Date

08 May 2018

Call-in Information

Time: 11:00 am, Eastern Time (New York, GMT-04:00)

To join the online meeting:

• Go to: https://duraspace.zoom.us/j/823948749
• Or iPhone one-tap :
  • US: +14086380968,,823948749#  or +16468769923,,823948749#
• Or Telephone:
  • Dial(for higher quality, dial a number based on your current location):
  • US: +1 408 638 0968  or +1 646 876 9923  or +1 669 900 6833
  • Meeting ID: 823 948 749
• International numbers available: https://duraspace.zoom.us/zoomconference?m=Qy8de-kt6W4fMMDQCAV_3qfH1W-lxAo5

Slack

• https://vivo-project.slack.com
  • Self-register at:  https://goo.gl/forms/JxQFkut4TYj4Ehww1 
    

Development Process

• See https://github.com/vivo-project/VIVO/wiki/Development-Processes

Attendees

 Indicating note-taker

1. Ralph O'Flinn
2. Kitio Fofack 
3. Tim Worrall 

4. Muhammad Javed

5. Marijane White 

6. Jim Blake 

7. Andrew Woods
8. Martin Barber
9. Don Elsborg
10. Qazi Asim Ijaz Ahmad
11. Paul Albert
12. Huda Khan

Agenda

1. Huda Khan: Security concerns for VIVO (based on issues raised at an institution looking at making its instance based on Vitro public)
2. April Sprint
   1. Where did things land?
   2. Lessons to take forward?
3. 1.10 Release
   1. VIVO 1.10.0 Release Testing
      
4. Product Evolution updates?
5. Sprint 2 planning
6. VIVO Slack... approaching 10k message threshold (at 9.3k)
7. Java versions planning
   1. For reference: Fedora Policy - Supported JVM

Notes

Draft notes in Google-Doc

1. Sprint Reflections
   1. Javed: main goal was to have a 1.10 release candidate. Tasks are completed, though some are still under review.
   2. Jim: Data Distribution API “still up in the air”.
   3. Ralph: might still be something to tweak after the reviews are completed.
   4. Andrew to help out with reviews later this week.*
   5. Andrew: Would it be possible to target a release candidate by the end of the week? Javed isn’t sure the documentation can be done in that time frame.
   6. Jim and Benjamin to suggest reviewers for their code changes*
   7. We need to ensure that any general documentation that’s needed for the release is also done.
   8. Asim needs to make a pull request on his issue (1478?)
   9. Kitio: how do we improve the process from defining issues through the final review? Identify reviewers sooner. Is one review sufficient for documentation and language issues? (Christian H.)
2. Data Distribution API
   1. General consensus that the functionality is needed
   2. Issues on how to incorporate the code into a release
   3. Does the code need to be officially supported by VIVO committers (isn’t it now?)
   4. Some dependency management issues that need to be addressed/resolved
   5. For 1.10, just provide doc so that people can use the DDA but not “baked into” the release (Andrew).
   6. Two different ways to incorporate the code into VIVO/Vitro: as part of the source tree or as a module (a maven dependency). How to resolve this remains open.
3. Security concerns for VIVO
   1. A group at Harvard was prevented from making a VIVO instance public because of security concerns, mostly at the template level and at the login page. Login credentials are unencrypted. Cross-site scripting issues, etc. 
   2. Ralph can provide some feedback at what’s been done at UAB. 
   3. Huda: should we have a Jira issue to track this concern?* More than just an ssl issue.
4. 1.10 Release candidate
   1. Target for this Friday so people can have something to test.
   2. Release team: Andrew, Ralph, Kitio
5. Product Evolution
   1. Goal: high-performing UI (defined how?)

Actions

• Andrew to help out with reviews later this week
• Jim and Benjamin to suggest reviewers for their code changes
• Huda to create a Jira issue to track the security concerns