2025-08-04 Meeting notes

Date

Aug 4, 2025

Attendees

@Olamide Kolawole
@Jenn Colt
@Christie Thomas
@Maccabee Levine
@Wayne Schneider
@Tod Olson
@Matt Weaver
@Shelley Doljack
@Kevin Day
@Jeff Gerhard
@Florian Gleixner
@Julian Ladisch
@VBar

Time	Item	Who	Notes

Time	Item	Who	Notes
1 min	Scribe		@Julian Ladisch is next, followed by @Ingolf Kuss @Maccabee Levine actually taking notes Reminder: Please copy/paste the Zoom chat into the notes. If you miss it, this is saved along with the meeting recording, but having it here has benefits.
5-15 min	Liaison Updates	@Maccabee Levine @Christie Thomas @Craig McNally	CC: @Maccabee Levine: No CC meeting this week. Reminder for next Monday: FOLIO Futures proposals: draft comparison of proposals: summary of differences between proposals Next CC meeting (8/11), full hour: brief presentations on all four docs, then discussion on next steps. PC: @Christie Thomas No meeting last week. RMS Group: @Jenn Colt volunteered to be our liaison Security Team: @Julian Ladisch reported business as usual. Asked RMS group to include some 4 CVE fixes into a CSP, see Slack `#folio-release_bug_triage`. @Julian Ladisch volunteers to be liaison for Security Team Eureka Early Adopters: @Craig McNally: Latest status updates can be found here , spreadsheet there is up-to-date Meeting every other week now Community Driven Development (@Jenn Colt / @Maccabee Levine): Prep for CC discussion Monday. Wolfcon 2025: There will most likely be a shoulder meeting for the councils. Jesse confirmed there is room from the individual council meetings in the morning and for the big group in the afternoon. TC agreed again, we will have these meetings. Some of us will be there in person, and some hybrid.
5-10 min	Upcoming Meetings	All	Aug 4, 2025 - Regular TC meeting Aug 6, 2025 - Dedicated discussion: dev documentation visibility Aug 11, 2025 - Regular TC meeting Aug 13, 2025 - Dedicated discussion: Follow-up on 8/11 CC discussion of FOLIO Futures proposals. Unless we decide on 8/11 TC that there’s nothing to discuss yet. Dedicated Discussion Topics: Revisit issues around breaking changes: https://github.com/folio-org/ui-courses/pull/349 PR has been merged New TC member orientation in Early July What do new members need to do? What does TC need to do around permissions in Wiki, GitHub; other administrative tasks? Appoint another co-chair FOLIO contribution network proposal: @Craig McNally Is this in discussion or for approval? @Jenn Colt Still in discussion Topic for next Wednesday’s meeting. What would TC’s perspective be on how a contribution network would operate? There are two related proposals that need to be considered and should be discussed more broadly. Developer Advocate Evaluating existing modules Communication plan to promote updates to OST pages Need to update OST pages with communication plan changes Need a retro on changes to OST(?) TC Roles and Responsibilities Has this been influenced by CC adopting a vision statement that the community should direct FOLIO development? OST discussion around the Grails 7 and Java 17 issues; get to talk to the stakeholders There might be a security issue to it. This is separate from the OST topic above. We might not be able to upgrade to Grails 7 for the Sunflower and we may not be able to get to this on Trillium. Is this in scope of Trillium, or do we need to put this on Umbrellaleaf? We need to schedule a meeting on this with the appropriate parties to plan this out. Issue about the Eureka release schedule - do we want to come back to it ? Continued third-party support during release periods Prompted by Kong/Keycloak and Spring Boot, plus extra-long Trillium cycle Should probably talk about this more generally, beyond these specific examples mod-mosaic and the Gobi group. Evaluation of existing modules: @Maccabee Levine created a spreadsheet with some information like age of repository on existing modules which could be used to see which modules need review. Julian also had the idea in slack to use sonar metrics to decide which modules get picked.
