As per the Node.js security release process, this is the FYI that there is going to be a security release on 6 Feb 2024.

https://nodejs.org/en/blog/vulnerability/february-2024-security-releases

I can be available to lock/unlock the CI. How long/far in advance do you need the CI locked down for?

FWIW the security release process template says on "Release day" which I don't think we've ever done. The Build WG's documentation says "About 24 hours before a release is published", which was correct in the past but I think more recent security releases have locked the CI down for longer.

Posted https://github.com/nodejs/collaborators/discussions/186 to announce the pending lockdown and pinned it.

I've locked down the CI now. I'll update the instructions tomorrow -- Jenkins has moved the theming out of https://ci.nodejs.org/manage/configure to https://ci.nodejs.org/manage/appearance.

I disabled https://github.com/nodejs/node/actions/workflows/auto-start-ci.yml to prevent error messages being posted back to any PRs that apply the request-ci label.

I've locked down the CI now. I'll update the instructions tomorrow -- Jenkins has moved the theming out of https://ci.nodejs.org/manage/configure to https://ci.nodejs.org/manage/appearance.

Updated instructions #3627

Access has been explicitly granted to @marco-ippolito (#3628). The entry in the security matrix should be removed when unlocking the CI (as he'd normally have access as a collaborator).

CI is now unlocked.