bnoordhuis
commented
7 years ago I'm removing the ctc-review label. If you think this should be on the agenda, please add it (or close the issue if appropriate.)
Closed mhdawson closed 7 years ago
bnoordhuis
commented
7 years ago I'm removing the ctc-review label. If you think this should be on the agenda, please add it (or close the issue if appropriate.)
jasnell
commented
7 years ago I've been thinking more and more that the the @nodejs/security team needs to be a formal working group with a bit more governance around it. Right now, the team is rather informal and questions of who should be there seem to pop up often enough that we really ought to have something a bit more defined. I know there was talk about a security working group around the Node.js Security Project coming into the foundation, but that is fundamentally a different thing and we should not conflate the two.
Trott
commented
7 years ago I know there was talk about a security working group around the Node.js Security Project coming into the foundation, but that is fundamentally a different thing and we should not conflate the two.
@jasnell First order of business is probably figuring out how to name the two things that should not be conflated in such a way that they don't get conflated.
Trott
commented
7 years ago I think this conversation is now happening elsewhere. If not, it probably should be. But this repo is obsolete so I'm going to close this. Thanks.
There is discussion about who should be org owners under: 125
Part of the discussion is around access to the security repo.
In the last TSC meeting (minutes- https://github.com/nodejs/TSC/pull/238) we decided we needed input from the CTC as to who should have access to the security repo.
Options might include
Some combination of the above or something completely different.
thoughts ?