►
Description
Meeting notes: https://docs.google.com/document/d/1ttqkcYPmYZyqvtkaHs92bx2UeVUiXDhuzP-0WbP11Fw/edit#heading=h.7o2ubzl5z39r
B
A
Yeah
no
I'm
sat
in
the
slack
that
he
actually
couldn't
make
this
time,
so
he
requested
that
we
set
up
something
on
Monday
but
unfortunately
Monday's
a
holiday.
For
me,
we're
completely
like
yeah
messed
around
I,
mean
I,
think
yeah
Monday's,
a
holiday
okay,
so
so
I
suggest
that
we
just
keep
the
we
we
work
on
this
PR
you
and
me
over,
like
let's
take
a
look
and
review
it
and
and
land
it
today.
Right.
B
B
A
B
A
Indicate
applicability
for
of
those
things,
but
the
but
they're
not
linked
to
anything
and
I
was
wondering,
is
you're.
Thinking
that
we
should
provide
additional
The
Next
Step
might
be
to
provide
additional
new
best
practice
Pages
for
each
one
of
those
items,
with
a
little
bit
more
detail
on
each
on
each
one.
B
A
B
B
So
so
your
first
question
is
here
right
because
even
before
that
we
did
have
like
bullet
points
for
the
operations,
but
we
don't
talk
about
them
a
little
bit
more
and
so
I.
That's
a
question
like:
should
the
docs
be
manually
generated
for
items
that
don't
automatically
come
from
legitify,
so
that
was
one
question
I
had?
It
seems
like
if
you
want
to
maintain
consistency
yeah,
we
should
there's
also
a
couple
of
items
that
seem
like
they
should
come
from
legitified,
but
they
didn't
like
get
lab
things.
I.
B
Sso,
but
it
wasn't
mentioned
so
it
might
just
be
a
pull
request,
a
legitified
site
so
that
they
pull
that
in.
But
let
me
look
at
one
of
the
operations.
Organizational
management
should
be
Consolidated
under
a
central
account.
I
guess
we
could
say
more
about
that
in
a
little
blur,
but
there's
no
like
remediation.
It's
not
like
the
same
yeah.
A
B
A
B
B
B
A
A
The
route
that
we're
on
seems
to
be
that
we
manually
edit
the
the
index
Pages
the
readme
files
and
that
all
of
the
individual
best
practice.
You
know
single
pages
are
regenerated
from
legitified
data
right,
so
as
long
as
so
I
think
that's
doable
and
sustainable,
because
we
want
to
make
this
these
documents
more
readable
and
I.
A
So
as
long
as
that's
okay,
like
I,
guess,
I
guess,
where
I
see
that,
ideally,
we
gnome
puts
into
place
a
mechanism
where
new
single
Pages
like,
if
like
if
they
change
the
page
for
two-factor
authentication
on
GitHub,
because
GitHub
changes
their
configuration.
So
they
need
to
change
how
that
reads.
Then
they
would
regenerate
that
page,
and
it
would
just
ideally
would
generate
a
pull
request
against
the
the
repo
with
just
that
change
in
it,
so
that
we
can
see
we
can.
B
A
I
kind
of
want
to
talk
that,
through
with
gnome,
to
see,
if
that's
possible
for
them,
you
know
I
mean
it's,
it
should
be
possible,
but
it
might
be.
It's
asking
them
to
do
more
work
basically
and
then
so.
I
just
want
to
make
sure
that
it's
okay
with
them
and
then
we
and
then
we
we
take
responsibility
for
the
updates
to
the
to
the
readme
files
rather
than
having
that
generated
out
of
the
out
of
the
thing
yeah.
B
A
A
B
B
B
Yeah,
so
so
those
are
a
couple
of
other
questions
that
I
also
had.
You
know
it
talked
about
integrating
security
tools,
but
does
in
the
intro
there's
like
the
last
line
says
this
we're
going
to
be
discussing
a
bunch
of
topics,
including
integrating
security
tools,
but
I
did
not
see
mention
of
security
tools.
