►
From YouTube: 2022-02-23-Node.js Technical Steering Committee meeting
Description
No description was provided for this meeting.
If this is YOUR meeting, an easy way to fix this is to add a description to your video, wherever mtngs.io found it (probably YouTube).
B
We
also
usually
make
a
point
to
announce
new
collaborators,
so
ben
nordhaus
and
I'm
sorry
if
I'm
mispronouncing
his
name
has
rejoined
us.
A
Okay,
well,
then,
moving
on
to
cpc
and
board
meeting
updates,
rich
anything
on
the
cpc
side
that
you.
B
Want
to
bring
us
up
to
date
on
sure
we
did
not
have
a
cpc
meeting
today.
This
was
one
of
the
weeks
where
we
had
a
a
working
meeting
and
the
topic
was
security
and
you
were
there
michael.
So
please
fill
in
anything
I
leave
out,
but
basically
we
talked
about
how
to
how
to
secure
node.js
and
its
ecosystem
broadly,
and
I
think
the
notes
are
public
somewhere
in
the
cpc,
I'm
not
sure
for
the
working
sessions.
That's
a
good
question,
though:
yeah.
A
B
Any
event
if
someone
wants
more
information
or
would
like
to
like
get
more
involved
in
that,
please
contact
me.
My
yeah
people
on
the
meeting
here
know
how
to
contact
me
other
folks.
My
email
address
is
in
my
github
profile
and
my
github
profile
is
t-r-o-t-t.
A
Yeah
and
I'll
just
add
like
this
is
this
is
a
focus
for
the
foundation
this
year
with
a
which,
with
a
number
of
things
that
happened,
have
happened,
you
know
not
just
the
javascript
ecosystem
but
other
places,
there's
quite
a
focus
on
the
supply
chain,
and
so
you
know
the
discussions
being
started
in
terms
of
you
know
what
makes
sense
for
the
foundation
to
help
the
projects
with.
Are
there
things
we
could
do?
A
A
There's
discussion
with
the
open
the
open
source
security
foundation,
which
is
a
relatively
new
foundation,
that's
funded
to
specifically
focus
on
these
things,
so
I
guess
just
to
say
lots
of
activity
and
lots
of
thoughts
that
you
know
there
should
be
work
in
this
area,
but
still
really
very
much
at
the
bootstrap
side.
So
ideas,
you
know
people
who
are
interested
in
getting
involved.
It's
a
great
time
to
to
bring
those
up,
suggest
them
or
get
involved.
A
Okay,
the
first
one
is
doc:
move
b,
naught
nerd
we
back
to
collaborators
42064..
I
think
rich
has
already
covered
that
you
know
he
he
was
an
emeritus
and
asked
to.
I
guess
was
suggested
he
was
brought
back
because
he
was
he
was
becoming
active
and
you
know
in
terms
of
running
cis
and
stuff.
It
made
sense,
so
he
requested-
and
everybody
jumped
jumped
on,
say
yeah
great
great
to
have
him
back.
A
The
next
one
is
doc:
deprecate,
crypto,
random,
get
values
alias.
C
That's
me,
I
I
added
that
so
we
discussed
it
a
bit
last
week.
So
the
the
discussion
here
is
how
we
should
expose
a
global
crypto
object.
C
So
on
browser
we
have
the
rep
crypto
api
and
a
node.js
there's
a
well
there's
two
crypto
apis,
there's
a
gs
specific
one
on
the
web,
crypto
one
and
yeah.
I
did
that
so
we
to
see
if
we
could
discuss
what's
the
ideal
route
to
handle
this.
A
C
Yes,
that's
part
of
the
question
so
so
currently,
if
you
go
under
the
report,
not
yes
and
you
type
crypto,
dot,
random
bytes,
you
get
access
to
the
node.js,
crypto
module
and
that's
not
compatible
with
the
the
web
api.
