-
Notifications
You must be signed in to change notification settings - Fork 18
Commit
This commit does not belong to any branch on this repository, and may belong to a fork outside of the repository.
- Loading branch information
1 parent
d5d7caf
commit 74ad944
Showing
1 changed file
with
43 additions
and
0 deletions.
There are no files selected for viewing
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,43 @@ | ||
# SRT meeting 2024-10-02 | ||
|
||
Previously: https://github.com/haskell/security-advisories/blob/main/meeting-notes/2024-09-04.md | ||
|
||
## Quarterly report | ||
|
||
Fraser will draft this weekend, and send to list for review. | ||
|
||
## New SRT members | ||
|
||
Application period closed. There were 4 applications. | ||
Fraser will compile them and share in the coming days. | ||
|
||
## Hacktoberfest (GitHub) | ||
|
||
- Hécate asks us to put forward some issues. | ||
- `good-first-issue` (or similar) label? | ||
- Let's review the open issues and discuss on-list, then share with Hécate. | ||
|
||
## Hackage packages release | ||
|
||
- Downstream (`cabal-audit`, `flora`) ask for it (the new `hsec-sync` does not rely on `git`) | ||
- Too much work left to be done on `CVSS 4.0`, it'll be shipped in the next release | ||
|
||
## Trusted publishing and fuzzing | ||
|
||
- Mihai still to do this prep/proposal. | ||
|
||
## Prospectus | ||
|
||
- Prospectus of ideas for SRT (or other people working on Haskell security) | ||
will be valuable for HF in asking for funding. | ||
- So, we need to put it together :) | ||
|
||
## GHC 9.10 support in tools/libs | ||
|
||
- Still waiting on `feed` which does not support base-4.20. | ||
- Probably need to nudge Hackage trustees for a metadata revision. | ||
|
||
## Outstanding PR review | ||
|
||
- We went through the outstanding PRs in our repo; discussed | ||
what to do with them. |