TC39 Editors on 2025-12-15

03:18	<bakkot>	ljharb: I ran some experiments. As far as I can tell there's three tokens involved: the initial ACTIONS_ID_TOKEN_REQUEST_TOKEN, which is valid only for the duration of the run and also expires after 6 hours; the OIDC token with audience `npm:registry.npmjs.org`, which is valid for 5 minutes; and the publish token, which is valid for 15 minutes. none of these timeouts appear to be configurable and all of them are enforced, at least in my testing, which means you can get a maximum of < 7 hours that you can publish by compromising a single run.
03:19	<bakkot>	so I think your correspondent is either confused or the issue has been fixed
03:19	<bakkot>	can you either link me to the aforementioned public space or put me in touch with whoever told you about this?
03:45	<ljharb>	yep, I’ll get in touch with him tomorrow. It very likely has been fixed at this point.
21:27	<shu>	i saw michael declined today, @bakkot are you planning on attending today?
21:27	<bakkot>	yes and I assumed Michael Ficarra was as well, he's online today
21:27	<bakkot>	possibly he just declined your additional invite? we said we're switching to a consistent zoom call instead of webex
21:28	<bakkot>	so I don't think we need a weekly invite anymore
21:28	<shu>	ooh
21:28	<shu>	i forgot about the zoom thing
21:28	<shu>	where's the zoom info? did i miss the invite
21:29	<bakkot>	it's on the TC39 events calendar
21:30	<bakkot>	link should be stable week to week
21:30	<shu>	i don't see it in my calendar, let me see
21:32	<shu>	huh i guess I have to re-import
21:32	<shu>	anyway i see it now, cool
23:02	<Michael Ficarra>	okay here's what I added for editorial conventions: https://github.com/tc39/ecma262/wiki/Editorial-Conventions/_compare/836aac5fb8679dd3ac93600e6770e9c1e29ece6a...9ac8a2f98aa9711fe82357eb623c4c8977457bfc
23:08	<jmdyck>	so no editor call until Jan 5?
23:10	<bakkot>	I think Michael Ficarra and I are around and will continue having calls
23:10	<bakkot>	just no Shu
23:13	<jmdyck>	ok