So
I
think
james
added
the
alias
so
it
can
be
compatible,
but
there's
also
some
weirdness
in
the
web
spec
that
make
it
not
compatible.
C
Actually,
so
what
I'm
suggesting
is
instead
we
for
we
break
the
report
as
it
is
today
and
crypto
will
now
refer
to
the
web
crypto
api
and
therefore
we
we
don't.
Maybe
we
don't
need
an
alias,
but
maybe
we
do.
I
don't
know.
D
D
The
crypto
global
refers
to
the
web
crypto
class
repl
is
the
only
place
where
we
bring
crypto
in
as
a
global,
and
that
also
applies
to
the
use
of
the
of
the
dash
p
e
command
line
argument.
D
So
if
we
are
going
to
be
consistent
with
other
environments,
browsers
dino
workers,
everything
else,
then,
if
we're
gonna
have
a
global
crypto,
which
makes
sense,
it
makes
sense
to
expose
it
as
the
web
crypto
api.
D
But
then
we
have
to
figure
out
what
we're
going
to
do
with
rebel,
whether
we're
going
to
go
ahead
and
break
it
or
not.
Now,
with
regards
to
the
get
random
values,
alias
the
reason
that
was
added
on
nodes
crypto
as
an
alias
to
the
web,
crypto
is
just
to
make
it
easier
because
in
rebel
environment
crypto
is
a
global
and
just
typing.
D
Crypto
dot
get
random
values,
works
in
other
environments,
added
it
as
an
alias,
so
it
would
just
work
also
in
in
nodes,
but
it
doesn't
have
those
those
issues
with
with
consistency.
D
I
think
that
if,
if
we
could
agree,
you
know
that
okay,
there's
going
to
be
a
a
global
crypto
just
in
general,
but
it
should
be
web
crypto.
Then
I'm
thinking
that
you
know
we
should
have
the
option
of
deprecating
the
node
crypto
exposed
in
rupple
and
then
behind
a
flag
making
it
you
know
making
it
so
rebel,
exposes
web
crypto
and
then
eventually
dropping
the
flags
to
the
festival.
D
C
It's
been
reported
by
a
comment
in
the
appear
that
there
are
a
lot
of
scripts
out
there
that
use
dashb
crypto
that
run
up
bytes,
for
example,.
C
So
I
think
we
cannot
break
it
without
breaking
the
ecosystem,
but
report.
I
agree.
I
think
we
can.
We
can
break
reports,
but
do
we
want
to
break
one,
but
not
the
other.
Also.
D
I'd
say:
no,
I
think
we
break
them
at
the
same
time,
but
I
I
think
you
know
we
have
a
process
for
this
right.
You
know
we
have.
We
can
take
it
through
a
deprecation
and
just
say
that
you
know
exposing
node
crypto
on
bash
fudashi
and
rebel
is
going
to
is
a
runtime
deprecation
and
then
add.
At
the
same
time
we
can
add
a
flag
that
says
you
know.
D
C
The
the
flag
is
already
there
by
the
way-
and
this
is
the
17.
very
good.
E
I
am
wondering
if
we
might
have
a
new
mode
in
this
case,
which
would
just
especially
for
the
thing
just
detect
what
properties
are
indeed
accessed
and
if
they
are
coming
from
nodes,
crypto
or
from
web
crypto.
F
C
So
it
would
already
work
to.
E
C
Yeah,
so
the
issue
I
stumbled
upon
that
was
that
we,
we
are
a
bit
too
loose
and
some
some
checks,
so
something
we
discussed
last
week
is
when
you
you
have
the
web
crypto
api
that
check.
If
the
this
value
is
an
instance
of
the
crypto
class,
and
we
cannot
do
that
on
on
our
side,
because
well
because
it's
just
too
difficult
to
do
so
like
there
are
some
some
weirdness
in
the
html
spec
that
we
cannot
follow
with
a
not
crypto
module.
