 Hi everyone, my name is Geron Tal and I'm a developer advocate at SNCC. I'm also heavily involved with the security working group for the Node Foundation. So trying to do some processes and triaging to help security and PM ecosystem and Node.js as well. So this conference has been really great in terms of, you know, just meeting people, getting together, getting stuff done as well in the collaborators' time that we're looking forward to in the next couple of days. And a couple of things, or maybe like three things that I wanted to like update you on what's been going on with the Node security working group. So first off, one thing that we have been kind of like communicating a lot is we actually received funding for the Node working group in terms of our ability to like work with Hacker One and then reward security researchers on any bug bounties, you know, that they've been submitting. So this is something that has been rolling out actually pretty recently. We've been able to like get a criteria for which models would be eligible to get the bounties for and this way trying to like get more awareness and more security researchers happening, getting involved within the security space for Node and PM itself. So this is really something that's really recently going on and really good for us as an ecosystem. Interesting point of that, we're trying to see if we can maybe divert some of those funds to maintenance as well that will participate. So like we kind of trying to like pay both parties in terms of driving some motivation around not just reporting issues but also like supporting it like the maintainers who spend time fixing it. So it's a really important part that we're going to see with Hacker One how are we going to be able to roll this out as well. Another update on the working group itself is since this whole OpenJS Foundation thing have been going on pretty strong together, a great, you know, message I think for the whole JavaScript ecosystem, we're trying to see how we're able to get some responsible disclosure guidelines set up, not just for the Node Foundation but also for the entire like cross-project council in terms of like the whole OpenJS Foundation, the whole training projects that we have in. So how do we like make those standards work for everyone as well and not just be a particular part of the Node as part of it. So this is something that tomorrow's in from the working group is been going to like send off a draft and make this work. If you want to get involved, have any opinions when I help out, just jump on to github.com-node.js-security-wg and just find us on the issue. You'll be happy to get some external eyes on this as well. And generally if you want to just get involved and see what's going on, everything is very transparent. Just hop on the repository. Readme is, you know, pretty, I think, clear and helpful. So, you know, just being a stir. Maybe the last update would be around kind of like a challenging thing that we have been kind of been raised recently is we have some issues in terms of how do we handle large scale disclosures. So what we've been seeing not a whole lot, but it has been happening a couple of times at least is security researchers, mostly from academia have been doing a whole lot of security research around like regular denial of service and other kind of like petroversals kind of the vulnerability is like different kind of classes, but have been able to like find those and disclose those issues across like hundreds of projects or like NPM modules. So how do we as a security working group are able to handle those disclosures at large scale because each of those kind of map into one or two, you know, reports that we have to do. So like having hundreds of them, it means also hundreds of like an H1 report that we have to roll out. It has been an interesting discussion. So it's really if you want to jump in and see if you want to just help out or you know, flesh out some of the interesting areas to kind of take action on. That's also something that we've been doubling with recently. So that's it for me. Hoping to catch up with you on social media or on the Node.js repo. Bye-bye.