Tech Committee Meeting Minutes 20 June 2017
From PKP Wiki
- Clinton, Svantje, Alec, Kenton, Chris
- PKP (Alec)
- Svantje and Bozana working on versioning merge (hope to include in 3.1)
- Clinton recommends also merging https://github.com/pkp/pkp-lib/issues/2444 (Alec will try)
- OJS 3.1 likely to be further delayed (still ~90 issues open, some will be deferred), but will shoot to have it ready for the conference.
- OJS 3.1
- complete translations for OJS 3.1: German, Russian
- incoming updates: Spanish, French, Portuguese, Czech, Catalan - will open issues when receiving them so we can track those
- in progress, but probably not for the release: Swedish
- in progress: Spanish, German
- Sprint topics being circulated (please participate via email!)
Solr Plugin for OJS 3 (Svantje)
- Can I use a solr php library? https://wiki.apache.org/solr/SolPHP
- Can I add it via composer?
- Yes! Alec is adding composer.json dependencies within the Paypal plugin as part of the subscriptions rewrite and will add tooling to the OJS build for this, but...
- As this will probably be distributed via the plugin gallery, your own build process would involve running Composer prior to building the tarball.
How do we want notifications of security issues?
- Clinton: See e.g. http://forum.pkp.sfu.ca/t/vulnerabilities-found-while-the-penetration-test/31681
- Alec: Any way is good; some kind of private contact for critical issues, otherwise e.g. forum is fine.
- Alec: Automated tools tend to generate a lot of false positives, and two experiences with several-hundred-page reports cost a lot of time for little benefit. Suggest encouraging the reporter to do some work weeding wheat from chaff, perhaps working on audit tool configuration.
- Alec: But we're always willing to receive and investigate reports as a backstop.
July 25, 2017, 9:00am Vancouver time.