C
Okay,
colleen:
the
chat
is
suggesting
that
we
add
a
new
global
like
node
and
we
can
access
all
the
modules
through
node.fs
instead
of
just
a
fist
yeah.
It's
a
question.
D
G
F
G
Yeah,
so
all
the
places
where
we
currently
like
make
the
package
the
modules
globals
instead
of
you
know
every
time
we
add
a
new
one,
we're
now
introducing
more
globals,
just
kind
of
have
one
global
that
we
could
hang
everything
off
of.
D
Conveniences
yeah,
that
was
part
of
the
point
of
of
just
having
it
as
a
global,
so
that
folks,
especially
when
they're
going
from
the
command
line,
they
wouldn't
have
to
do
the
require
syntax.
When
they're
doing
the
dash
pe.
D
So
I
I
think
that
this
idea
of
having
this
node
global
makes
sense.
I
mean,
I
think
it
just
makes
sense
in
general
right.
It
follows
the
pattern
that
other
platforms
are
like.
Do
you
know
in.
F
D
Other
words
about
having
a
a
platform
specific
global
that
they
can
hang
the
platform
and
specific
stuff
off
of,
particularly
in
the
ruffle
and
in
the
dash
pe.
I
think
I
think
that
makes
a
lot
of
sense.
Personally,
I
would
prefer
not
to
have
to
type
require
every
time
I
do
that,
it's
just
extra
boilerplate
that
I
I'd
rather
not
have
to
type
yeah.
D
It's
only
a
few
characters
off,
but
still
you
also
have
to
figure
the
quotes,
and
you
know
if
you're
dealing
with
command
line
and
making
sure
you
get
the
quotes
right
and
all
that
kind
of
stuff
it
just
it's
just
easier
not
to
have
to
deal
with
that
and
then,
like
I
said,
if
we
could,
you
know
we'll
just
say
I
I
think
we
have
to
take
it
through
a
deprecation
cycle
and
go
from
there
and
have
his
hand
up.
F
The
current
behavior
will
be
more
consistent
with
code,
which
basically
does
cost
crypto
equals
required
crypto
in
that
case,
that
creates
a
local
variable
that
will
schedule
the
global
one
so
in
the
apple
globe
that
our
crypto
would
be
the
web
crypto
by
default
and
just
the
crypto
variable
would
be
the
node
crypt
by
default.
We
can
do
this.
Also,
we
can
add.
F
A
C
Yeah,
I
think
the
the
takeaway
is,
it
won't
happen
in
v18
yeah
and
we
have
to
find
a
deprecation
cycle.
A
That
sounds
good.
Okay,
thank
you
removed,
perfect.
Okay,
the
next
one
is
rename
default
branch
from
master
domain.
I
know
there
was
some
discussion
in
the
last
couple
meetings.
Let
me
just
open
it
up.
I
had
commented
to
try
and
clarify
you
know
really
what
next
steps
were.
A
Just
looking
to
see,
if
there's
any
sort
of
discussion
since
then,
so
you
know
just
as
a
summary,
you
know
I
I
I
have
worked
through
most
of
them,
so
we're
down
to
like
6
out
of
100
have
been
moved
over
from
master
to
maine.
The
remaining
ones
are
more
complicated
and
richard
lau
has
volunteered
for
a
few
of
those,
but
really
the
the
step.
A
That's
sort
of
blocking
us
from
closing
this
out
is
those
more
complicated
ones,
and
I
haven't
had
cycles
to
loop
back
and
see
what
what
you
know,
what
we
need
to
do
to
unblock
the
other
ones,
find
volunteers
and
whatever,
and
so
you
know,
there's
suggestion
that
maybe
tierney
could
get
involved.
A
I
commented
on
that
front
like
so.
If
we
have
somebody
who
has
cycles
to
go
and
look
at
the
overall
picture
and
try
to
help
unblock
the
last
couple,
that's
that's
where
some
extra
help
would
actually
would
be
would
be
helpful.
A
I
I
don't
know,
is
there
any
other
context
from
the
the
past
week?
