(Meeting Link: https://zoom.us/j/97540031823?pwd=dEJrRW1LakFlWnZPelI3VGxoVjg2dz09)
APAC Friendly Time (https://www.timeanddate.com/worldclock/converter.html?iso=20201012T150000&p1=224&p2=179&p3=1440&p4=195&p5=47)
- 6 pm Monday Los Angeles
- 9 pm Monday New York
- 1 am Tuesday UTC
- 3 am Tuesday Paris/Berlin
- 11 am Tuesday Brisbane
Agenda
- Housekeeping
- Antitrust notice - https://www.linuxfoundation.org/antitrust-policy/
- This meeting is being recorded
- Please Mute unless speaking
- If you have a question use the raise hand feature
- General Announcements
- Incentive Program Update - Discussion of Proposal #3
If we have time...
- Metrics Review - https://insights.lfx.linuxfoundation.org/projects/hyperledger%2Fbesu/dashboard;quicktime=time_filter_3Y
- Roadmap Review - Roadmap
- Action Items Review from Prior Meetings
- Release updates
- 21.10.7 - dependency updates to address vulnerabilities
- 21.10.8 - includes Mystique ETC hardfork
- 21.10.9 - with fix for cors origin - related to vert.x upgrade - will be done by the time of this meeting - Justin Florentine
- Tracking who is doing each release Release Rotations 2022
- Team is working toward several Release Process Improvements here
- Work Updates
- trace APIs - ongoing - Did we discuss with Daniel?
- Other Business
- Hyperledger Chat Task Force is close to finalizing a proposal
- Open Forum
- Besu has no automation around vulnerability scanning. Sally MacFarlane is looking at options for this. Ideas and feedback welcome.
- (21.10.7 was created because of vulnerabilities raised by a user of Besu. Users are being more diligent about this since log4j issues.)
- one proposed solution: nightly scan of docker image with trivy https://github.com/hyperledger/besu/pull/3295
- Besu has no automation around vulnerability scanning. Sally MacFarlane is looking at options for this. Ideas and feedback welcome.
- Future Topics