Meeting Time and Conference information
Meeting Time: 3rd Monday of each month at 1pm EST as needed (if there are no agenda items, the meeting is cancelled)
Zoom Link: https://zoom.us/j/353955907
Meeting ID: 353 955 907
One tap mobile +16699006833,,353955907#
US (San Jose) +16465588656,,353955907#
US (New York) Dial by your location +1 669 900 6833
US (San Jose) +1 646 558 8656
US (New York) 877 369 0926
US Toll-free 855 880 1246
US Toll-free +1 647 558 0588
Canada 855 703 8985
Canada Toll-free Meeting ID: 353 955 907
Find your local number: https://zoom.us/u/abscayLpz ( https://www.google.com/url?q=https://zoom.us/u/abscayLpz&sa=D&ust=1570487240002000&usg=AOvVaw3baS0YLvMOVQhRUsVMH2C0 )
Meeting Agenda/Minutes
June 30, 2020 (extra meeting to address growing number of issues): Meeting Minutes; Meeting Recording
Tony's slide deck on commit messages
Jun 15, 2020: Meeting Minutes; Meeting Recording
May 18, 2020: Meeting Minutes; Meeting Recording (Password: 1k&I$62S)
April 20, 2020: Meeting Minutes; Meeting Recording (Password: 5W?vM=#X)
Mar 16, 2020 (special long session): Meeting Minutes; Trevor Conn's V2 API issue notes; Meeting Recording
Mar 3, 2020: Meeting Minutes; Meeting Recording (API V2 special session)
Feb 18, 2020: Meeting Minutes; Meeting Recording
Jan 27, 2020: Meeting Minutes; Meeting Recording
Dec 16: Meeting Minutes; Meeting Recording
Dec 4: Meeting Minutes; Meeting Recording
Nov 18: Meeting Minutes; Meeting Recording
Open Topics
- How far down in the review of a module/library does the vetting project go? Do we vet the use of the use of the use, etc. of a library?
- Next meeting: Jim White to use the evaluation list provided by Tony/James to review the 30+ library/module imports of edgex-go that are dynamically versioned (have no version number tag - example is bitbucket.org/bertimus9/systemstat v0.0.0-
20180207000608-0eeff89b0690) - With the revised criteria list and module/library report, re-evaluate the draft vetting policy.
- Next meeting: Jim White to use the evaluation list provided by Tony/James to review the 30+ library/module imports of edgex-go that are dynamically versioned (have no version number tag - example is bitbucket.org/bertimus9/systemstat v0.0.0-
- PR Template for conventional commits is now in place for all repositories for all PRs but without TSC approval. It doesn’t appear to be affecting any problem. We need to finalize the shape of this and officially approve the template by the TSC.
- Mike, Lisa and Tony to provide improved template around conventional commits and any recommended policy for TSC approval.
- Add a service dot setting to set up the adapter for listen on web services (Lenny to provide more details)
- EdgeX UI - it is for dev/test right now. Would we ever want to have a UI for production? Under what constraints?
- How should we apply semantic versioning to modules? When do we update the minor and major versions of modules? (comes from the Hanoi planning meetings)
- Extract of Device Service requirements to ADR legacy - what are all the pieces that need to be moved there?
- Per the Hanoi planning conference - we need to better define "bound checking" so that a design (and eventual implementation) can be brought forth to meet the requirements
- Currently considering limiting the number of operations that can be performed on a service (like a device service) over a period of time or setting the max request size (that lends to DoS attacks)
- Can the solution be more globally applied?
- Design metadata about the “gateway” or host platform (identity, location, …)
- How do address module and component version release needs for examples (per Slack exchange with Luis Obando). go.mod in the examples helps - or at least some documentation on dependencies.
- How should we deal with example code? Example code for app services lives in holding. Example code for Device Services lives in the device service SDK (although to some extent, device random and virtual are examples). Security is about to create some example code for SSH tunneling. Should all this be collected somewhere? Should it live in Github or in the docs (or on the Wiki or other location)? Should it be consolidated? Is it managed code or is it "buyer beware" code?
- How do we review/remove artifact removal (docker images in Docker Hub, snaps, etc.)?