2022-01-20 Besu Contributor Call

(Meeting Link: ⁨https://zoom.us/j/97540031823?pwd=dEJrRW1LakFlWnZPelI3VGxoVjg2dz09)

EMEA/AMER Friendly Time -  1500 UTC (https://www.timeanddate.com/worldclock/converter.html?iso=20201012T150000&p1=224&p2=179&p3=1440&p4=195&p5=47)

• 8 AM Thursday San Francisco
• 11 AM Thursday New York
• 3 PM Thursday UTC
• 5 PM Thursday Paris/Berlin
• 1 AM Wednesday Brisbane

Agenda

•  Housekeeping
  • Antitrust notice - https://www.linuxfoundation.org/antitrust-policy/
  • This meeting is being recorded
  • Please Mute unless speaking
  • If you have a question use the raise hand feature
• General Announcements
  • Incentive Program Update
• Metrics Review - https://insights.lfx.linuxfoundation.org/projects/hyperledger%2Fbesu/dashboard;quicktime=time_filter_3Y
• Roadmap Review - Besu Roadmap & Planning
• Release updates
  • 21.10.7 - dependency updates to address vulnerabilities
  • 21.10.8 - includes Mystique ETC hardfork
  • 21.10.9 - with fix for cors origin - related to vert.x upgrade - will be done by the time of this meeting - Justin Florentine
  • Tracking who is doing each release Release Rotations 2022
  • Team is working toward several Release Process Improvements here
• Work Updates
  • trace APIs - ongoing
• Other Business 
  • Proposed change to emeritus guidelines - merged https://github.com/hyperledger/besu/pull/3233
  • Hyperledger Chat Task Force is close to finalizing a proposal
• Open Forum
  • Besu has no automation around vulnerability scanning. Sally MacFarlane is looking at options for this. Ideas and feedback welcome.
    • (21.10.7 was created because of vulnerabilities raised by a user of Besu. Users are being more diligent about this since log4j issues.)
    • one proposed solution: nightly scan of docker image with trivy https://github.com/hyperledger/besu/pull/3295
• Future Topics

View recording: