Skip to end of metadata
Go to start of metadata

You are viewing an old version of this page. View the current version.

Compare with Current View Page History

« Previous Version 37 Next »

Meeting Time and Conference information

Meeting Time:  3rd Monday of each month at 1pm EST as needed (if there are no agenda items, the meeting is cancelled)

Zoom Linkhttps://zoom.us/j/353955907

Meeting ID: 353 955 907

One tap mobile +16699006833,,353955907#

US (San Jose) +16465588656,,353955907#

US (New York) Dial by your location +1 669 900 6833

US (San Jose) +1 646 558 8656

US (New York) 877 369 0926

US Toll-free 855 880 1246

US Toll-free +1 647 558 0588

Canada 855 703 8985

Canada Toll-free Meeting ID: 353 955 907

Find your local number: https://zoom.us/u/abscayLpz ( https://www.google.com/url?q=https://zoom.us/u/abscayLpz&sa=D&ust=1570487240002000&usg=AOvVaw3baS0YLvMOVQhRUsVMH2C0 )



Meeting Agenda/Minutes

Jun 15, 2020:  meeting 10am PDT

May 18, 2020:  Meeting Minutes; Meeting Recording (Password: 1k&I$62S)

April 20, 2020: Meeting Minutes; Meeting Recording (Password: 5W?vM=#X)

Mar 16, 2020 (special long session): Meeting Minutes; Trevor Conn's V2 API issue notes; Meeting Recording

Mar 3, 2020: Meeting Minutes; Meeting Recording (API V2 special session)

Feb 18, 2020:  Meeting Minutes; Meeting Recording

Jan 27, 2020:  Meeting Minutes; Meeting Recording

Dec 16:  Meeting Minutes; Meeting Recording

Dec 4: Meeting Minutes; Meeting Recording

Nov 18: Meeting Minutes; Meeting Recording

Open Topics

  • Explore how we can inform people of architectural decisions (especially the small ones vs ones done via ADR).  Can we tag items in the project boards?  If so, which ones and how?  (comes from the Hanoi planning meetings)
    • First topic to be explored on Jun 15th meeting
  • Explore process and procedures for vetting 3rd party packages.  This initially came out of the security working group as a need to vet 3rd party packages for security issues (see #1947).  The community now has a larger interest in exploring it from a license perspective, size/performance impact, better alternative, as well as a security vetting.  James Gregg has done research to explore options.  James will lead the initial discussion (see https://github.com/jamesrgregg/1947-explore).
    • Listen to Security WG recording (Password: 6U#=Q%?^) for context and more information.
    • Currently being worked by James Gregg - next step is to find too to do PR review of any additions to go.mod file (see May 18 meeting notes)
  • In connection to above topic, how far down in the review of a module/library does the vetting project go?  Do we vet the use of the use of the use, etc. of a library?
    • What are the criteria of acceptance of a module/library (license, usage, versioned, security concerns, etc.)
    • Is it ok to accept a module/library that meets the criteria but could be smaller if we just did it ourselves (i.e. - is accepting a library that has 5 layers deep of imports ok?).  How would we define / stipulate this as a criteria?
  • Does EdgeX work with IPv6?  If not, what work needs to be accomplished and what are the impacts to the code base?
  • Add a service dot setting to set up the adapter for listen on web services (Lenny to provide more details)
  • EdgeX UI - it is for dev/test right now.  Would we ever want to have a UI for production?  Under what constraints?
  • How should we apply semantic versioning to modules?  When do we update the minor and major versions of modules?  (comes from the Hanoi planning meetings)
  • PR Template for conventional commits is now in place for all repositories for all PRs but without TSC approval.  It doesn’t appear to be affecting any problem. We need to finalize the shape of this and officially approve the template by the TSC.
  • Extract of Device Service requirements to ADR legacy - what are all the pieces that need to be moved there?
  • Per the Hanoi planning conference - we need to better define "bound checking" so that a design (and eventual implementation) can be brought forth to meet the requirements
    • Currently considering limiting the number of operations that can be performed on a service (like a device service) over a period of time or setting the max request size (that lends to DoS attacks)
    • Can the solution be more globally applied?
  • Design metadata about the “gateway” or host platform (identity, location, …)


  • No labels