Conversations
on
that
one
that
we
should
talk
about
or
other
things.
A
I
added
this
to
the
agenda
based
on
you
know,
sort
of
my
read
benjamin
greenbaum
had
added.
This
had
made
a
suggestion
that
it
would
be
nice
to
get
some
more
focus
on
http
2..
I
know
from
our
recent
summit
where
we
discussed
the
strategy,
for
you
know
modern,
http
and
so
forth.
At
least
my
understanding
was
that
you
know
http
2,
you
know
the
challenges
were
sort
of
there.
There
hasn't
been
a
large
large
uptake,
although
some
of
it
is
is
is
important,
and
so
we
don't
have
correspondingly.
A
A
You
know,
get
more
focused
move
moving
forward
and
I
thought
it
was
least
worth
being
on
the
agenda
so
that
you
know
we
have
the
awareness,
maybe
brainstorm.
If
there
is
anything
or
or
not,.
D
Yeah
I
mean
with
this
one
I
mean
it
was
always
you
know
we
were
going
to
introduce
it.
We
had
to
have
it
available
in
order
to
see
it
folks
and
we're
going
to
be
interested
in
using
it
and
pushing
it
forward.
One
of
the
key
limiting
factors
on
this
is,
you
know,
as
colin
points
out.
Grpc
is
built
on
hp2
great,
but
that's
one
of
the
only
things.
D
That's
really
significant
things,
that's
really
built
in
hp2
nginx,
for
instance,
I
mean
all
the
reverse:
proxies
still
refuse
to
pass
hp2
on
right,
they'll
accept
hp2
on
the
front
end,
but
if
nginx
is
talking
to
node,
it's
always
going
to
use
hp1,
it's
not
going
to
use
hp2
they're
not
going
to
proxy
it
through
they
will.
They
have
decided.
They
are
doing
that
with
hp3
they're,
not
going
to
do
with
hp2
other
than
grpc
traffic.
D
So
I
mean
it
really
limited
the
you
know,
adoption
of
it.
I
don't
really
see.
I
I
haven't
seen
a
lot
of
interest
in
the
ecosystem
for
hb2.
You
know,
there's
not
a
lot
of
people,
that's
been
that
have
been
clamoring
for
it
not
like.
They
have
been
asking
for
hp3,
which
they
they
have
been.
So
I
mean
I'm
just
not
seeing
a
lot
of
a
lot
of
activity
there,
which
is
really
taking
it
off
of
my
radar.
D
A
D
A
D
A
A
A
You
know
yeah
yeah,
we'd
love
to
have
somebody
maintaining
and
fixing
those
issues
and,
and
so
yeah
maintainer
shut
up,
we'd,
be
like
thanks
and
and
be
supportive,
but
on
the
other
hand,
we've
looked
at
it
and
we
don't
think
that,
like
fixing
all
those
is
like
a
critical
high
priority
thing
for
the
project.
A
D
You
know
longer
term
I
still
get
on
my
radar
to
be
revisiting
the
whole
socket
api
stuff
and,
like
you
know,
when
we
were
talking
about
on
the
kind
of
the
the
next
10
summon
when
we
were
talking
about
all
these
all
right,
you
know
hb2
will
be
worked
into
those
plans,
I'm
figuring
out
kind
of
this
more
unified
hp,
client
api
view.
But
beyond
that
I
don't
know,
I
wouldn't
notice
anything.
A
A
If
there's
people
it
is
more
important
to
or
you
know
or
input
that
might
help
that
might
help
adjust
that
view,
but
from
what
we
can
see
today
in
terms
of
usage
and
so
forth,
it's
not
something
that
we
know
how
to
prioritize
or
are
planning
to
make
an
effort
to
do
that.
Yeah.
A
I'll
I'll
take
the
action
to
go
back
and
make
that
comment
on
the
issue
and
then
take
it
off
the
agenda
until
it's
added
back
on
the
next
issue
is
settle
on
a
voting
solution,
one
one,
six
five,
I
think
antoine
you
may
have
added
this
one.