B
And
then
the
only
other
thing
I
had
from
kind
of
like
if
you
go
and
click
on
any
of
the
any
of
the
documents
that
link
to
save
in
the
digital
legitify
automatically
created
Docs,
it's
usually
would
have
something
I
I'll,
just
I'll,
quickly
share
one
quick
screen
so
that
so
you
see
how
it
says.
This
is
an
example
of
a
particular
page
saying
GitHub
actually
runs
are
not
limited,
and
then
it
always
has
this
thing
called
policy
name
and
that's
kind
of
weird.
B
Yes,
we
can
just
tell
them
that
it
might
not
be
and
then
no
no
later
on,
I
know
when
I
was
looking
at
the
legitified
docs.
Quite
a
bit,
I
would
look
at
the
severity
medium
I'll
look
at
like
severity,
high
and
I'll
sort
of
make
a
judgment
call
based
on
what
I
thought
it
was,
and
I
try
to
do
all
the
high
in
the
mediums
and
ignore
the
lows.
All
of
our
all,
of
our
suggestions
always
say
should,
which
I
guess
is.
Okay
should
should
all
over
the
place
which.
B
Okay,
but
some
if
I'm
a
if
I'm,
not
kind
of
like
going
and
running
through
this
in
mind,
I
guess
I
could
Click
on
each
one
of
them
and
make
my
own
judgment
call
which
I
guess
later
on.
We
can
figure
out
whether
we
want
to
talk
about
that,
because
that
was
a
process
that
we
had
to
go
through.
That
I
had
to
go
through
yeah.
A
A
A
B
A
B
A
A
The
the
the
other
thing
that
we
need
to
talk
about
next
week
is:
what
do
we
do
with
these
operations
suggestions,
given
that
we
don't
or
our
operations
recommendations
given
that
they
don't
have
individual
files
should
should
yeah
should
legitimate?
Should
we
can
should
we
recommend
that
legitify
start
to
add
best
practices
around
these
and
you
know,
and
or
should
they
just
live
entirely
within
our
within
our
document,
and
we
put
them
in
a
separate
directory
and
update
them
separately?
A
A
Unfortunately,
the
way
this
works
is
that
they're
all
hot,
linked,
all
the
all
the
logos
are
hot
linked,
but
if
they're,
not
if
they're,
if
they're
not
linked
to
a
specific
best
practice,
it
just
links
to
the
SVG
image,
so
we've
gotta,
we
gotta,
fix
that.
But
it's
not
a
I
I
think
it's
good
to
keep
it
like
this
now
as
a
conversation
tool
to
say,
okay.
Well,
what
do
we
want
to
do
with
this?
If
we
have
recommendations
that
don't
have.
B
A
A
A
A
C
B
C
C
A
C
A
The
ones
that
aren't
are
still
live
as
a
link,
it's
just
that
the
link
points
to
the
image
file.
Okay,
for
some
reason
it
doesn't
matter
it
doesn't
really
matter,
because
this
is
an
interim
step
of
this
documented.
So
this
is
this
is
for
discussion
next
week
and
we
can
figure
out
what
we
want
to
do
with
these.
With
these
items
that
don't
have
Singleton
pages,
but.
A
C
God
has
been
written,
the
audience
is
stated
as
the
maintainers
for
GitHub
repositories,
open
source
program
offices,
which
implies
company,
but
some
of
these
recommendations
right,
they're,
contextual,
like
so.
For
example,
when
you
talk
about
group
membership
should
be
employees
that
would
not
apply.
Of
course,
when
you're
dealing
with
you
know,
Community
Driven,
open
source
projects.
A
C
C
B
B
B
B
And
the
other
thing
that
is
I,
guess
this
Thursday
and
this
Friday
there
are
two
ospo
related
working
groups
within
the
to
do
organization
and
one
of
the
things
I
thought
and
I
thought
even
like
Daniel
had
made
wanted
to
kind
of
like
present
some
of
this
in
front
of
the
end
users
group.
So
do
you
want
to
kind
of
like
go
off
and
just
at
least
give
them
a
higher
level
overview
and
get
initial
input
as
well.