0 min	TCR Board Review	All	https://folio-org.atlassian.net/browse/TCR-57 @Julian Ladisch Not ready for evaluation yet. https://folio-org.atlassian.net/browse/TCR-58 ready for TC decision: https://github.com/folio-org/tech-council/pull/99/files @Kevin Day Got questions about licenses. Used Julian’s tool to generate list of all licenses. Many are dual licenses, but could be some missed, could use extra eyes. @Marc Johnson Is anything on the list not covered by one of the acceptable licenses? I.e. a concrete breach? @Kevin Day Some LGPL, but those are dual licensed with Apache so not a conflict. @Jenn Colt Does this report show deployed vs not? @Kevin Day Yes “deployed” and “compiled” will be, “test” not. @Marc Johnson How deep into this do we go, esp with dependencies included already in other modules? @Jenn Colt Could identify dependencies that are issues, write them down, pass to CC as “you are the business practice people, these don’t fly, do you want to talk to lawyer and decide. Because ultimately the risk is the the hosting providers.” @Kevin Day Can we automate the report generation? @Jenn Colt We have some of that, less so process on what to do when something pops. @Marc Johnson Do we know which dependencies are in breach? @Jenn Colt We have a list of licenses (from Apache). @Marc Johnson None of our tools will give us a definitive answer on what’s in compliance. @Kevin Day Apache, MIT, BSD all fine. GPL and LGPL problems but in this module, all of those are dual licensed. @Julian Ladisch will add specific concerns to the TCR ticket. @Kevin Day fine waiting another week @Wayne Schneider Can we have Julian’s tool available somewhere to run, to make these reviews easier. Should be runnable by non-developers. @Jenn Colt Will add to Wednesday list for another pass at licensing. (ML: done.) @Maccabee Levine Agree with that approach. Start with Wednesday discussion but probably need a new subgroup after – things have changed for the better since last subgroup (Julian’s tool, Apache list incorporation). Include CC volunteer. @Kevin Day Can’t actually undo the Jira status change. (TC fine with that, just communicate to the team.) @Olamide Kolawole Going through a module evaluation, we can have challenges for non-developers. Also non-Java modules (Golang, JS modules). Module evaluation should have a recommended process. Lots of agreement. @Marc Johnson So actually two lists of licenses to consider. (Sorry Marc I lost the context, but maybe for testing vs. included in the build.) Existing module evaluation process @Maccabee Levine shared some suggested talking points in #tc-internal Did not have time to discuss below mod-search (existing module evaluation) ui-export-manager (existing module evaluation)
0 min	Technical Council Sub-Groups Updates	All	Presently there are no active TC subgroups We will start up a Licensing subgroup. @Maccabee Levine chairing, @Kevin Day @Olamide Kolawole participating and will get someone from CC to participate. Some initial questions: Julian’s tool. How to make usable by TC members who are not developers. Node tools on apache license checker. Github reporting on licenses. What we do if new (or existing) modules actually have a license problem. Probably a lot of existing modules affected (Marc) Conditional licensing issues based on context of how the code is used (Tod) How does our interaction with the legal liaison work?
1 min	GitHub RFCs Wiki RFCs	All	Anything we need to discuss here?
1 min	Decision Log	All
10 min	Officially Supported Technologies (OST)	All	Will sync up offline to see what is next to update on the list
NA	Zoom Chat

