/
2022-01-13 Meeting notes

2022-01-13 Meeting notes

Jan 13, 2022

Date

Jan 13, 2022

Attendees



  • @Jakub Skoczen

  • @Ryan Berger  

  • @Axel Dörrer 

  • @Julian Ladisch 

  • @Brandon Tharp 

  • @John Coburn 

  • @Craig McNally 

Goals

Discussion items

Time

Item

Who

Notes

Time

Item

Who

Notes



Recap on Log4shell

All

  • Time to make the fixes took to long

    • Consider to make a person from the core platform responsible to drive these fixes

    • Someone from stripes team should be the same for front end issues

  • It was not clear what release is needed to be fixed. LTS is needed to be defined

    • New group has been set up to define this

    • Should reach out to the new group for the status and see if they want somebody from the security team → @Jakub Skoczen has take this on

    • Need support statement for other releases

  • Took too long to respond

    • When is the security team resposible to react? On direct messages or should we scan several channels? ← Need to define this more clearly to the Charter

    • Should be a group effort

    • Need to provide some guidance to community questions / concerns

  • Postpone retrospective board until Craig is back

5 min

Update on https://folio-org.atlassian.net/browse/FOLIO-3317 

Axel

Tickets had been opened and there is some movment at mod-data-exp and mod-data-imp.

Axel to reach out to Leipzig if they have any plans on the others.

*

Review the Kanban board

Team

Nothing urgent will come back to that next meeting



Action items

@Julian Ladisch / @Craig McNally  to respond to Marc Johnson's question on the log4shell wiki page about upgrading vertx in edge-common.  
@Craig McNally to create a doodle poll and post to the slack channel (mon/tues/wed)