►
From YouTube: 2020-02-09-Package Maintenance Team meeting
Description
No description was provided for this meeting.
If this is YOUR meeting, an easy way to fix this is to add a description to your video, wherever mtngs.io found it (probably YouTube).
A
So
welcome
to
the
node.js
package
maintenance
team
meeting
for
february
9th
2021
we'll
follow
our
standard
agenda,
which
was
outlined
in
the
issue
in
the
repository
and
before
we
get
started.
Is
anybody
having
announcements
they'd
like
to
share.
A
I
guess
the
only
one
I'll
mention
is
that
the
opengs
world
call
for
papers
is
open.
So
if
you
have
a
talk
that
you're
interested
in
talking
talking
about
it's
a
good
opportunity
to
get
together
with
the
rest
of
the
community
and
do
that,
so
you
know
what
the
deadline
is.
A
I
believe
it's
february
15th,
so
it's
within
the
next
week
or
so
it's
always
possible
things
get
extended,
but
I
wouldn't
count
on
it
count
on
it
at
this
point.
Okay.
So
if
there's
no
other
agenda
items,
we
will
move
on
to
the
issues
that
were
tagged
for
the
gender
and
the
first
one
is
openjs
world
2021
cfp.
A
I
think
beth
opened
that,
unfortunately,
this
is
too
late
for
her
today,
so
she
couldn't
make
it
today,
but
she
did
want
me
to
mention
that
she's
willing
to
pair
with
somebody
to
co-co-submit
a
talk
if
there's
interest
there.
It
sounds
like
dominique
has
mentioned
that
he
has.
You
know
some
things
he
might
have
to
talk
about,
and
I
guess
even
the
thought
was
we
could
even
submit
a
panel
or
something
like
that.
A
A
I
don't
quite
wait
till
the
night
before,
but
oh
really,.
A
C
I'm
just
following
up
on
beth
wanted
to
do
a
talk.
Specifically,
you
thought
or.
A
Basically
says
good
place
to
showcase
the
work
and
discuss
what's
happening.
The
issue
is
just
case.
There
was
any
interest
in
coordinating
some
joint
submission.
You
know
either
panel
discussions
or
a
talk,
or
so
basically
it's
what
you
know
this
is
to
kick
off.
What
should
we
do?
I
know
she's
interested
in,
like
you
know,
co-submitting
with
somebody
if
there's
interest,
and
so
it's
kind
of
just
up
to
us,
to
figure
out
what
we
think
makes
sense,
and
then
we
could
figure
out
who's
going
to
submit
it
and
go
from
there.
A
A
A
A
A
I'm
gonna
have
to
log
in
I'm
not
logged
in
so
I
don't
know,
but
it's
gonna
be
in
that
I
don't
think
it's
gonna
be
any
longer
than
30
minutes
and
most
likely
it'll
be
20
minutes.
C
So
in
that
case
I
would
say
we
probably
have
it
makes
sense
to
be
like
two
like
a
panel
and
maybe
like
back
to
back
even
maybe
a
presentation
we
could
put
together
a
deck
with
all
the
work
that
is
going
on
in
inflate
and
just
give
it
like
a
status
update.
Then
we
could
do
a
panel
or
almost
like
a
live
call
like
we.
A
Yeah
they'll
likely
all
be
pre-recorded
like
most
of
them.
It's
pre-recorded,
as
I
understand,
there's
kind
of
like
the
first
day,
is
like
keynotes
and
those
are
going
to
be
the
the
the
live
sort
of
section
and
but
then
the
rest
of
it's
going
to
be
like
a
mix,
basically
a
netflix
type
style
where
you
can
go
in
there's
b
tracks
and
you
can
watch
and
stuff,
but
like
even
the
panel
just
to
say
even
the
panel
would
be
pre-recorded
if
we
did
that,
so
it
doesn't
necessarily
change
anything.
A
C
Yeah,
I'm
willing
to
help
with
put
together
a
deck,
and
maybe
we
can
all
contribute
to
essentially
like
providing
like
status
updates
for
that
and
then.
C
A
Yeah,
it's
kind
of
an
interesting
one
in
that
you
can
only
you
can
only
have
two
speakers
when
you
submit,
but
in
our
actual
recording,
there's
nothing
to
stop
us
from
having
multiple
people
jump
in
and
actually
say.
Okay,
now,
I'm
going
to
give
an
update
on
this
other
piece
that
we've
been
working
on
right
so.
