Date

14 Apr 2022

Call-in Information

Time: 10:00 am, Eastern Time (New York, GMT-04:00)

• Join Zoom Meeting
  https://lyrasis.zoom.us/j/81398228834?pwd=SE0wdFN3NnFVbEhYVUhuM3BtQmVUQT09

  Meeting ID: 813 9822 8834
  Passcode: 728426

Attendees

 Indicating note-taker

1. Brian Lowe 
2. Georgy Litvinov 
3. Dragan Ivanovic 
4. Huda Khan
5. William Welling 
6. Benjamin Gross 
7. Ralph O'Flinn 

Agenda

1. Strategy for publishing April release 
   1. https://github.com/vivo-project/Vitro/pull/269  
   2. Completion of PRs reviewing - https://github.com/vivo-project/Vitro/pulls, https://github.com/vivo-project/VIVO/pulls
      1. Deadline - April 7th (next meeting)
   3. Merging PRs 
      1. April 7th and April 14th
   4. Publishing a release candidate
      1. Deadline - April 21st
   5. Testing the release candidate
      1. Release Testing - 1.13.0 
         1. deployment of VIVO and Vitro
            1. mvn clean install
         2. main functionalities
            1. ???
            2. https://docs.google.com/forms/d/e/1FAIpQLSdh_dSxxi77r4mXHxWc8RbICrQSXZhlEaREHSNB76-FGocZYQ/viewform
         3. and special focus on new features
            1. new interface translations,
            2. online translation feature,
            3. upload of files https://github.com/vivo-project/Vitro/pull/251
            4. https://docs.google.com/forms/d/1XDmpCa9fLk_-opx7i0aCRCUYZhrnZ0FJZG6-0tx-Orc/viewform 
         4. Advanced tests for software developers
            1. https://docs.google.com/forms/d/e/1FAIpQLScQ18whLuvQq-a8lkd8gqePKJadQHocghT7Qe18t57_8GW1uw/viewform
         5. Deadline for preparation of GoogleForms - April 21st 2022
         6. Discussion about these projects
            1. https://github.com/vivo-community/vivo-acceptance-tests
            2. https://github.com/vivo-community/vivo-regression-tests
      2. Deadline for responses - May 5th
   6. VIVO 1.13.0 Technical Documentation
      1. New space should be added to wiki https://wiki.lyrasis.org/spacedirectory/view.action, and then page should be copied including children
      2. Adding of technical documentation for:
         1. Uploading files
         2. Configuration of email SMTP server
         3. online localization editor
      3. Deadline April 21st
   7. Publishing VIVO 1.13.0 
      1. Deadline May 12th
2. Improvement of GitHub code management 
   1. bug report template
      1. VIVO
      2. DSpace
   2. feature request template
      1. VIVO
      2. DSpace
   3. pull request template
      1. VIVO
      2. DSpace
   4. GitHub actions
      1. list of actions
         1. VIVO
         2. DSpace
      2. build.yml
         1. VIVO
         2. DSpace
      3. docker.yml
         1. VIVO
         2. DSpace
      4. label merge conflicts yml
         1. DSpace
      5. adding new issue to project board yml
         1. DSpace
      6. codeQL analysis
         1. VIVO
   5. labels
      1. list of labels
         1. VIVO
         2. DSpace
      2. assignment of labels to issues
         1. VIVO
         2. DSpace

