►
Description
The OpenJS Foundation is a member-supported non-profit organization that provides a neutral home for some of the most important project in the JavaScript ecosystem.
Learn more and join us at https://openjsf.org
A
Great
all
right
welcome
everyone
to
another
episode
of
the
open,
Deus
foundation.
Cross-Project
council
meeting
today
is
the
10th
of
March
thanks
everybody
for
joining.
Please
don't
forget
to
add
your
name
to
the
Google
Doc
I
will
paste
that
in
there
again-
and
you
know
as
usual,
you
can
help
take
notes
so
to
get
things
started.
Should
we.
A
B
Quick
announcements,
just
your
reminder
that
we
have
the
collab
summit
planning
meeting
today
immediately
following
this
meeting
at
1:00
p.m.
Eastern
following
that
immediately
is
the
standards
working
group
meeting
at
2:00
p.m.
Eastern
and
then
I
want
to
also
share
that
next
Tuesday
in
the
morning
at
11:30
a.m.
Eastern,
we
are
having
the
marketing
meeting
and,
of
course,
everyone
is
welcome
to
join
that.
We
also
want
to
remind
everyone
that
the
summit
registrations
and
the
open
Jas
world
registrations
are
open,
encourage
you
to
get
those
in
and
also
book
your
hotel
as
soon
as
possible.
B
A
C
Hey
this
is
Robin
yeah
I
mean
we
are
very,
very
concerned
about
the
corona
virus
and
are
monitoring
it
closely
with
our
friends
at
the
Linux
Foundation.
So
for
the
latest
information,
if
you
go
to
the
open,
Jas
world
event,
website
you'll
find
right
in
the
banner
underneath
the
open,
J's
world
logo,
novel
coronavirus,
update
and
that's
updated
weekly,
if
not
more
so,
you
can
see
the
status
but
right
now
we're
moving
forward
as
planned
and
everything
is
on
track.
C
A
C
A
E
I
think
I
mean
the
the
public
board
meeting
was
streamed.
Yesterday
there
was
some
details
on
the
project
directed
funding,
which
we
have
an
issue
to
cover
later
on,
so
I
think
we
can
cover
it
under
that
great
otherwise.
You
know
I
gave
an
update
on
you
know
a
number
of
the
CPC
things,
but
those
for
all
things
were
update,
up-to-date
on
us
as
well
cool
cool.
A
Alright,
so
jumping
into
agenda.
The
first
item
on
the
agenda
is
the
travel
fund,
questions
for
project
community
members.
I
am
assuming
that
there's
really
nothing
new
here.
What
we're
hoping
for
is
that
somebody
will
take
these
what's
written
here
and
work
it
into
a
PR,
and
then
we
can
kind
of
continue
any
conversation
there
update
the
documentation
around
the
travel
fund.
This
is
a
really
good
first
issue.
If
anybody
wants
to
get
involved,
I.
B
E
A
A
B
Wasn't
able
to
make
it
today
I'll
just
share
that
we've
sent
that
survey
out.
We
had
a
few
responses.
Of
course
we
want
to
leave
that
open
a
few
more
days
and
make
sure
we
get
a
good.
You
know
response
for
it,
but
but
any
questions
or
any
you
know,
needs
on
that.
Just
let
Brian
or
myself
I
guess:
Michael
Dawson.
You
know
great.
F
Have
a
question
about
that
or
kind
of
tangential
so
for
web
cam
we
don't
have
an
installer,
but
we
have
like
several
venues
to
polish.
We
have
the
IDS
code
extends
you
know.
We
also
have
the
the
browser.
Extensions
I
think
it
will
be
good
to
have
someone
or
an
email
from
the
from
different
days.
You
know
something
like
that.
You
release
the
bus
factor
in
case
something
happens.
So
it's
not
something
that
should
be
completed
also
in
in
these
or
related
when.
F
So
it
depends
on
the
system.
Sometimes
it's
like
there
is
only
one
email
account
that
can
publish,
so
we
are
using
like
a
distribution
email.
