Open Source Maintainers Meeting 2023-02-09
Linksβ
Presentβ
Use github alias
- Admins team: @onebeyond/admins
- Maintainers team: @onebeyond/maintainers
- Ulises Gascon: @ulisesGascon
- ΓΓ±igo MarquΓnez Prado: @inigomarquinez
Announcementsβ
- We are streaming on Youtube!
- Changed repo name from admin to maintainers
- Rollback to the previous logo
Agendaβ
Repo template as baselineβ
- See #1
- New metafile had been added
SECURITY.md
Prototype Pollution in JSON5 via Parse Methodβ
- See #21
- No progress on this.
- Not very urgent as it's low risk
Create a secrets management repositoryβ
- See #30
- Created a private repo by Ulises in the other organization
Repos with NPM version mismatchβ
- See #29
- Serrano solved one π
- Ulises and ΓΓ±igo working on some others
- Potential deprecation of some packages (7 years without maintenance)
Missing NPM Package publication permissionsβ
- See #28
- Pending to contact current owners of some npm packages to be able to deprecate them (anyway we can publish new releases in onebeyond org)
Unify licenses in Repositoriesβ
- See #27
- PRs are still pending
OpenSSF Scorecard implementationβ
- See #41
- Not a fantastic score right now.
- Detailed issue explaining the topic with actionable items (lead by Ulises)
- We made some testing with systemic-knex scoring, there is an issue to sign the projects (https://github.com/ossf/scorecard/issues/2639)
- This checks will cover many topics as Code reviews, enforcing rules, etc...
Initiatives for 2023β
- See #20
- Start the discussion asynchorniuasly
Q&A, Otherβ
- Ulises will love to have a separate discussion for Systemic Ecosystem
- table with compatibilities (systemic version - nodejs version - wrapped tool version)
- Carlos will love to propose the creations of an engineering guidelines for open source projects
- CONTRIBUTING.md + separate document + include in baseline repo
- Betis started a discussion about open sourcing internal products like mood tool, gratitude, project review tool... (Ulises will check internally)
Upcoming Meetingsβ
- In two weeks!