|
| 1 | +# Node.js Build WorkGroup Meeting 2025-05-29 |
| 2 | + |
| 3 | +## Links |
| 4 | + |
| 5 | +* **Recording**: <https://www.youtube.com/watch?v=HTVMRyjd-Bk> |
| 6 | +* **GitHub Issue**: <https://github.com/nodejs/build/issues/4086> |
| 7 | + |
| 8 | +## Present |
| 9 | + |
| 10 | +* Michael Dawson (@mhdawson) |
| 11 | +* Milad Farazmand (@miladfarca) |
| 12 | +* Richard Lau (@richardlau) |
| 13 | +* Ryan Aslett (@ryanaslett) |
| 14 | + |
| 15 | +## Agenda |
| 16 | + |
| 17 | +## Announcements |
| 18 | + |
| 19 | +*Extracted from **build-agenda** labelled issues and pull requests from the **nodejs org** prior to the meeting. |
| 20 | + |
| 21 | +### nodejs/build |
| 22 | + |
| 23 | +* Require Physical 2fa for Build WG & Web Infra members [#4063](https://github.com/nodejs/build/issues/4063) |
| 24 | + * Michael, we chatted about it last time |
| 25 | + * Richard, what I remember is that we were going to ask if there were other projects that had |
| 26 | + used it, some discussion in the issue, but references were just for requiring 2FA but not |
| 27 | + necessary hardware which this issue is proposing |
| 28 | + * Ryan can ask if there are still hardware tokens available through Great 2FA effort |
| 29 | + * Sounds like require is too strong, but encourage and recommend does make sense |
| 30 | + * Michael will comment on the issue to that effect |
| 31 | + |
| 32 | +* Potentially transition to 1password for secrets management [#4039](https://github.com/nodejs/build/issues/4039) |
| 33 | + * Ryan opened this up as changing the infra from our current secret repo which has some challenges, hard to track, offboarding is hard to do. |
| 34 | + * This may not solve all issues but the primary value of it would be to have a log of changes. |
| 35 | + * Richard, one aspect is that using 1 password may widen who has access to the secrets (all |
| 36 | + TSC members as owners) so we should make that decision on purpose versus just |
| 37 | + accidentally expanding. |
| 38 | + |
| 39 | +* Transition from Digicert keylocker to Azure Trusted Signing |
| 40 | +[#4036](https://github.com/nodejs/build/issues/4036) |
| 41 | + * keylocker is too expensive. |
| 42 | + * Pull request opened: <https://github.com/nodejs/node/pull/58502> |
| 43 | + |
| 44 | +* Replace Works on Arm machines affected by Equinix Metal sunset (June 2026) [#3975](https://github.com/nodejs/build/issues/3975) |
| 45 | + * Sent a followup and got a response. |
| 46 | + * We can get a replacement and that's all we know at the moment. Not sure about the timeline right now. |
| 47 | + |
| 48 | +* Infrastructure for Orka (2024 and beyond) [#3686](https://github.com/nodejs/build/issues/3686) |
| 49 | + * Should close this issue. Happily running on Orka now. |
| 50 | + * Follow on in <https://github.com/nodejs/build/issues/4083>. |
| 51 | + |
| 52 | +* New Machine requirement: Replacement for Equinix x64 servers [#3597](https://github.com/nodejs/build/issues/3597) |
| 53 | + * There was an outstanding machine, didn't want to touch it due to it being old. |
| 54 | + * Built a new machine under the OpenJS Azure account (Not the Node.js Azure account). It is setup and it works. |
| 55 | + * We can probably remove the load balancer situation. |
| 56 | + * Ultimately would like to remove this unencrypted machine entirely. |
| 57 | + |
| 58 | +## Q&A, Other |
| 59 | + |
| 60 | +* Might need to upgrade compilers soon from gcc 12 to gcc 13 to be able to support new features (i.e std::format). Will also look into using Clang down the road. |
| 61 | + |
| 62 | +## Upcoming Meetings |
| 63 | + |
| 64 | +* **Node.js Project Calendar**: <https://nodejs.org/calendar> |
| 65 | + |
| 66 | +Click `+GoogleCalendar` at the bottom right to add to your own Google calendar. |
0 commit comments