doc: add 2024-06-20 notes

meetings/2024-06-20.md

@@ -0,0 +1,47 @@
+# Node.js  Security team Meeting 2024-06-20
+
+## Links
+
+* **Recording**:  https://www.youtube.com/watch?v=MoGb7bk2RuI
+* **GitHub Issue**: $GITHUB_ISSUE$
+
+## Present
+
+* Security wg team: @nodejs/security-wg
+* Thomas GENTILHOMME: @fraxken
+* Michael Dawson (@mhdawson)
+* Marco Ippolito @marco-ippolito
+
+## Agenda
+
+## Announcements
+
+*Extracted from **security-wg-agenda** labelled issues and pull requests from the **nodejs org** prior to the meeting.
+
+* No announcements this week
+
+- [X] Vulnerability Review - https://github.com/nodejs/nodejs-dependency-vuln-assessments/issues
+  * Nothing new reporting since the last meeting
+  * CI is red because of a llhttp v6 report.
+
+- [X] OpenSSF Scorecard Monitor Review - https://github.com/nodejs/security-wg/issues?q=is%3Aissue+OpenSSF+Scorecard+Report+Updated%21+
+
+### nodejs/security-wg
+
+* Audit build process for dependencies [#1037](https://github.com/nodejs/security-wg/issues/1037)
+  * Michael: Nothing new to report on this, still on the list, hope for it to get to the top of the list soon to spend some more time on the approach for building WASM.
+
+* Automate security release process [#860](https://github.com/nodejs/security-wg/issues/860)
+  * 5 PRs were merged to automate the security release process
+  * New flag: git node security –sync
+  * Suggestion from Marco to create a CI to keep the next-security-release branch up to date
+  * We are integrating PR_URL from custom H1 field to the vulnerabilities.json
+  * A test workflow has been created for the security-release repository guaranteeing the structure of vulnerabilities.json
+
+## Q&A, Other
+
+## Upcoming Meetings
+
+* **Node.js Project Calendar**: <https://nodejs.org/calendar>
+
+Click `+GoogleCalendar` at the bottom right to add to your own Google calendar.