A
A
C
Yeah,
you
know
with
both
actually
but
probably
where
I
can
help
the
most
is
probably
like
putting
together
a
deck
quickly
or
a
templated
deck,
and
then
even
if
I
did
it,
folks
were
okay
with
like
it
being
in,
like
a
google
slide
deck
that
way,
we
can
collaborate
on
it.
Then.
A
C
Sure
I'm
already
logged
in
I
went
through
the
process
just
now,
so.
A
A
In
terms
of
a
panel
then
so
I
guess,
then
I
think
we
can
have
four
panelists
and
one
moderator
anybody
want
to
volunteer
to
coordinate
that
one
be
the
moderator.
B
C
A
Pkgs
support
the
pr
that
I'm
I'm
feeling
bad
for
not
having
reviewed
yet
but
rory.
I'm
gonna
get
this
wrong,
but.
D
A
Wonder
if
we
could
ask
him
to
give
an
update
on
the
support
side
and
then
one
of
wes
or
chris
on
the
the
on
the?
What
am
I
getting
wrong?
The
create
side.
C
Yeah,
I
think
chris
has
picked
up
the
mantle
here
in
terms
of
doing
some
work
with
the
create
pkg
package.
Yeah
and
wes,
I
think,
has
been
you
know
heavily
involved
and
kicked
that
off.
So.
A
A
A
So
I
guess
maybe
in
terms
of
the
talk
darcy,
you
can
connect
with
beth
just
to
coordinate
on
that
and
then
glenn
you'll
reach
out
to
the
panelists,
or
I
guess
I
mean
we
don't
even
necessarily
well
the
one
panelist
we
need
to
follow
up
with
is
rory
and
just
to
make
sure
he's
willing
to
do
that.
B
Yeah
the
credentials
yeah,
so
I
created
the
bot
account
for
way.
We
will
need
it
for
running
tests
and
maybe
eventually
for
publishing
will
be
or
whatnot
so
yeah.
I'm
just
wondering
how
do
we
share
the
credentials
because
it
will
every
github
account
needs
to
have
an
email
associated
with
it.
So
what
kind
of
an
email
and
then
there's
been
several
options
listed
on
how
to
share
the
credentials
so
there's
a
shared
one
password
or
something
or
was
it
a
foundational
blast.
A
Yeah,
the
foundation
has
a
last
pass
and
then,
basically,
like
you
know,
brian,
can
create,
can
create
the
the
credential
and
then
share
it
to
anybody
who
has
the
free
versions,
and
that
gives
us
a
bit
of
backup
too,
because
then
the
foundation,
if
we.
B
D
B
I
guess
we
should
coordinate
that
way.
Then
it's
just
one
gotcha
is
that
I
guess
if
the
credential
is
shared,
I
can
always
retrieve
it
and
and
then
we
can.
B
A
B
B
I
I
have
not
thought
about
it
for
the
for
the
time
being,
I
did
not
enable
2fa,
because
it's
only
used
for
running
tests
right
now,
so
it's
low
risk
right.
It's
not
even
going
to
get
push
access
to
anything.
B
Will
it.
It
needs
push
access
to
the
test
repos,
but
those
are.
A
A
B
A
B
A
Yeah,
the
best
way
to
do
that
is
just
through
slack.
Actually,
if
you're
in
the
foundation
slack
and
usually
get
a
hold
of
him,
and
if
you
just
ping
him
and
say
here's
the
here's,
the
credential
and
here's
you
know,
then
he
can
actually
send
it
out
to
a
list
of
emails,
yeah,
okay,
okay,
anything
else
like
does
that,
basically
close
that
one
out.
B
Yeah
and
I
guess
we
can
sort
it
out
with
him,
what
kind
of
an
email
do
we
put
down
on
that
account?
I
don't
know
if
the
foundation
hasn't
throw
away
news
or
something.
A
A
Right,
so
probably
what
we
want
to
do,
then,
is
to
pr
in
a
to
here
now:
where
is
it?
Is
she.
A
You
know
whatever,
whatever
group
of
people
like,
maybe
it's
you
know,
we've
set
up
the
the
so
that
I
forget
what
it's
called,
but
like
there's
administrative
members
of
the
package,
maintenance
team
working
group.
So
basically,
if
we
made
an
email,
a
list
for
those
administrative
members,
then
any
one
of
them
would
get
those
resets
or
whatever
and
and
at
the
same
time,
what
we'll
need
is
we'll
need
brian
to
actually
set
up
that
alias
on
the
the
do.
