
important
for
the
future,
so
that
when
we
actually
make
changes
and
we
test
them-
which
one
should
we
look
at
and
unless
they're
actually
documented
and
the
thing
is,
we
don't
actually
want
to
get
into
third
party
documentation,
because
it's
like
advertising
for
a
particularly
way
of
using
accession
or
when
and
in
general.
We
don't
want
to
do
that.
B
What
we
want
is
a
way
of
finding
how
many
picked
you
know
who
are
the
biggest
users
of
a
module,
but
we
don't
really
want
to
scrape
the
registry
and
it
doesn't
seem
to
be
at
all.
It
would
be
useful.
We
could
set
up
an
arrangement
with
the
the
registry
folks,
so
for
specific
question
saying:
could
you
give
us
the
top
ten
they're
used
use
this,
because
otherwise
we
will
miss
important
things
out
and
I'm
more
interested
about
integration
testing,
which
comes
to
the
second
one
about
the
sit
room
tour?
B
B
D
C
So
I
believe
there
is
a
dependence
list
there,
which
means
there's
a
dependence,
API
and
finding
somewhere.
I
know
there
didn't
used
to
be
one.
Then
if
there
was
something
mentioned
somewhere,
but
I'm
not
entirely
sure.
If
you
can
get
the
full
list
of
defendants,
there
is
an
endpoint
where
you
can
get
the
download
count
for
each
of
the
dependence
it's
a
hassle,
but
it's
doable.
So
I
spoke
if
you,
if
you,
if
you
are
on
the
know,
Jess
slack
and
there's
a
thread,
probably
in
package
management,
which
channel
which
is
not
very
active.
C
So
it's
probably
the
latest
thread
where
basically,
they
gave
me
a
list
of
top
1000
which
you
cannot
get
without
scraping
the
full
registry
and
then
querying
with
the
API
endpoint
one
by
one
but
I.
Think
if
you
have
a
dependence
list
which
is
not
too
large,
it
would
be
maybe
possible,
but
also
I
do
agree
that
maybe
there's
a
way
they
can
expose
that
information
without
having
to
go
back
to
my
package.
C
A
Still
wanted
to
mention,
like
Ashley,
has
been
working
on
the
tool
that
we
talked
about
when
we
got
together.
I
think
he
needs
to
open
it.
You
know
create
a
repo
and
pkgs
for
what
he's
doing,
but
I
think
since
somebody
posted
in
that
there
was
a
scraping
module,
he's
been
looking
more
at
the
higher
layers
like
how
do
we
filter
and
figure
out
the
the
ones
you
think
are
important.
B
Yeah
this
the
other
thing
we
do
need
to
talk
to
him
if
we
have
a
scraping
mechanism
and
lots
of
people
started
using
it
in
my
MA
has
side
effects
on
the
registry.
This
may
not
be
what
they
at
all
intended.
They
may
have
this
information
and
that's
I'd
be
very
surprised
as
they
didn't,
because
you
can
click
through
on
the
readme
pages.
A
B
C
B
A
C
C
A
B
And
I
I
did
I
commented,
dependent
stalling
and
refused
three
to
seven
year
issue
three
to
seven,
and
there
was
talk
about
at
all.
I
did
look
at
this.
It
didn't
seem
to
require,
as
you
said,
it
would
be
good
to
have
baby
we're.
Gonna
have
to
talk
to
them.
Yeah
we
did
this.
This
does
seem
to
be
a
recurring
theme
around
maintenance
that
we
do
need
to
know
who
is
using
what
so
a
lot
of
very
well
use.
Things
are
not
installed.
Primarily,
they
are
just
dependent
packages.
B
A
D
A
C
A
A
B
B
Sit
Jim
one
other
question:
I
wondered
when,
if
Beth
Bethany
could
help
on
this,
I
might
just
reach
out
to
her
I
wonder
she'd,
be
on
this
call.
When
we
test
Express,
we
do
test
session
cuz
I've
seen
I've
looked
back
through
issues
and
I've
seen
a
was
a
Bridgewater
raised
them
Aaron,
Aaron
Bridgewater
for
session
and
I'm
wondering
do
we
actually
use
a
store
or
do
we
just
use
like
the
memory
store,
that's
built
in
when
you
don't
pass
a
something
a
property
be
when
we
do
Canarian
ago
of
mine
integration
tests,
so
I.
B
B
Which
case
had
any
task
to
that
I
just
wondered
if
we
did
because
I'm
looking
forward
to
look
at
the
point
where
I
actually
do
set
up
something.
So
we
make
a
change,
we
can
run
it
against
the
top
five
once
used,
which
is
why
I
want
to
know
what's
used
widely
offered
and
Redis
and
after
that
it
gets
a
bit
blurry
and
to
be
honest,
which
is
why
I'm
after
the
dependents
question
now.
B
Uses
session
and
a
session
is
past,
a
different
type
of
store
as
an
API
for
store
and
argue
most
any
store,
and
once
we
get
into
the
land
of
proper
sequel,
DBS
I
have
no
idea,
which
one
is
most
popular.
