Merge pull request #43 from jupyter/2022-08-02-notes

rcthomas · web-flow · commit 46aaea9b97e8 · 2022-12-06T09:28:54.000-08:00
Notes from August 2
diff --git a/meetings/2022-08-02.md b/meetings/2022-08-02.md
@@ -0,0 +1,34 @@
+# Jupyter Security Bi-weekly Meeting
+
+## August 2, 2022
+
+| Name               | affiliation| username         |
+| -------------------| -----------| -----------------|
+| Jason Weill | AWS | @jweill-aws |
+| Rick Wagner        | UCSD       | @rpwagner |
+| Matthias Bussonier |            | @carreau |
+| Rollin Thomas | NERSC | @rcthomas |
+
+- Plan:
+    - Check status at the August
+    - Write another blog post
+    - "Great progress, for the remaning orgs, we will enable on Oct 1"
+    - For users, show redacted email. If you receive this, open an issue or post in Discourse.
+
+- Future items for discussion: 
+    - Can we automatically crawl developer accounts for signs of inactivity
+    - Reproducible package builds
+    - Migrating to PyPI deploy tokens
+        - Will be some coding 
+        - Lots of assumptions like one user one password
+
+It is possible to create a NO-2FA team, and add folks to the team to ping them in a private manner. 
+
+Contact Brian: (out of office this week, will do so on August 8)
+
+- https://github.com/jupyterlab/team-compass/issues/155
+- https://github.com/orgs/jupyterlab/people?page=3&query=two-factor%3Adisabled
+
+Matthias need to find some time to update the security page: 
+
+ - https://github.com/jupyter/jupyter.github.io/pull/696
diff --git a/meetings/README.md b/meetings/README.md
@@ -17,6 +17,7 @@ What this meeting is about:
 
 ## Meeting Minutes
 
+* [2022-08-02](2022-08-02.md)
 * [2022-07-05](2022-07-05.md)
 * [2022-06-07](2022-06-07.md)
 * [2022-05-24](2022-05-24.md)
