Meeting Agenda for
Antitrust Disclaimer
Attendance
Attendance is taken purely upon #info in Zoom Chat
Meeting Notes
- Try to login to security.lfx.dev
- Add additional architectures to tested version file
- Move the tested version file to .github (see https://github.com/open-horizon/.github)
- Look into how to integrate with SBOM, see Issue 117
- Exchange Versioning needs to be discussed with Bruce and moved into the open.
Meeting Notes from 6/20
- Look into what the EdgeX Foundry does for their release notes. There may be a GitHub Action available to reuse.
- Need to address security vulnerabilities.
- Maybe have a wiki page to start with - Akraino and EdgeX Foundry wikis may have something we can base off of
- Have TSC members (WG chairs) on private email list where users can submit vulnerabilities
- Speak with Kendall who may have started to create this list via groups.io
- Potentially look at using Syft to output a CycloneDX or SPDX file that can be joined with a CVE database to produce a vulnerability report from images
- TESTING.md to address testing policy for new functionality (required unit tests, etc)
Open Action Items
Recording Link
Topic: Open Horizon DevOps WG biweekly meeting
Start Time: Aug 16, 2022 06:57 AM
Meeting Recording:
https://zoom.us/rec/share/q3dF2X4x8CRXxoUUNsGeP4Mf7BqCEQjwbpK4PFPiKBFAZQfLSTxZTBxLw51tNYKf.HsRjr4d-EiLJmgql