Planning for Kick-Off #2
Comments
|
Ok, looks like 12pm on Tuesday is the most popular. I don't see a vote from @darcyclarke, also I realized I didn't directly mention him but he linked to this issue, so I am assuming that will work. @rginn & @mhdawson, I don't think I can add to the OpenJs calendar, could one of you add this event? Everyone else before then: feedback on the proposed agenda? |
|
@wesleytodd, we'll need to use a different zoom (there are both Node and OpenJS meetings running at the same time). If you can provide a link I'll add a calendar entry |
|
@lirantal FYI as you sounded interesting in participating in this as well. |
|
I think the consensus is that we will record and upload this. Additionally, we should plan to pick our recurring time so that it does not conflict with OpenJS and Node project meetings if we can. |
|
Inbox was swamped and I missed the notification on this but @naugtur was kind to DM me. For the future, looks like the Monday 7am PST is tied with the 12pm Tuesday PST. The former is more inclusive for me to attend, maybe we can alternate between the two options to make it inclusive for everyone? |
|
Added to calendar, and here is zoom we can use - https://zoom.us/j/96406901264 (from Community Committee account) |
|
This thread says 12PST, the calendar event I see is set to 9PST - which one is correct? |
|
12 PST is the intended time. @mhdawson did you by chance read this as EST? In case folks land on here, 12pst is the official time (converted times). |
|
Sorry my mistake. Will move in the calendar. |
|
Ok, moved to 12 PST, sorry about that. |
|
I have a last minute conflict and won't be able to join. Will the meeting be recorded? |
|
Yes we will be recording and we will also post a recap of what next steps are as well. |
|
Folks, the current geopolitical situation has escalated here dramatically so I won't be able to jump on the call. Was looking forward to it and seeing all of your wonderful humans again but I'd need to settle for the recording and catch you all next time. Be safe and well ❤️ |
|
Totally understandable @lirantal! You be safe and we will catch up with you after things calm down. We are all wishing you and your family the best! |
|
Just to share this context with everyone (assuming only @darcyclarke and I got this email):
Redacted some of the other instructions, but I think these are the important parts. Also, there is a Q&A we should do, here is the excerpt from that email:
|
|
Uploaded recording here: https://youtu.be/KbGA-_wMtrg |
|
Thanks for recording folks! Finally watched it. Overall, it seems a lot of the discussion was about "solving the problem" but to me at least it isn't clear that we have stated out what the problem actually is. Perhaps it is worth setting those problem areas as general guidelines? The rest of the session was about producing a recorded session for OpenJS World. |
|
@lirantal very much yes. This is a collab space, not a coding project, so the intention is to figure out the scope of the problem and define it well by getting input from many sources. BTW, im kinda out of character here because I don't have a lot of input to figuring out the problem boundary, I'm here to solutionize. |
|
@lirantal from https://github.com/openjs-foundation/pkg-vuln-collab-space#mission-statement This is the highest level overview of the problem: Today maintainers deal with a significant influx of issues, PRs (re. updating dependencies) & broader comms when a new CVE is reported on a popular library in our ecosystem. Many of these are being considered "false positives" from an impact/vulnerability perspective. This level of noise creates distrust in the relationships between security companies/researchers, maintainers, & the collective end-users/consumers. |
|
Ahh yes, let's fix that 🤗 |
To get the collab space kicked off, we are going to be running a session at OpenJS World 2021. To get this planned, we would like to do a session sometime early next week. Our proposed agenda (open for discussion to make sure we cover the most important things):
To make sure the most folks who want to participate can attend we thought we would open up a short vote. All times are PST.
Monday May 10th
Tuesday May 10th
Vote for as many as you can attend and we will choose the best time (with the added restriction that both @darcyclarke and I can attend as the champions). We will leave this open until Friday, so get your votes in if you would like to attend.
cc @pkg-vuln-collab-space (looks like this doesn't work yet?)
@naugtur @boneskull @mhdawson @dominykas @ljharb @MarcinHoppe @rginn
The text was updated successfully, but these errors were encountered: