-
Notifications
You must be signed in to change notification settings - Fork 0
Commit
This commit does not belong to any branch on this repository, and may belong to a fork outside of the repository.
doc: add minutes for meeting 2023-02-09 (#826)
Co-authored-by: Richard Lau <[email protected]>
- Loading branch information
1 parent
b61fed1
commit 3ee35a2
Showing
1 changed file
with
55 additions
and
0 deletions.
There are no files selected for viewing
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| Original file line number | Diff line number | Diff line change |
|---|---|---|
| @@ -0,0 +1,55 @@ | ||
| # Node.js Release WorkGroup Meeting 2023-02-09 | ||
|
|
||
| ## Links | ||
|
|
||
| * **Recording**: https://youtu.be/AARWf6wInDc | ||
| * **GitHub Issue**: https://github.com/nodejs/Release/issues/823 | ||
| * **Minutes Google Doc**: https://docs.google.com/document/d/1Sd4yneHzM_vjegIF6Sp7-HPUg_97CgHJ22n5kD661ro | ||
|
|
||
| ## Present | ||
|
|
||
| * Rafael Gonzaga: (@RafaelGSS) | ||
| * Richard Lau (@richardlau) | ||
| * Juan Arboleda (@juanarbol) | ||
| * Ruy Adorno (@ruyadorno) | ||
| * Beth Griggs (@BethGriggs) | ||
| * Michaël Zasso (@targos) | ||
|
|
||
| ## Agenda | ||
|
|
||
| ## Announcements | ||
|
|
||
| * Richard: Security releases coming up next week, ref: https://nodejs.org/en/blog/vulnerability/february-2023-security-releases/ | ||
| * Rafael working on a node-core-utils command to automate security releases, ref: https://github.com/nodejs/node-core-utils/pull/665 | ||
|
|
||
| ### nodejs/Release | ||
|
|
||
| * Confusion around semver-minor commits [#820](https://github.com/nodejs/Release/issues/820) | ||
| * Clarify that from the releasers point of view every semver-minor commit is picked up as a notable-change unless stated otherwise | ||
| * Beth proposed a new bot that would comment and ask for a write-up when the notable-change label is added to a PR | ||
| * Plans for npm 9 [#778](https://github.com/nodejs/Release/issues/778) | ||
| * Let's try to chat with the npm cli team to align on future updates | ||
| * Release plan - v19.x Current [#793](https://github.com/nodejs/Release/issues/793) | ||
| * Postponing the next v19.x release since a new Security Release is scheduled for next week | ||
| * Release plan - v18.x Active LTS [#737](https://github.com/nodejs/Release/issues/737) | ||
| * Juan signed up for a v18.x release later this month | ||
| * Release plan - v16.x Maintenance [#658](https://github.com/nodejs/Release/issues/658) | ||
| * Aim for a march release, there's already a Security Release coming out this month | ||
| * Release plan - v14.x Maintenance LTS [#567](https://github.com/nodejs/Release/issues/567) | ||
| * Aiming for a tentive last release in march before it goes EOL | ||
|
|
||
| ### nodejs/release-keys | ||
|
|
||
| * v18 and v19 are signed by a public key not captured in this keyring [#21](https://github.com/nodejs/release-keys/issues/21) | ||
|
|
||
| ### nodejs/nodejs-dependency-vuln-assessments | ||
|
|
||
| * CVE-2022-3517 (npm) found on v14.x (Manual) [#88](https://github.com/nodejs/nodejs-dependency-vuln-assessments/issues/88) | ||
| * The npm update that fixes these issues should be going out as part of the next week Security Release | ||
|
|
||
| ## Upcoming Meetings | ||
|
|
||
| * **Node.js Project Calendar**: <https://nodejs.org/calendar> | ||
|
|
||
| Click `+GoogleCalendar` at the bottom right to add to your own Google calendar. | ||
|
|