meeting notes: 2024-10-02

meeting-notes/2024-10-02.md

@@ -0,0 +1,43 @@
+# SRT meeting 2024-10-02
+
+Previously: https://github.com/haskell/security-advisories/blob/main/meeting-notes/2024-09-04.md
+
+## Quarterly report
+
+Fraser will draft this weekend, and send to list for review.
+
+## New SRT members
+
+Application period closed.  There were 4 applications.
+Fraser will compile them and share in the coming days.
+
+## Hacktoberfest (GitHub)
+
+- Hécate asks us to put forward some issues.
+- `good-first-issue` (or similar) label?
+- Let's review the open issues and discuss on-list, then share with Hécate.
+
+## Hackage packages release
+
+- Downstream (`cabal-audit`, `flora`) ask for it (the new `hsec-sync` does not rely on `git`)
+- Too much work left to be done on `CVSS 4.0`, it'll be shipped in the next release
+
+## Trusted publishing and fuzzing
+
+- Mihai still to do this prep/proposal.
+
+## Prospectus
+
+- Prospectus of ideas for SRT (or other people working on Haskell security)
+  will be valuable for HF in asking for funding.
+- So, we need to put it together :)
+
+## GHC 9.10 support in tools/libs
+
+- Still waiting on `feed` which does not support base-4.20.
+- Probably need to nudge Hackage trustees for a metadata revision.
+
+## Outstanding PR review
+
+- We went through the outstanding PRs in our repo; discussed
+  what to do with them.