Difference between revisions of "Tech Committee Meeting Minutes 20 June 2017"

From PKP Wiki
Jump to: navigation, search
(Other Topics)
Line 20: Line 20:
== Documentation ==
== Documentation ==
* NTR.
== Sprint/Conference ==
== Sprint/Conference ==

Revision as of 09:28, 20 June 2017

In Attendance

  • Clinton, Svantje, Alec, Kenton, Chris

Quick Updates

  • PKP (Alec)
    • PKP merge for Javascript framework efforts coming soon
    • Svantje and Bozana working on versioning merge (hope to include in 3.1)
    • Clinton recommends also merging https://github.com/pkp/pkp-lib/issues/2444 (Alec will try)
    • OJS 3.1 likely to be further delayed (still ~90 issues open, some will be deferred), but will shoot to have it ready for the conference.

Translation (Marco)

  • OJS 3.1
    • complete translations for OJS 3.1: German, Russian
    • incoming updates: Spanish, French, Portuguese, Czech, Catalan - will open issues when receiving them so we can track those
    • in progress, but probably not for the release: Swedish
  • OMP
    • in progress: Spanish, German


  • NTR.


  • Sprint topics being circulated (please participate via email!)

Other Topics

Solr Plugin for OJS 3 (Svantje)

  • https://github.com/pkp/pkp-lib/issues/2575
  • Can I use a solr php library? https://wiki.apache.org/solr/SolPHP
    • Yes!
  • Can I add it via composer?
    • Yes! Alec is adding composer.json dependencies within the Paypal plugin as part of the subscriptions rewrite and will add tooling to the OJS build for this, but...
    • As this will probably be distributed via the plugin gallery, your own build process would involve running Composer prior to building the tarball.

How do we want notifications of security issues?

  • Clinton: See e.g. http://forum.pkp.sfu.ca/t/vulnerabilities-found-while-the-penetration-test/31681
  • Alec: Any way is good; some kind of private contact for critical issues, otherwise e.g. forum is fine.
  • Alec: Automated tools tend to generate a lot of false positives, and two experiences with several-hundred-page reports cost a lot of time for little benefit. Suggest encouraging the reporter to do some work weeding wheat from chaff, perhaps working on audit tool configuration.
  • Alec: But we're always willing to receive and investigate reports as a backstop.