B
I'm
sorry
I
was
busy
getting
my
name
to
display.
Let
me
take
a
look,
but
you
can
you
can
start.
C
Yeah,
well,
I
guess
the
issue
is
there,
so
we
can
discuss
if
we
want
to
have
a
blessed
solution
or
when
we
vote
on
things
like
we
did
for
the
primordials
so
yeah,
maybe
we
should
have
some.
I
think
it
would
be
helpful
to
have
a
blessed
solution,
because
we
always
end
up
discussing
what
we
should
use.
A
C
Yeah,
I
guess
it
can
be
improved,
but
since
it's
open
source
we
can
also
do
implement
ourselves,
which
is
good.
B
So
quiet
so
I
I
yeah.
I
added
this
because
it
just
seems
like
something
that
tsc
should
decide
and
and-
and
I
was
you
know
it-
it
had
been
five
days
and
there
hadn't
been
really
any
traction.
I
I
think
we
should.
B
I
think
we
should
just
go
with
go
with
antoine's
proposal
and
if
it
ends
up
not
working
in
the
future
or
you
know
next
vote
or
whenever
or
if
it
and
or
if
we
find
another
tool
that
we
like
better,
then
we
re,
then
we
re,
then
we
then
we
then
we
have
the
conversation
at
that
time,
but
I
think
like
right
now.
Nobody
seems
to
be
particularly
engaged
in
this
particular
topic
other
than
antoine
who
has
crafted
a
solution,
and
I
think
we
should
just
run
with
it.
We
just
used
it.
B
It
worked,
maybe
there's
a
better
thing
out
there,
or
maybe
there
are
ways
to
improve
it,
I'm
sure
antoine's
open
to
feedback,
and,
let's
just
and
and
so
judging
from
the
thumbs
ups
in
the
in
the
issue,
there
are
three
tsc
members,
darshan
mateo,
and
no
that's
it.
There
are
two
ctsc
members
who
are
not
here,
who
have
approved
it
and
or
thumbs
up
it,
which
and
then
there's
10
of
us
here.
If
nobody
here
objects,
I
think
we
have.
Our
decision
is
my
opinion.
H
A
So
I
think
we'll
just
note
in
the
minutes:
nobody
objected.
So
let's
do
it.
A
Okay,
we'll
move
on
to
the
next
one,
which
is
the
vote
future
primordials
1-104.
This
was:
is
this
the
final
thing
to
capture
the
vote.
C
Yeah,
well,
I
guess
the
pr
is
ready
for
review
I'd
like
to
have
a
rich
review
before
I
merge
it
just
in
case,
because
I
think
you
you
rich,
came
up
with
the
automation.
I
B
I
I
did
look
at
it.
It
looked
right
to
me.
I
I
made
a
mental
note.
Oh
I'll
test
this
out
with
the
automation
and
I
didn't
bother,
but
I
think
you
can
just
merge
it
and
if
the
automation
doesn't
work
I'll
fix
it
after
the
fact,
if
you'd
prefer
to
wait
another,
I
don't
know
24
hours
or
something
I'll
get
around
to
testing
it.
B
A
And
this
particular
issue
says
vote
future
primordials.
I
guess
we've
only
had
one
vote,
so
maybe
this
issue
still
needs
to
be
open
or.
A
B
B
D
A
B
A
Right,
I'm
just
so,
okay,
so
along
those
lines,
I
think
I've
just
said
you
know,
I'm
gonna
add
this
issue
and
close
it.
You
know,
discuss
the
tsc
meeting
this
week.
We
agreed
the
issue
should
be
closed
and
a
new
issue
open
new
issues
open
for
any
follow-on
vote,
suggested
candidates
for
opening
the
new
issue
were
antoine
jerich
and.
