security release for distributors ?

[kapouer]

Hi,

would it be possible that @nodejs/distros gets ahead-of-schedule security releases ?
It would give us the opportunity to update the package at the same time as the public release.

[mhdawson]

We've talked about this before, but we never had a volunteer to lead the conversation around who would/would not get access, what the requirements would be to qualify, etc.

For security reasons you can't just say yes to anybody who asks but defining a set of clear rules that would be used to decide who we do share could be a reasonable amount of work. I don't think anybody ever said it was not something the project would consider so if you want to lead the definition of a proposal (with no guarantees it would be successful of course) that would be the next step.