Notes

1. April release
1. Needed to select what’s in this release. Majority has already been done.
2. Questions around two pull requests for Georgy
1. Deletion of individuals may need to be postponed to prevent accidentally removing triple store
2. Brian: Seeing some odd behavior.  Want to make sure guard against operator error
3. Dragan: Seems like deletion is not ready for minor release but upload of files should be ready and merged
3. Vitro language pull requests: https://github.com/vivo-project/Vitro-languages/pulls 
1. English translation for individual deletion can wait (#44)
2. Location of VIVO into Serbian: 
1. Handling languages that have more than one alphabet
2. Include language in file name
3. Need to update Vitro/VIVO code to make app aware that alphabet should be taken into account. 
4. Almost done but need to make sure alphabet handling is in place. See by end of week if it is done and merge if so
4. VIVO-languages pull requests
1. https://github.com/vivo-project/VIVO-languages/pull/102 : Remove plugin duplicates
1. Would be nice to have this in release. Need one additional approval (Ralph)
2. Check if applying patch will get rid of warning
3. Need to check if those duplicate plugins can be removed from Russian/Serbian
5. Vitro pull requests
1. https://github.com/vivo-project/Vitro/pull/240 Add password authentication on external smtp servers
1. Ready to be merged
2. Merged!
2. https://github.com/vivo-project/Vitro/pull/251 upload documents in Vitro/VIVO
1. Passing GitHub actions
2. Benjamin tested and approved 
3. Merged!
6. VIVO pull requests
1. https://github.com/vivo-project/VIVO/pull/3683 : VIVO side of upload documents
1. Merged!
2. Release process
1. Using Jena ARQ 3.16.0.  Jackson dependency 2.10.1.
1. Result of sprint trying to align with this version
2. Also Orcid client
3. But vulnerabilities for this version have appeared
4. Even the newest jena 4.4.0 still has some vulnerabilities (jackson-databind 2.13)
5. Question: If vulnerability mitigated in version 4 for Jena ARQ, would it be a big issue moving from 3 to 4?
1. Brian: Not sure. Would need to check. 
6. Even if we mitigated vulnerability in Orcid client, vulnerability would still exist in Vitro/VIVO because of Jena ARQ dependencies
1. William: Primary reason for Orcid update was Swagger support
1. Swagger core 2.1.13 has jackson-databind (2.12.1) vulnerability
2. William: Remediate that by getting latest version of jackson-databind.  Exclude from dependencies that may be bringing it in and update in Vitro/VIVO.  Regular practice
3. Dragan: ARQ 3.16.0 brings in Jackson-databind problematic versions. Exclusion would not address that
1. William: No it wouldn’t.  Might require refactoring in SPARQL engine. 3 to 4 (ARQ) is a major release and have to anticipate breaking changes. 
2. Brian: From change log for 4.0.0 for Jena ARQ, doesn’t look too bad.  Perhaps changes in IRI handling. But hopefully does not require a full dump of data as was required with 2 to 3.  Does seem to require JAVA 11.  Not sure if ready to do that. 
3. Georgy: Do they still support TDB1 or requiring TDB2?
4. Brian: Not sure
7. Dragan: Lots of vulnerabilities for Orcid 0.6.3. Some seem to have been addressed. 0.6.4. Not visible on main page but will check in a day or so.
1. Used Vitro/VIVO release documentation.  Updated ORCID and it worked.  Ready to try release candidate for Vitro or VIVO
2. Will create pull request. VIVO API POM xml to handle ORCID API.  
3. William: don’t want to rush 0.6.4 into next release.  Required for Dynamic API feature and that isn’t really a candidate for the release.  Should be a requirement for Dynamic API but not upcoming April/May release.
4. William: A few of the ORCID vulnerabilities are high, but will need to check which.  Many are low or medium. 
5. Brian: Like idea of timed releases.  But would rather fix dependencies.  Also William’s ideas of removing Spring requirements for that vulnerability.  Turns out not difficult to do.  Visualizations doing with dependency injection and could be easy to replace with something straightforward.  Would allow us to get rid of Spring dependency. Perhaps address that vulnerability and these other vulnerabilities before putting out a release.
1. Dragan: Sense of time needed?
1. Brian: Spring dependency: probably a few hours
2. Not sure about time for the other dependencies
8. Consensus around approach to try and address vulnerabilities (Spring first) before release
3. Advanced tests for software developers
1. https://docs.google.com/forms/d/e/1FAIpQLScQ18whLuvQq-a8lkd8gqePKJadQHocghT7Qe18t57_8GW1uw/viewform
4. Deadline for preparation of GoogleForms - April 21st 2022
1. William will give GoogleForm permission to Dragan for release
5. Discussion about these projects
1. https://github.com/vivo-community/vivo-acceptance-tests
2. https://github.com/vivo-community/vivo-regression-tests    
3. Found some Selenium tests. Would be nice to have some end to end Selenium tests
4. Need to consider budget requirements for some small projects.  Not a big budget but wondering if thinking we could use part of that budget for developing Selenium tests for Vitro/VIVO
5. Georgy: Selenium tests depend on user interface.  If the interface is changing in the near future, wouldn’t make sense to devote time to Selenium tests for current interface.
1. Also, if we decouple from Freemarker, and use a single page application framework, could instead do integration tests.  
6. Need help with technical documentation.  Need to define space and then move wiki space to another.
1. Brian: Should be a wiki page that describes how this.  Clone and then mark as future release
1. From chat: I guess it's not as detailed as I remember, but https://wiki.lyrasis.org/display/VIVO/Preparing+Documentation+for+Release
2. New space should be added to wiki https://wiki.lyrasis.org/spacedirectory/view.action, and then page should be copied including children
3. Adding of technical documentation for:
1. Uploading files
2. Deletion of individuals
3. Configuration of email SMTP server
4. Deadline April 21st
5. Dragan: Will work and then contact Georgy if there are any questions
7. Georgy: question about deletion of individuals
1. Would it be enough to check if construct query  has write enabled?
2. Brian: Need to think about it.  Could parse the query and check to see there aren’t disjointed triple patterns that don’t connect to that bound variable
8. Also investigated GitHub code management: templates
1. bug report template
1. VIVO
2. DSpace
2. feature request template
1. VIVO
2. DSpace
3. pull request template
1. VIVO
2. DSpace
4. GitHub actions
1. list of actions
1. VIVO
2. DSpace
2. build.yml
1. VIVO
2. DSpace
3. docker.yml
1. VIVO
2. DSpace
4. label merge conflicts yml
1. DSpace
5. adding new issue to project board yml
1. DSpace
6. codeQL analysis
1. VIVO
5. labels
1. list of labels
1. VIVO
2. DSpace
2. assignment of labels to issues
1. VIVO
2. DSpace
9. Dragan: Testing will be postponed while we’re waiting to see what our next user interface will be.  Next week with full group should start working on plans for next sprint in last week of May