A
A
A
So
I
can
see
there's
some
discussion
in
the
you
know,
tobias
and
michael
lasso
have
had
some
discussion
about
the
different
limits
and
all
that
the
last
comments
there's
also
some
discussion
before
about
like
how
we
should
you
know,
should
we
close
this
until
we
find
a
champion
to
drive
it
forward.
J
Yeah
and
also
okay,
that
we
close
it
because
it's
not
as
more
effort
and
it's
not
a
something
that
we
are
required
to
have
it's
not
to
comply
with
any
specs
or
anything.
And
we
don't
really
know
if
there
are
any
benefits
to
node.js
or
not
to
have
it
enabled.
A
J
A
J
Yeah
and
just
a
comment
it
was
opened
two
years
ago,
but
also
node.js
12
does
not
support
it,
so
folks
that
rc
on
12
are
not
able
to
test
it,
even
if
they
build
the
image
manually.
A
A
A
This
actually
ended
up
having
you
know,
there's
a
broader
discussion
around
core
pack.
The
original
request
was
for
some
tokens
and
so
forth
to
make
it
to
add
to
the
automation
side
of
things
I
don't
know
which
aspects
we
want
to
get
into
the
discussion
today
today
on.
A
I
think,
given
the
time
left
and
just
you
know-
maybe
I'd
say
we
leave
it
on
the
agenda
and
maybe
hopefully
have
a
bit
more
time
to
to
get
into
discussion
next
week.
Does
that
make
sense.
K
K
Go
ahead,
I
think
so,
and
I
think
matteo
had
quite
a
lot
of
thoughts
and
raised
a
few
issues.
So
it'd
be
good
to
talk
about
it.
When
he's
around.
A
This
is
around,
you
know,
there's
a
discussion
on
how
we
extend
the
moderation
coverage
from
not
just
the
node.js
org
to
also
the
pkgs
org
which
which
we
we
brought
in
a
while
back,
but
we're
just
closing
out
on
the
governance
and
that
spurred
some
discussions
in
places
that
we
had
should
have
done
before,
but
didn't
so
we're
doing
them
now.
A
In
terms
of
rich,
I
think
you
added
to
the
agenda,
so
so
I'm
not
sure
if
you,
you
know
what
questions
you
were
hoping.
We
were
going
to
answer
on
that.
F
B
File
thing:
what
was
it,
what
is
yours
this.
A
Is
the
block.
B
List
import
export
issue:
oh.
B
So
yeah
no,
this
is
I'm
pretty
sure.
I
just
put
this
on
for
awareness
that
you
know
the
the
intention
to
you
know.
Sync,
the
you
know.
B
If
we,
if,
if
we
block
a
user
in
package.js,
they
will
also
be
blocked
in
node.js,
and
things
like
that
that
that
that
was
something
I
didn't
want
to
fly
under
the
radar,
so
that
was
mostly
what
that
was
about
it's
for
awareness
and
also
because
not
a
lot
of
I'm
I'm
gonna
say
this
now,
but
that
might
this
might
not
have
been
my
my
my
intention
of
time,
but
it
doesn't
look
like
a
lot
of
tsc
members
are
engaged
in
that
one.
B
It
looks
like
only
I
have
said
anything
or
left
a
reaction
of
any
kind
or
richard
lowry
left
a
reaction
to
so
just
something
to
be
aware
of,
and
also
you
know
it's
it's
another
action
we
need
to
install.
A
People
will
be
aware,
and
basically,
if
you
have
any
concerns,
please
raise
an
issue.
Otherwise
also
would
be
good
to
have
some
positive
feedback,
but
otherwise
nothing
specific
to
decide.
B
A
Okay,
great,
so
I
think
that
that
takes
us
to
the
end
of
the
issues.
I'd
suggest
we
skip
the
strategic
initiatives
today
because
we
do
want
to
reserve
a
bit
of
time
for
a
private
session.
So
if
anybody,
unless
anybody.
A
About
that,
let's
close
out
our
public
session.