doc: add meeting minutes for 2022-11-10

meetings/2022-11-10.md

@@ -0,0 +1,53 @@
+# Node.js  Security WorkGroup Meeting 2022-11-10
+
+## Links
+
+* **Recording**:  https://www.youtube.com/watch?v=EgCFIDSXUsM&ab_channel=node.js
+* **GitHub Issue**: https://github.com/nodejs/security-wg/issues/841
+* **Minutes Google Doc**: https://docs.google.com/document/d/1TDpVD4Bim9KSGWjySKM_PLnZ_ax1FQh8mFEmyahW7cY/edit
+
+## Present
+
+* Security wg team: @nodejs/security-wg
+* Rafael Gonzaga: @RafaelGSS
+* Ulises Gascon: @ulisesGascon
+* Yagiz Nizipli: @anonrig
+* Michael Dawson: @mhdawson
+
+## Agenda
+
+## Announcements
+
+*Extracted from **security-wg-agenda** labelled issues and pull requests from the **nodejs org** prior to the meeting.
+
+- [X] Vulnerability Review - https://github.com/nodejs/nodejs-dependency-vuln-assessments/issues
+We had discussions about running this workflow recursively on `npm` dependencies such as `minimist`.
+Consensus to recursively approach and revisit it if needed.
+
+### nodejs/security-wg
+
+* Best Practices Document [#819](https://github.com/nodejs/security-wg/issues/819)
+  * Closing as concluded.
+
+* Threat Model [#799](https://github.com/nodejs/security-wg/issues/799)
+  * PR Open
+  * Waiting TSC review. No objections so far.
+
+* Permission Model [#791](https://github.com/nodejs/security-wg/issues/791)
+  * No progress from the last meeting.
+
+* feature request for `require.pure(id)` or `pkg.pure:true` [#467](https://github.com/nodejs/security-wg/issues/467)
+  * Rafael commented on the issue: 
+* It seems a feature request, feel free to join the Security WG to share your point of view.
+* Removed from the agenda.
+
+* Rafael will create a new issue to discuss new initiatives for the Node.js Security WG. It will be used as a brainstorming and will be reviewed during the next meeting.
+
+## Q&A, Other
+
+## Upcoming Meetings
+
+* **Node.js Project Calendar**: <https://nodejs.org/calendar>
+
+Click `+GoogleCalendar` at the bottom right to add to your own Google calendar.
+