Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Open RFC Meeting - Wednesday, June 16, 2021, 2:00 PM EST #399

Closed
5 tasks
darcyclarke opened this issue Jun 16, 2021 · 2 comments
Closed
5 tasks

Open RFC Meeting - Wednesday, June 16, 2021, 2:00 PM EST #399

darcyclarke opened this issue Jun 16, 2021 · 2 comments

Comments

@darcyclarke
Copy link
Contributor

darcyclarke commented Jun 16, 2021

Why?

In our ongoing efforts to better listen to & collaborate with the community, we've started an Open RFC call that helps to move conversations & initiatives forward.

When?

Wednesday, June 16, 2021, 2:00 PM EST

Cadence:
This meeting is scheduled to take place weekly. Previous meeting agendas and notes can be found here

Add to your Calendar:
You follow this & find other npm events by using our public events calendar

What?

All discussions surrounding RFCs are covered by the npm Code of Conduct. Please keep conversations constructive, civil & be mindful of when others are speaking. As is tradition, "raise your hand" when requesting to comment on a topic or request to comment asynchronously within the chat. The npm team may, at its own discretion, moderate, mute &/or remove a person from an Open RFC call for any reason.

Agenda

  1. Housekeeping
    1. Introduction(s)
    2. Code of Conduct Acknowledgement
    3. Outline Intentions & Desired Outcomes
    4. Announcements
  2. Clean up of historically ratified RFCs
    • Determine what items should be moved to withdrawn & the corresponding amendment
  3. Check-in / Progress on Action Items
    • Quick updates on &/or additions to tracking work items
  4. Issue: #398 [RRFC] Top-level command to manage package.json - @ruyadorno
  5. Issue: #390 [RRFC] npm publish should fail when the files is misconfig in package.json
  6. PR: #375 Define which dependencies are shared among workspace projects - @isaacs
  7. PR: #343 RFC: npm workspaces: auto switch context based on cwd - @ruyadorno
  8. PR: #336 RFC for `where` config parameter - @nlf
  9. PR: #392 RFC: group outdated packages by dependency type - @thiagodp
  10. PR: #386 RFC: Add check-installed-peers - @Roaders
  11. PR: #3397 - feat(config): add in-range to npm outdated

Tracking Work / Action Items

Issue: #395 [RRFC] Promote `npm add` to a top-level command

Issue: #371 [RRFC] npm-audit-resolver next-steps

  • @naugtur to make a PR (or issue) against arborist's audit report to indicate direct dependencies in output
  • @naugtur to investigate npm explain --json as means to figure out if a vulnerable path is a dev/optional/bundled dependency
  • @naugtur to create an issue against the CLI to to show the diff information that Arborist provides (@isaacs: should probably always show if --dry-run)

PR: #182 RFC: npm audit licenses

How?

Join Zoom Meeting
https://github.zoom.us/j/94543839461?pwd=S0lwYytLd2tlMVBxTlJGbE5QQlhGUT09

Watch the livestream
https://www.youtube.com/channel/UCK71Wk0I45SLTSXQA23GdIw/videos

Invitees

Please use the following emoji reactions to indicate your availability.

  • 👍 - Attending
  • 👎 - Not attending
  • 😕 - Not sure
@darcyclarke darcyclarke pinned this issue Jun 16, 2021
@naugtur
Copy link

naugtur commented Jun 16, 2021

My status:
Dug up arborist, didn't make much progress, didn't spend a lot of time either.

Optionally, I could use is a tip where to look for info that lets me figure out if an item is a direct dependency. I don't see any obvious candidates in fields in the collection.

@darcyclarke
Copy link
Contributor Author

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Labels
None yet
Projects
None yet
Development

No branches or pull requests

2 participants