Some
others
is
like
we
can
have
like
several
administrators.
So
it's
it
depends
on
on
the
system
if
it's
like
for
the
Firefox
extension
or
if
it's
BS
code
or
or
whatever
body
I,
think
that
way
we've
got
some
prompts
in
the
past
where
someone
was
on
vacation
and
we
didn't.
F
We
need
to
do
a
release
and
we
couldn't
make
it
and
right
now
we
have
something
that
kind
of,
but
maybe
we'll
be
also
good
to
have
someone
from
or
an
email
or
someone
from
there
from
the
years
from
visioning
in
case
something
happens
to
the
whole
game.
Like
you
know,
train
really
is
a
bus
factor
is.
E
F
E
D
F
A
E
A
A
Which
is
so
for
88,
you
know
nomination
soft
for
2020
2021
voting,
CPC
membership,
we're
looking
for
folks
to
self
nominate
and
they
can
do
so
by
emailing
me.
There's
a
you
know
more
details
and
information
here
and
then
also
you
know,
I
know
that
we've
started
to
reach
out
to
folks
in
the
node
projects,
both
on
the
PSC
and
I'm,
not
sure
attorney
if
we've
gotten
something
on
compchomp
side
yet,
but
we're
moving
forward
on
the
north
space,
we
yeah
there's
a
secure
perfect.
Thank
you
to
me.
So
you
know
there's
there's
progress
here.
A
A
C
A
H
So
I
have
a
bit
more
time
this
week
to
handle
this
and
it's
something
that
I
actually
need
to
get
moving.
So
this
one
in
386
but
below,
should
get
my
attention
this
week
and
now
sync
was
Brian
who
reached
out
last
week
when
I
was
in
holidays
that
he
wanted
to
move
that
forward
to
so,
hopefully,
you're
gonna
actually
actually
see
action
on
this.
This
time
great,
you.
A
A
I
So
I
am,
I
opened
the
PR
that
I
think
at
this
point
has
more
questions
than
answers,
but
I
would
love
some
feedback
and
the
primary
question
that
came
to
my
mind
when
I
was
writing.
All
of
those
things
up
is
like
how
I
would
love
some
feedback
like
how
much
support
and
guidance
are
we
in
a
position
to
offer
to
individual
projects
as
a
foundation
or
and
on
the
other
side
of
the
scale
like?
I
How
much
do
we
expect
the
projects
to
be
handling
themselves
right,
I
think,
there's
a
there's,
a
spectrum
of
possible
options
there.
There
are
some
projects
that
have
very
mature,
responsible
security
processes
and
and
way
to
accept
reports,
and
there
are
projects
that
don't
and
the
primary
goal
here
would
be
to
bring
everyone
to
like
a
minimum
moon
consistent
standard,
and
we
could
we
could
iterate
from
there,
but
right
now
it
would
be.
It
would
be
awesome
to
get
broader
feedback
on
this
PR
I
will
post
a
request
for
four
more
comments
in
mende
foundation.
A
I
would
even
say
you
know
you
may
want
to
post
those
questions
individually
into
the
PR
if
it
makes
sense
into
the
actual.
If
there's
somewhere
in
the
code,
and
then
we
can,
you
know,
have
a
bit
of
a
conversation
there
as
well.
That's
a
good
place
to
track
some
of
these
thoughts,
and
the
good
thing
is.
This
is
a
proposal.
So
when
it's
stage
zero,
we
can
certainly
kind
of
move
forward
on
things
and
continue
the
conversation
another
stage
or
so
yes,.
E
My
initial
thought
would
be
like
what
kind
of
education
and
resources
can
we
provide
to
let
the
project
help
themselves
and
then
out
of
that,
if
there's
like
common,
tooling
or
things
like
you
know,
things
that
are
going
to
be
significantly
easier
for
the
foundation
to
manage,
like
you
know,
we're
talking,
let's
say
the
certificate
registrations
and
stuff
like
that.
If
there
are
things
that
fall
into
those
categories,
gonna
try
and
keep
our
eyes
open
for
that.
