...
Time | Item | Who | Notes | ||||||||
---|---|---|---|---|---|---|---|---|---|---|---|
5 | Welcome | Ingolf |
| ||||||||
25 | Security Audit | Stephen Pampell | Update on Security Audit + discussion Recap: selected NCC to do security audit of Edelweiss release. Audit conducted in February. Probed primarily Okapi and Authentication. Several issues found, but nothing critical or demanding instant attention. JIRA:
Running notes: FOLIO Weekly Updates -- Q2 2020 A number of issues are targeted for Goldenrod release. Security team is being pulled together as subgroup of TC, will begin meeting May 8, a week from today. Main function is to triage any incoming security issues, determine severity and work with rest of community to take action as appropriate. | ||||||||
25 | Release Management | Mike Gorell | Update on Release Management + discussion TC had meeting at WOLFcon, have followup.Sides: Tech Council -- Recommendation for Release Numbering Basic idea: There will be a LTS (long-term support release) train and a quarterly release train. At the beginning of the LTS, these are the same. Quarterly train continues on quarterly cadence. P1 (Priority 1) functional issues will trigger maintenance releases, first to be fixed in quarterly release and then maintenance release for LTS. P2 and lower functional issues will be fixed in quarterly releases, not trigger a maintenance releases. LTS will not get new functionality during its lifetime. For security issues, P1 and P2 will trigger maintenance release for current LTS, P1 will also be back-ported to previous LTS only. SysOps comfortable with the functional and security maintenance release concepts. Some suggestions about numbering conventions, captured in slides. | ||||||||
5 | Topics for next meeting | Hotfix release | |||||||||
Fröhlichen 1. Mai ! | Happy holiday! |
...