Meeting Time and Conference information
Meeting Time: 3rd Monday of each month at 1pm EST as needed (if there are no agenda items, the meeting is cancelled)
Zoom Link: https://zoom.us/j/353955907
Meeting ID: 353 955 907
One tap mobile +16699006833,,353955907#
US (San Jose) +16465588656,,353955907#
US (New York) Dial by your location +1 669 900 6833
US (San Jose) +1 646 558 8656
US (New York) 877 369 0926
US Toll-free 855 880 1246
US Toll-free +1 647 558 0588
Canada 855 703 8985
Canada Toll-free Meeting ID: 353 955 907
Find your local number: https://zoom.us/u/abscayLpz ( https://www.google.com/url?q=https://zoom.us/u/abscayLpz&sa=D&ust=1570487240002000&usg=AOvVaw3baS0YLvMOVQhRUsVMH2C0 )
Meeting Agenda/Minutes
May 18, 2020: 10am PDT
April 20, 2020: Meeting Minutes; Meeting Recording (Password: 5W?vM=#X)
Mar 16, 2020 (special long session): Meeting Minutes; Trevor Conn's V2 API issue notes; Meeting Recording
Mar 3, 2020: Meeting Minutes; Meeting Recording (API V2 special session)
Feb 18, 2020: Meeting Minutes; Meeting Recording
Jan 27, 2020: Meeting Minutes; Meeting Recording
Dec 16: Meeting Minutes; Meeting Recording
Dec 4: Meeting Minutes; Meeting Recording
Nov 18: Meeting Minutes; Meeting Recording
Open Topics
- Explore how we can inform people of architectural decisions (especially the small ones vs ones done via ADR). Can we tag items in the project boards? If so, which ones and how? (comes from the Hanoi planning meetings)
- How should we apply semantic versioning to modules? When do we update the minor and major versions of modules? (comes from the Hanoi planning meetings)
- Explore process and procedures for vetting 3rd party packages. This initially came out of the security working group as a need to vet 3rd party packages for security issues (see #1947). The community now has a larger interest in exploring it from a license perspective, size/performance impact, better alternative, as well as a security vetting. James Gregg has done research to explore options. James will lead the initial discussion (see https://github.com/jamesrgregg/1947-explore).
- Per the Hanoi planning conference - we need to better define "bound checking" so that a design (and eventual implementation) can be brought forth to meet the requirements
- Currently considering limiting the number of operations that can be performed on a service (like a device service) over a period of time or setting the max request size (that lends to DoS attacks)
- Can the solution be more globally applied?