I
mean
right,
I've
just
choose
my
favorite,
and
that
would
be
that.
But
I
actually
don't
know,
and
the
thing
is
the
also
things
I'm
not
sure
how
many
more
tools
there
are
out
there
and
that's
why
this
tool
will
be
useful.
That's.
A
B
E
B
Then
I'm
even
yeah,
it's
an
dimensioning
of
third
parties
we're
discussing
that
they
suppress.
We
shouldn't
have
so
many
references
to
these
third
party
modules
and
that's
part
of
this
discussion
too
I'm,
beginning
to
think
that
having
having
a
list
a
half,
the
list
have
no
downloads
and
some
have
a
lot
of
downloads
and
then
some
are
just
not
there
right.
B
A
A
Okay,
yeah
I
was
I,
was
gonna
move
on
to
that
that
next
question
about
this
idiom
to
get
an
overview
of
excision
I
can
give
you
the
five
the
high
level
one
and
we
can
Destiny's
on
holiday
today.
Next
time
we
can
get
her
to
give
us
a
more
detailed
one,
but
you
know
basically
it
will.
It
has
a
pre-configured
list
of
modules
and
it
you
know,
pulls
down
those
modules,
installs
them
and
then
runs
their
tests
and
in
the
community
we
do
that
on
different
versions
of
node
yeah.
D
B
A
I
mean
it's
just
exactly
like
there's
too
many
of
them
for
us
to
set
up
each
individual
yeah,
we
did
haven't
thought
at
one
point
like.
If
you
look
at
your
sort
of
safety
net
layers,
it's
sort
of
one
of
the
layers
right
we
did
haven't.
We
did
talk
about
think
about
never
got
to
a
layer
which
would
have
been
okay.
Now
we
could
actually
set
up
some.
A
You
know
higher
level
say
more,
like
system
type
tests,
if
there
were
some
that
we're,
like
you,
know
so
prevalent
in
the
ecosystem,
that
they
would
also
then
give
us
coverage,
and
at
that
level
we
might
do
something
like
that,
but
you're
only
going
to
have
a
small
number
of
them.
If
we
ever
got
to
that
at
all.
B
Yeah
yeah
I
think
you're
pretty
best
disease
I
just
wondered
I'm
pretty
gonna
start,
because
that
would
also
be
a
useful
tool
for
me
to
use
as
well.
I've
started
to
looking
to
how
and
it's
a
good
case.
Example.
Express
is
a
very
good
case
that
widely
used
lots
of
third-party
just
just
to
so
many
aspects
to
it
and
a
lot
of
the
cold
code.
You
look
at
it.
You
go
yep,
that's
very
early
JavaScript
right
and
you
have
to
remember
how
to
write
it.
B
B
Yeah
I
think
that's
good.
You
know
that
that's
good
enough,
like
that's
good,
no
I'm,
gonna,
I'm
gonna,
pull
it
and
use
it,
as
is
I,
just
wonder
if
there's
any
any
more
to
it,
that
was
as
I
read
it.
I
went
away
in
bed,
I
do
a
lot
of
reading.
Recently,
even
chrome
chrome
released
a
new
version
of
chrome,
chrome
80
and
they
changed
the
way.
The
same
sites
cookie
was
defaulted
and
that
caused
a
lot
of
problems
in
session.
There's
some
help
for
taps
and.
B
Treating
if
you
did
not
have
same
site
cookie
set
to
treating
it
as
he
used
to
be
said
as
none,
if
it
wasn't
there
nowadays
treating
it
as
lacks,
which
is
a
bit
more
secure.
Okay,
that
broke
existing
sessions
for
some
people,
even
though
when
they
said
it
explicitly
to
nine
people
of
existing
sessions
got
broken
because
then
their
cookies
were
not
being
treated
to
wait.
It's
the
same
way
as
a
service,
there's
nothing
we
could
do
about
it.
Yeah.
B
A
B
We
heard
a
long-distance
I
asked
a
question.
You
know
what's
expected
from
the
cat
in
so
I'm,
so
like
a
provisional
captain
to
session
module-
and
you
know
I'm
very
glad-
I
did
not
volunteer
for
more
than
one
thing
rather
I
understand
a
little
bit
more
about
everything,
that's
involved
and
how
many
people
hit
it
up
and
raise
issues.
So
that
seems
to
be
going
through
that
we
seem
to
have
a
methodology
in
place
to
get
people
to
adopt
it.
B
D
B
D
A
D
A
D
A
D
E
B
E
B
E
E
E
E
B
A
B
Have
2
1
1
is
already
active
and
that
one
is
just
joining
now's
raised
to
PR
and
I
probably
think
they
could
both
go
in
there
and
it's
as
I
go
along
and
get
people's
interest
where
I
work.
I
say
this
is
something
you
can
do.
You
don't
need
to
be
a
you
know,
creating
new
stuff,
there's
a
lot
of
stuff
out
that
it
just
needs
a
lot
of
help.