1. Attendence - Jeremy Mitchell - Zach Hoffman - Justin Howard - Srijeet Chatterjee - Ashish Paudyal - Eric Holguin - Stephen Hamrick - Taylor Frey 2. With 6.1.0 released should we start planning for the April 1st release? Should that be 6.2.0 or 7.0.0? - If we make TO API v4.0 stable and remove 2.0 it needs to be 7.0.0 - APIv4 will have been unstable for roughly 6 months 3. Java 17 support in Traffic Router? - Should represent performance benefits - Upgrade impact currently unknown - An issue will be opened 4. Go 1.18 is late - 10 remaining release blockers 5. ML: CVE-2022-23206: Apache Traffic Control: Server-Side Request Forgery in Traffic Ops endpoint POST /user/login/oauth - We should consider joining that program that compensates bug finders 6. ML: Google Summer of Code 2022 - Could work on TPv2 - Developer "CDN-in-a-Box" should help with contributions to other components 7. Should blueprints be required? - How big is "too big to not have a blueprint"? - How do we ensure the blueprint process doesn't slow down development? - Jeremy (paraphrased): While stopping for discussion inherently causes a slow-down, but the contentions had would surface eventually, so by paying that cost up-front it's actually faster in the long-term to use a blueprint to hash these things out 8. 19 tech debt issues are missing impact labels - #3350 - Added "medium impact" label - #3346 - No action - Issue will be opened to track the removal of Riak as a supported TV back-end - #3343 - Added "medium effort" and "low impact" labels - #3340 - Added "medium impact" and "low effort" labels - #3338 - Closed as complete - #3288 - Added "medium impact" label
On Tue, Feb 8, 2022 at 9:17 AM Zach Hoffman <zrhoff...@apache.org> wrote: > > Consider discussing: > - Java 17 support in TR? > - Go 1.18 is late > > Active mailing list threads: > - CVE-2022-23206: Apache Traffic Control: Server-Side Request Forgery > in Traffic Ops endpoint POST /user/login/oauth > <https://lists.apache.org/list.html?dev@trafficcontrol.apache.org> > - Google Summer of Code 2022 > <https://lists.apache.org/thread/9vd6bkx6bnmtvqpc19boyv3mngwl5sbm> > > On Tue, Feb 8, 2022 at 9:15 AM Jeremy Mitchell <mitchell...@gmail.com> wrote: > > > > We have 19 tech debt issue with no indication of the impact associated with > > each: > > https://github.com/apache/trafficcontrol/issues?q=is%3Aopen+is%3Aissue+label%3A%22tech+debt%22++-label%3A%22high+impact%22+-label%3A%22medium+impact%22+-label%3A%22low+impact%22 > > > > Maybe we can add high, med, low impact as a team to each. > > > > On Tue, Feb 8, 2022 at 9:11 AM Jeremy Mitchell <mitchell...@gmail.com> > > wrote: > > > > > Now that 6.1.0 is official, do we want to start thinking about our next > > > official release planned for April 1 (start of Q2)? Are we thinking this > > > will be 6.2.x or 7.0.x? > > > > > > On Tue, Feb 1, 2022 at 9:36 AM ocket 8888 <ocket8...@gmail.com> wrote: > > > > > >> If you have anything you want to discuss at next week's meeting, > > >> respond to this email and it's on the agenda. > > >> > > >