Security-wg: Is the WG meeting during the collaboration Summit next friday?

Created on 27 Sep 2017  路  10Comments  路  Source: nodejs/security-wg

Are we going to have anything during the un-conference portion of Node Interactive next week?

All 10 comments

I think we should. Who will be there? I will be, so will @mhdawson and @gibfahn and @jasnell . Who else?

@bengl and I will be there too.

I plan on it as well - just checking to see if I should stay on through Friday, and it looks like that would be a good idea

It looks like there is only 1.5 hours on Friday for Working Sessions. How long do you think we should meet for? Is half an hour enough? Or should it be an hour?

Do we need an agenda?

@jasnell I'm not sure if we should PR our timeslot into https://github.com/nodejs/summit/blob/master/2017-10/agenda.md#2017-10-06-day-one, what do you think?

I should be there :)

@sam-github would be awesome if you could PR your timeslot into the agenda there. Not sure if it'll be open or closed door to WG members (Friday has a more open, public general invitation to attendees). Would be stellar if you could also link this issue from your PR to let those who are looking at nodejs/summit know that there's a discussion about the Security WG meeting 馃

I think its too hard to suggest a time when I don't know how much time we would need, and we don't know what the other WG meetings are. There will be a discussion at the Plenary before the working group sessions to allocate rooms and time slots, lets figure it out there.

In terms of agenda/discussion items, here are some suggestions

  • list of specific goals in the next 12 months (for example, improve security reporting/disclosure process, making NSP data available for consumption, adding static analysis to the CI, etc.)
  • discuss what it takes to get each of those goals done, who will be involved in doing them
  • outside of some of the specific tactical projects we have talked about, what roll we see for the WG and how we will make that a reality

I have to return to Seattle a bit earlier than expected, so I'll miss the collaborator summit. I'll catch up on the details here and in our meeting next week. In the mean time I'll get our fuzzing team to check out the http module, socket module, and poke around for any file parsers in the native modules (images, json, etc.) that look like good candidates. It was a pleasure to meet you all in person

Closing as it is resolved

Was this page helpful?
0 / 5 - 0 ratings

Related issues

sam-github picture sam-github  路  41Comments

drifkin picture drifkin  路  44Comments

mralekzandr picture mralekzandr  路  24Comments

MarcinHoppe picture MarcinHoppe  路  38Comments

codepilot picture codepilot  路  50Comments