Draft notes on Google Drive

Actions

• Brian Lowe will work on https://github.com/vivo-project/VIVO/issues/3686
• William Welling will share GoogleForms for testing of the previous VIVO 1.12.0 release candidate
• Dragan Ivanovic will copied and adopted previous GoogleForms for the needs of testing VIVO 1.13.0 release candidate
• Dragan Ivanovic will contact Ralph O'Flinn to copy VIVO 1.12 documentation space and copy there existing technical documentation
• Dragan Ivanovic in collaboration with Georgy Litvinov to extend documentation with wiki pages for new features

Previous actions 

• Benjamin Gross to review https://github.com/vivo-project/Vitro/pull/251
• Dragan Ivanovic to review https://github.com/vivo-project/Vitro/pull/251
• Georgy Litvinov to fix the issue with GitHub action https://github.com/vivo-project/Vitro/pull/269
• Ralph O'Flinn to review https://github.com/vivo-project/Vitro/pull/269
• William Welling to review https://github.com/vivo-project/Vitro/pull/269
• Georgy Litvinov to update pom versions in https://github.com/vivo-project/VIVO-languages/pull/104 and https://github.com/vivo-project/Vitro-languages/pull/54
• Dragan Ivanovic to review and merge https://github.com/vivo-project/VIVO-languages/pull/104 and https://github.com/vivo-project/Vitro-languages/pull/54
• Georgy Litvinov to review https://github.com/vivo-project/VIVO/pull/3613
• Dragan Ivanovic to review https://github.com/vivo-project/Vitro/pull/240 
• Brian Lowe to review https://github.com/vivo-project/Vitro/pull/240
• Ralph O'Flinn to publish orcid-api-client 0.6.4 and update version of this library at https://github.com/vivo-project/VIVO/blob/main/api/pom.xml#L62

• Dragan Ivanovic to create announcement for the demo meeting and to spread it
• Dragan Ivanovic to reorganize code of https://github.com/vivo-project/Vitro/pull/287 and to get rid of enumerations for data types 
• Dragan Ivanovic to investigate organizational (management) aspects of DSpace community and to prepare discussion for the next meeting what might be adopted from there (GitHub actions, labels for issues, template for issue, template for PR)
• William Welling Georgy Litvinov to review sprint PRs (there should be three PRs)
• Brian Lowe to review N3Template operation PR (https://github.com/vivo-project/Vitro/pull/286)
• Georgy Litvinov to review/test https://github.com/vivo-project/orcid-api-client/pull/12
• Ralph O'Flinn to merge https://github.com/vivo-project/orcid-api-client/pull/12 and publish orcid-api-client 0.6.4
• Georgy Litvinov to complete https://github.com/vivo-project/Vitro/pull/251

• Ralph O'Flinn to merge https://github.com/vivo-project/VIVO/pull/3611, after that Georgy Litvinov will create a branch for the sprint and move the code from his fork to there
• Ralph O'Flinn to resolve missing i18n directory issue in VIVO 1.12.2 release
• Georgy Litvinov to work on specification for Dynamic API, Dragan Ivanovic to help Georgy on request
• Ralph O'Flinn to resolve missing i18n directory issue in VIVO 1.12.2 release
• Dragan Ivanovic to find some examples for citation of a GitHub repositories (https://github.com/vivo-project/VIVO/pull/247) 
• Georgy Litvinov to contact Tatiana Walther for reviewing https://github.com/vivo-project/VIVO-languages/pull/104 and https://github.com/vivo-project/Vitro-languages/pull/54
• Benjamin Gross to review https://github.com/vivo-project/VIVO/pull/250, https://github.com/vivo-project/Vitro/pull/251, and https://github.com/vivo-project/Vitro-languages/pull/56
• Brian Lowe to review https://github.com/vivo-project/Vitro/pull/213, https://github.com/vivo-project/Vitro-languages/pull/44, https://github.com/vivo-project/Vitro/pull/240, and https://github.com/vivo-project/VIVO-languages/pull/103
• William Welling to review https://github.com/vivo-project/Vitro/pull/241
• Huda Khan to review https://github.com/vivo-project/VIVO/pull/247