We
need
him
to
set
that
up.
I
don't
think
so.
A
A
A
A
A
Okay,
so
that's
that
one
moving
on
to
the
next
one:
can
we
confirm
reevaluate
meeting
time
schedule?
This
is
438
open
it
up
to
see.
F
Bit,
it
was
mostly
just
for
clarification,
so
I
guess
I
was
just
confirming
it
so
currently
I
assume
we
all
know,
but
for
the
record,
for
those
who
aren't
familiar,
this
group
meets
every
other
tuesday,
but
as
it
alternates
the
week,
it
also
alternates
the
time.
So
it's
always
every
other
tuesday,
but
what
the
first
or
one
session
will
be
nine
in
the
morning
eastern
the
next
one
will
be
three
and
it
goes
ping
pongs
back
and
forth
between.
F
E
I
mean
when
I
asked
the
question
I
I
I
don't
care
if
we
ping
pong
or
not,
really,
I
I
think
the
the
question
was
just
what
presumably
we're
picking
our
meeting
times,
because
we
want
to.
There
could
be
a
number
of
reasons
right
one
is
that
probably
all
the
currently
active
participants
we
want
to
make
sure
they're
able
to
participate
another.
It
would
be
potential
participants,
we
want
to
be
able
to
participate
at
all
and
then
a
third
would
be
there's.
E
F
Guess
maybe
more
precisely
my
comment,
I
guess
was
then
maybe
more
directed
at
the
doodle,
which
was
deciding
to
be
more
specific,
and
so
I
guess
I
understand.
Yes,
we
want
to
reevaluate
the
meeting
time,
but
there
is
a
doodle
also
kind
of
identifying
time,
and
so
I
guess
it
was
more.
If
I
vote
my
vote
in
that
doodle
am
I
say
I
want
all
the
times
to
be
this
or
are
we?
F
Is
there
a
particular
time
that
so
as
it
alternates-
and
I
guess
this
kind
of
goes
back
to
the
ping
pong
of
these
two
alternating
is
one
more-
is
one
of
those
more
challenging
and
that
we
maybe
only
need
if
we
just
picked
one
or
you
know,
I
guess
what
there's
there
seems
like
there's
a
lot
of
options.
You
know
either
both
times
aren't
working
at
all,
like
it
kind
of
needs
to
be
scrapped,
one
of
those
times
is
working
the
others
and
we
change
that
or
maybe
just
for
our
own
sanity.
F
We
just
pick
one
daytime
that
tries
to
get
everybody
and
just
have
that
going
forward.
You
know
so
I
guess
it's
just
more
are
any
of
those
options
there.
I
assume
it
sounds
like.
Probably
all
options
are
on
the
table,
but
I'm
not
sure
I
think
so.
A
A
E
Right
yeah,
usually
what
I
do
is
like
look
at
the
group
of
people
and
often
what
I'll
find
is
that
there's
two
times
that
added
together
include
everyone,
but
no
one
any
one.
Any
one
of
those
times
would
exclude
one
or
two
or
three
people
permanently
and
so
picking
those
two
times
see
like,
would
you
know
or
three
times
or
whatever
would
work
right.
So
I
haven't
looked
at
the
doodle
lately,
so
I
don't
know
what
the
results
are
looking
like,
but
I
I
think
I'd.
F
I've
agreed,
I
think,
that's
helpful
context
that
maybe
or
maybe
so
maybe
the
way
to
think
about
the
doodle
for
anybody
who's
coming
in
at
is
vote
for
what
works
best
for
you
and
will
rank
at
top
two.
If
that
happens,
if
the
you
know,
if
it
happens
to
be
that
the
stars
align
and
it's
a
universal
time
great,
but
either
way
you're
never
more
than
I
guess
at
minimum
you'd
be
able
to
participate
at
least
once
a
month.
F
A
E
A
So
maybe
on
that
one
it's
like
if
we
could
get
for
next
time,
if
everybody
could,
we
could
ask
people
to
update,
maybe
I'll
do
like
an
app
mention,
which
issue
was
that
sorry.
A
A
C
I
think
the
last
time
we
talked
about
this,
it
did
sound
like
it
like,
we
could
add
more
time
slots
on
that
and
more
days.
