2021-02-19 Meeting Notes
- Mike Gorrell
Attendees
Discussion items
Time | Item | Who | Notes |
|---|---|---|---|
| Temporary Kafka Security | Team & Vasily | Review design outlined here: Temporary Kafka security solution | |
dependency confusion supply chain attack | Need to follow up with Hongwei to make sure we understand who has access to the NPM repository Also would make sense to have a policy/process for the security dependency investigation. We should revisit once we have more of Ryan's or John's time. | ||
UI and security | We have a shortage of UI expertise on the FOLIO Security group - reference STCOR-497 - Getting issue details... STATUS ... so we haven't been able to be as efficiently as we'd like, primarily because of Ryan's lack of availability. How to handle? Invite another UI lead (Zak Burke, John Coburn). Craig will reach out to John to see if he's interested and has time to see if he can temporarily participate. | ||
| Review Security Issues | TeamĀ | Review Kanban board | |
| Safe harbor, policies | Safe Harbor Statement/Acceptable Use Policy - Reviewed by Lawyer; text changed on wiki. Next steps? Place it on dev.folio.org - check to see if there were other things we planned for this originally. | ||