-
As part of our collaboration with OpenSSF, TAG Security members have been aiding in the design of the [Open Source Project Security Baseline](https://github.com/ossf/security-baseline).
As the Basel…
-
I was talking with @marco-ippolito and we were discussing having ways for people to know when they are using an insecure version of Node.js. Instead of having a flag (https://github.com/nodejs/securit…
-
## Time
**UTC Thu 21-Nov-2024 15:00 (03:00 PM)**:
| Timezone | Date/Time |
|---------------|-----------------------|
| US / Pacific | Thu 21-Nov-2024 07:00 (07:00 AM) |
| US / Mou…
-
As a security team member, while triaging I want to know what a derivation is about, and for that I need to at least see the short description string right in the suggestion.
Blocked by:
- https:/…
-
As a member of the security team or a package maintainer, I want to be able to search for a particular CVE.
- [ ] Show matching packages if a CVE is not triaged
- [ ] Show linked security records …
-
As a security team member, I want to assess the severity of a CVE at a glance, and be able to inspect it in more detail.
Depends on:
- https://github.com/Nix-Security-WG/nix-security-tracker/issue…
-
### Describe your issue
Tracker for 1.10 @rimolive @kimwnasptd
Follow up of https://github.com/kubeflow/manifests/issues/2598 and https://github.com/kubeflow/manifests/issues/2592
We are looki…
-
### Motivation
The addition of per-client route configuration directly in the WG-Easy frontend would enable more efficient and secure management of VPN clients. Currently, applying custom routes requi…
-
## Date
_Tues_ 23 July 2024 - _10am_ EST / _time_ UK
## Untracked attendees
| Name | Firm | Comment |
| :--- | :--- | :------ |
## Meeting notices
- FINOS **Project leads** are responsib…
-
Several security updates have been made since version 4.16.0 of Express, it would be good to update this information.
page: https://expressjs.com/en/advanced/security-updates
cc: @expressjs/secu…