Create 2023-11-07.md

rcthomas · web-flow · commit e0fc7bb42556 · 2024-01-22T08:54:32.000-08:00
Add 2023-11-07 notes
diff --git a/meetings/2023-11-07.md b/meetings/2023-11-07.md
@@ -0,0 +1,35 @@
+# Jupyter Security Bi-weekly Meeting
+
+## November 7, 2023
+
+| Name               | affiliation| username     |
+| -------------------| -----------|--------------|
+| Rick Wagner        | UCSD       | @rpwagner    |
+| Joe Lucas          | NVIDIA     | @josephtlucas|
+| Rosio Reyes        | Anaconda   | @RRosio      |
+| Matthias Bussonnier| Quansight  | @Carreau     |
+| David Qiu          | AWS        | @dlqqq       |
+| Rollin Thomas      | NERSC      | @rcthomas   |
+
+
+- Security reports directly on Jupyter/Security
+- HECVAT and alike report:
+    - See
+    https://github.com/jupyter/jupyter.github.io/pull/743/files#commit-suggestions
+    - URL: https://library.educause.edu/resources/2020/4/higher-education-community-vendor-assessment-toolkit
+    - Attorneys at the NSF summit 
+        - who is the legal entity, do they have attorneys.
+    - Have both an FAQ, and a Document (pdf) signed by numfocus. 
+
+- Opened an [issue (docs-team-compass#22)](https://github.com/jupyter/docs-team-compass/issues/22) for security documentation in the Documentation repo
+
+- David to contribute JupyterLab documentation on developing JupyterLab extensions.
+  - David: I can get started on this in a few weeks, with a draft PR by early December.
+  
+- Security documentation to be added to jupyter.org/security
+  - Source: https://github.com/jupyter/jupyter.github.io
+  - Can we have exclusive permissions to edit the "Security" page?
+  - David's proposed process: We open changes as a draft PR, get feedback from everybody security, then open for review and ping somebody to merge the PR
+  
+  
+Matthias suggest a small read later: http://thecodelesscode.com/case/215