I
A
J
I
was
just
wondering
I
guess
some
people
their
first
exposure
to
the
responsible
disclosure
process
is
when
they
actually
realize
they
need
Incident,
Response
help
and
sometimes
being
very
upfront
as
to
kind
of
the
limits
of
how
much
help
we
can
provide
on
the
incident
response
front
avoids
you
know,
kind
of
unbeatable
expectations.
Is
there?
Is
there
some
way
we
could?
J
E
E
J
J
Yeah
you
know
like,
though,
when
you
know
it's
kind
of
the
worst
way
to
do
incident
responses
when
you're
stressed
and
you
don't
have
a
playbook,
and
so
you
know
that
tends
to
lead
to
overreaction,
but
that's
exactly
how
people
feel
if
this
is
the
first
time
they've
done
Incident
Response,
you
know
it's
kind
of.
Oh,
my
god,
you
know
I'm
under
attack.
Something
I
thought
about
my
code
is
is,
is
simply
not
true,
and
you
know,
and.
J
I
J
I
C
E
E
Response
is
another
there's
probably
we
should
probably
come
up
with
a
list
yeah
and
I.
Guess
the
questions
that's
coming
to
mind.
Do
we
think
that
we,
you
know,
like
you
know,
Mike
Samuel?
Do
you
think
that
we
should
be
looking
now
to
sort
of
form
a
group
across
the
projects
to
talk
about
what
those
that
list
is
and.
J
Guess
is
this
a
question
you
know,
III
think
that
Jordan
is
is
right,
that
this
is
a
shared
concern
and
that
it
has
the
potential
to
be,
though,
how
projects
handle
incidences,
has
a
potential
to
reflect
on
the
open,
J's
foundation,
and
we
do
have
some
resources.
But
maybe
this
is
a
question.
That's
best
kind
of
put
to
project
leads
as
to
what
they
could
use
in
short-term
and
what
they
could
use
in
the
long
term.
E
Right
I
was
just
exploring
like
we've
had
discussions,
whether
we
should
you
know
spin
up
a
security,
like
you
know,
a
security
working
group
or
security
team
to
start
discussing
some
of
these
issues.
This
is
you
know.
The
security
reporting
guidelines
are
a
great
start,
but
you
just
mentioned
you
know
there
are
some
other
things
we
should
probably
be
discussing.
J
That
I
would
be
happy
to
I
would
be
happy
to
contribute
to
such
a
group
and
and
I
think
yeah.
Maybe
it
is,
you
know
there
is
a
cluster
of
related
concept.
Things
like
reporting
incident
response
that
that
you
know
kind
of
people
tend
to
have
a
little
bit
of
expertise
in
both
of
them
or
none
of
it.
Okay,.
E
A
Cool
anything
more
on
this
one,
all
right.
Well,
thanks
again
for
everybody
being
involved
in
in
moving
forward.
The
next
issue
on
the
agenda
is
185.
This
is
a
data
and
policy.
Doc's
I
opened
up
a
polar
quest.
Let's
see
where's
its
pull
request
for
for
three.
A
couple
of
folks
have
chipped
in
to
kind
of
push
this
one
forward
with
me.
I,
don't
think
there
are
any
outstanding
questions.
A
A
I
just
want
to
make
sure
there
was
awareness
to
of
it
yeah,
so
yeah
I
would
be
happy
to
merge
this
in
at
some
point
soon.
I'll
leave
it
open
for
a
little
bit
longer,
but
if
folks
want
to
take
a
look
at
it
and
just
double
check
that
everything
looks
good,
that
would
be
great
and
Mike
Samuel
and
Ben
Mitchell.
We
have
a
little
bit
of
a
conversation
here,
but
I
think
it's
it's
resolved,
but
if
you
want
to
just
double
check
it,
that'd
be
cool
and
I'll,
merge
it
soon
and
then
we'll
have.
