Meeting Agenda for 21 Jun
Antitrust Disclaimer
Attendance
...
Agenda Items | Presented By | Presos/Notes/Links/ | |||
---|---|---|---|---|---|
Welcome | |||||
Review previous meeting notes | |||||
Review Semantic Versioning for all Open Horizon projects. | Core Infrastructure Badge | Working session to review the Badge Application: https://bestpractices.coreinfrastructure.org/en/projects/4300 | |||
Q/A and Wrap up | Anyone |
Meeting Notes
- tbd
Meeting Notes from 6/20
- Look into what the EdgeX Foundry does for their release notes. There may be a GitHub Action available to reuse.
- Need to address security vulnerabilities.
- Maybe have a wiki page to start with - Akraino and EdgeX Foundry wikis may have something we can base off of
- Have TSC members (WG chairs) on private email list where users can submit vulnerabilities
- Speak with Kendall who may have started to create this list via groups.io
- Potentially look at using Syft to output a CycloneDX or SPDX file that can be joined with a CVE database to produce a vulnerability report from images
- TESTING.md to address testing policy for new functionality (required unit tests, etc)
...