Those
were
just
essentially
the
ones
that
I
think
we
had
discussed
the
last
time
we
talked
about
this
and
then
also
I
it
sounded
like
trying
to
get
the
times
more
centered
in
the
middle
of
the
day,
like
e.t
middle
of
the
day,
almost
it
sounded
like,
which
is
why
those
those
times
are.
C
Yeah,
I
think
it
would
be
good
if,
if
we
can't
get
everybody
on
one
time
slot
then
yeah
two
times,
that's
totally
fine.
A
A
E
A
A
A
I
don't
have
too
much
more
to
report
on
that,
except
that
we
do
have
a
blog
post
in
the
pipeline
in
terms
of
promoting
the
ones
we've
added
it
to
for
for
the
red
hat
modules.
So
I'll
share
that
here
when
that
goes
out,
if
we
can
help
get
that
promoted,
I
guess
the
other
thing
is
on
darcy's
suggestion.
I
did
open
a
a
discussion
in
the
github
repo
in
terms
of
you
know,
maybe
getting
it
out
of
10
pm.
I
don't
think
I've
seen
anything
on
that
recently.
A
Things
the
two
things
on
that
side
and
I
guess
the
no
that's
more
on
that
and
rory,
and
last
time
we
discussed
there
was
a
suggestion
that,
before
we
we
promoted
sort
of
the
next
took
the
next
step
in
promotion.
We
should
actually
get
a
simple
create
tool
in
or
option
into.
The
support
option
looks
like
I
just
got
to
take
one
other
note
before
I
finish,
and
so
rory
rhodian
has
actually
submitted
a
pr
or
to
add
the.
I
think
it
was
called.
We
called
it
create.
A
A
A
A
Okay,
the
next
one
is
suggest,
ignoring
a
vulnerability
by
the
package.
Maintainer
darcy
did
submit
that
application
and,
to
be
honest,
it
should
already
be
accepted.
I
don't
know,
if
did
you
hear
anything
back,
I
poked
the
people
who
should
have
given
you
the
hey
thanks
for
receiving
it.
C
I
got
brian
warner
at
least
sent
me
an
email,
nice
email.
I
get
to
see
my
own
submission,
though
so
I've
seen
the
discussions
so
as
a
regular
member,
I
get
to
see
the
thread
so
yeah,
I'm
just
wondering
who
to
poke
next.
I
guess
to
to
get
things
wrong.
Yeah.
A
C
Yeah
definitely-
and
I
know
martian
hope,
martin
hope
yep
had
reached
out
as
well
and
after
having
led
you
know
the
note
security
working
group
for
or
not
led,
but
obviously
being
heavily
involved
like
there,
and,
I
think,
also
he's
involved
in
the
what's
the
linux
foundation
group
for
security.
C
Right
there
might
be
some
overlap,
obviously
that
we
can
really
pull
in
from
from
him,
and
I
would
love
to
to
have
you
know-
and
I
saw
jordan
also
said
he'd
be
getting
involved
as
well,
so
yeah
I
just
would
love
to
kick
it
off
and.
A
C
Yeah
and
google
just
had
their
I'm,
not
sure
folks
saw
but
a
presser
go
out
about
their
open
cv
initiative.
I
think
I
forget
what
it's
called
exactly,
but
I
saw
that
through
the
rounds.
What's.
C
I
think
it's
supposed
to
be
like
an
open
database
of
cves.
I
can
try
to
find
the
link
for
you.
A
Okay,
so
it's
a
little
bit
different
but
like
as
it's
not
focused
on
the
suppression
of
the
cpes,
but
how
do
you
get
them
anyway?
Okay,
so
yeah?
So
that's
kind
of
on
me
we'll
try
and
get
that
kicked
off
and
and
going
because
yeah
should
be
should
be
all
accepted.
Now,
I'm
pretty
sure
we
set
like
a
deadline
which
was
like
hey.
If
by
next
meeting
nobody
objected,
it
was
basically
approved
and
I
haven't
heard
anything
anybody
object,
so
should
be
good.
A
A
Let's
now
I
want
to
take
a
quick
look:
open
source
security,
vulnerabilities,
oops,
okay.
So
let's
move
on
to
the
next
issue,
so
the
next
steps
on
support
levels
and
packages,
I
think
we
kind
of
covered
that
under
the
list
of
supported
modules
covered
above
so
that
takes
us
to
the
end
of
what
was
on
the
agenda.
Are
there
any
other
things
that
people
would
like
to
discuss
before
we
close
out
for
today.