A
A
E
E
C
C
E
C
Yeah,
so
the
board
just
recently
approved
the
policy
accepting
directed
funds,
so
it
reads:
open
Jas
foundation
members
who
are
currently
on
their
annual
dues
may
contribute
additional
amounts
of
incremental
monetary
funding
to
specific
open
Jas
initiatives
such
as
roads
shows
CPC
activities
or
project
infrastructure.
Directed
monetary
funding.
C
Activities
must
be
approved
by
the
open,
Jas
executive
director
and
are
subject
to
the
following
limits:
Platinum
members,
there's
no
cap
on
directed
monetary
funds,
Gold
members
are
capped
at
50%
of
annual
dues
amounts
and
silver
members
are
capped
at
25
percent
of
annual
dues
amounts
and
the
IDI
which
is
in
the
board.
Actually,
the
board
may
approve
exceptions
on
a
case-by-case
basis,
so
that
was
just
recently
approved
so.
E
Some
of
the
rationale
is,
you
know:
there's
been
discussions
in
the
past
that
you
know
you
don't
necessarily
want
companies
only
funding
a
particular
project,
so
this
this
is
an
increment
over
the
base.
Fees
you
know
makes
makes
ensures
that
we
still
have
funding
for
all
of
the
projects
while,
allowing
you
know,
companies
to
go
and
above
and
beyond,
when
it
makes
sense
to,
you
know,
contribute
direct
dollars
as
well
to
a
project.
E
Through
this
mechanism
right
so
this
is
a
this
is
this
is
put
as
a
member
benefit,
and
so,
if
you
remember
you
can
contribute
the
dollars
will
flow
through
the
foundation.
The
foundation
will
help
manage
them.
The
other
part
is
that
around
you
know,
directed
funding
has
more
to
do
with
you
know.
You
know
the
crowd,
sourcing,
platforms
and
stuff
that
one
we're
still
working
through
the
recommendations
that
that
will
be
made
on
that
front.
So
that's
a
different
path
where
dollars
could
be
contributed,
but
this
is
this
is,
for
you
know
you
wanna.
K
A
E
We
believe
that
was
what
amp
and
electron
we're
asking
for
as
well
at
at
one
point:
I'm,
not
sure,
if
that's
still
the
case
through
whence
things
have
been
clarified,
but
it
has
been.
It
has
been
discussed
in
the
past
about
company
saying
well,
you
know
I'm
more
interested
in
funding
one
project
versus
another
yep,
so
this
at.
K
Seems
like
it
overlaps
a
bit
with
the
way
tide.
Lifts
works
as
well,
where
you
like,
give
a
fee
and
your
dependency
graph,
and
then
all
the
trends
of
dependencies
that
you
use
as
well
get
some
of
that
funding
within
the
spirit
of
like
trying
to
make
sure
that
it's
not
just
like
the
projects.
You
know
about
that.
You're
using
is
a
benefit.
It's
also
the
downstream
ones,
and
that
seems
like
like.
K
If
my
project
has
funds,
it
seems
like
I
would
want
to
support
my
dependencies
to
make
sure
that
my
project
continues
to
work
and
that,
like
there
may
be,
only
a
few
projects
with
funds
and
VM
is
certainly
not
one
of
them
but
like.
It
seems
like
a
very
important
thing
to
kind
of
have
a
process
around.
H
H
E
A
A
L
I
can
I
can
shine
in
so
we're
still
waiting
on
the
governance
documentation
to
land
in
this
repo
god.
I've
talked
about
that
last
time,
so
we're
still
blocked
on
that,
and
then
we
have
a
meeting
later
today
and
we
need
to
review
the
copy
that
we
want
to
put
there
about
scope.
So
my
hope
would
be
that,
like
that
scope
duck
can
probably
get
sorted
out
in
today's
meeting
and
then
we
would
be
looking
for.
You
know
that
those
other
docks
to
land
here
before
we
can
really
do
anything
great.
A
A
C
C
C
A
Cool
yeah
I
don't
see
too
much
else
on
pull
requests
or
issues
that
I
feel
like
we
should
bring
up.
So
maybe
we
just
get
back
13
minutes
of
our
day.
We
can
all
go
wash
our
hands
and
be
safe,
great.