Topic Backlog
Decision Log Review	All	Review decisions that are in progress. Can any of them be accepted? rejected?
Translation Subgroup	All	Since we're having trouble finding volunteers for a subgroup, maybe we can make progress during a dedicated discussion session?
Communicating Breaking Changes	All	Currently there is a PoC, developed by @Maccabee Levine, of a utility to catalog Github PRs that have been labeled with the "breaking change" label. We would like to get developer feedback on the feasibility of this label being used more often, and the usefulness of this utility.
Officially Supported Technologies - Upkeep	All	Previous Notes: A workflow for these pages. When do they transition from one state to another. Do we even need statuses at all ? Stripes architecture group has some questions about the Poppy release. Zak: A handshake between developers, dev ops and the TC. Who makes that decision and how do we pass along that knowledge ? E.g. changes in Nodes and in the UI boxes. How to communicate this ? We have a large number of teams, all have to be aware of it. TC should be alerted that changes are happening. We have a couple of dedicated channels for that. Most dev ops have subscribed to these channels. How can dev ops folk raise issues to the next level of community awareness ? There hasn't been a specific piece of TC to move that along. Craig: There is a fourth group, "Capacity Planning" or "Release Planning". Slack is the de facto communication channel. There are no objections to using Slack. An example is the Java 17 RFC. Craig: The TC gets it on the agenda and we will discuss it. The TC gets the final say. Marc Johnson: We shouldn’t use the DevOps Channel. The dev ops folks have made it clear that it should only be used for support requests made to them. Jakub: Our responsibility is to avoid piling up technical debt. Marc: Some set of people have to actually make the call. Who lowers the chequered flag ? Craig: It needs to ultimately come to the TC at least for awareness. There is a missing piece. Capacity Planning needs to provide input here. Marc: Stakeholders / Capacity Planning could make that decision. Who makes the decision ? Is it the government or is it some parts of the body ? Marc: the developers community, the dev ops community and sys ops are involved. For example the Spring Framework discussion or the Java 17 discussion. But it was completely separate to the TC decision. It is a coordination and communication effort. Marc: Maybe the TC needs to let go that they are the decision makers so that they be a moderating group. Jakub: I agree with Marc. But we are not a system operating group. Dependency management should be in the responsibility of Release management. There are structures in the project for that. Jason Root: I agree with Jakub and with Marc also. Policies should drive operational/release/support aspects of Folio. Jason Root: If the idea of “support” is that frameworks are supported, then of course the project should meet that. Marc Johnson Some group needs to inform OleksAii when a relevant policy event occurs. These documents effectively ARE the manifestation of the policy. Craig: This is a topic for the next Monday session. Craig to see if Oleksii Petrenko could join us to discuss the process for updating the officially supported technologies lists.
Dev Documentation Visibility	All	Possible topic/activity for a Wednesday session: Discuss/brainstorm: Ideas for the type of developer-facing documentation we think would be most helpful for new developers How we might bring existing documentation up to date and ensure it's consistent etc.
API linting within our backend modules	All	https://folio-project.slack.com/archives/CAQ7L02PP/p1713343461518409 Hello team, I would like to discuss API linting within our backend modules. Some time ago, we transitioned our linting process from Jenkins to GitHub Actions as outlined in https://folio-org.atlassian.net/browse/FOLIO-3678. I am assuming that this move was done via some technical council decision. Please correct me if I'm wrong. In my observations, I've found two problems: Schema linting does not occur if the schemas are in YAML format. There are issues with resolving some deeper references during API linting. Although I'm unsure about how to improve the existing linting implementations within Folio, I propose to consider an open-source solution that handles OpenAPI linting effectively and allows us to define custom rules. For your reference: https://stoplight.io/open-source/spectral A test of this solution can be found in this PR: https://github.com/folio-org/mod-search/pull/567. The same PR also provides an example of custom rule definition: https://github.com/folio-org/mod-search/pull/567/files#diff-d5da7cb43c444434994b76f3b04aa6e702c09e938de09dbc09d72569d611d9ab.Also, by employing 'Spectral', I discovered AsyncAPI (https://www.asyncapi.com/en), an API design tool similar to OpenAPI but for asynchronous interactions. I suggest that we consider using AsyncAPI in FOLIO to generate documentation for Kafka interactions.
PR Templates	All	https://folio-project.slack.com/archives/CAQ7L02PP/p1713445649504769 Hello team, Small request to consider. Regarding pr templates. From my perspective, pr template is not good idea. Even the biggest open source projects that are contributed by many people don't have any pr template. Currently what we have for acq modules https://github.com/folio-org/mod-orders-storage/blob/master/PULL_REQUEST_TEMPLATE.md These pr template is inconsistent in different teams. What I suggest is that, pr template shouldn't be any instructions, because most developer who are creating pr have already understand the rules. If we put just two section into template, it will encourage developers to write more about their work and that lead to knowledge sharing among developers.
Proposed Mod Kafka	All	https://folio-project.slack.com/archives/CAQ7L02PP/p1714471592534689 Mike Taylor Proposal. If and only if a FOLIO instance is running Kafka, it should insert and enable a module called mod-kafka, which consists entirely of a module descriptor that says it provides the interface kafka. The purpose is so that other modules can use the standard <IfInterface> and similar tools to determine whether they should attempt Kafka operations. Rationale: the FOLIO ILS depends absolutely on Kafka, but other uses of the platform will not. One such example: a dev platform that includes only mod-users, used as a source of change events for Metadb.