(Meeting Link: https://zoom.us/j/97540031823?pwd=dEJrRW1LakFlWnZPelI3VGxoVjg2dz09)
EMEA/AMER Friendly Time - 1500 UTC (https://www.timeanddate.com/worldclock/converter.html?iso=20201012T150000&p1=224&p2=179&p3=1440&p4=195&p5=47)
- 8 AM Tuesday San Francisco
- 11 AM Tuesday New York
- 3 PM Tuesday UTC
- 5 PM Tuesday Paris/Berlin
- 1 AM Wednesday Brisbane
Agenda
- Housekeeping
- Antitrust notice - https://www.linuxfoundation.org/antitrust-policy/
- This meeting is being recorded
- Please Mute unless speaking
- If you have a question use the raise hand feature
- General Announcements
- Release updates
- 21.10.7 - dependency updates to address vulnerabilities
- 21.10.8 - includes Mystique ETC hardfork
- 21.10.9 - with fix for cors origin - related to vert.x upgrade - will be done by the time of this meeting - Justin Florentine
- Work Updates
- trace APIs - ongoing
- Other Business
Proposedchange to emeritus guidelines - merged https://github.com/hyperledger/besu/pull/3233
- Open Forum
- Besu has no automation around vulnerability scanning. Sally MacFarlane is looking at options for this. Ideas and feedback welcome.
- (21.10.7 was created because of vulnerabilities raised by a user of Besu. Users are being more diligent about this since log4j issues.)
- one proposed solution: nightly scan of docker image with trivy https://github.com/hyperledger/besu/pull/3295
- Besu has no automation around vulnerability scanning. Sally MacFarlane is looking at options for this. Ideas and feedback welcome.
- Future Topics
View recording:
Passcode: