Community Office Hour Meeting Minutes​

Status updates discussed in meeting:

Infrastructure and Test Management​

• Test phase for Release 25.12 is ongoing. Currently blocking issue with Portal onboarding of new test companies.
  • Workaround using existing ones is also limited due to issues with email notifications for new user accounts and presumed issue for creation of new technical users.

Release Management​

• Release Planning Timeline:

  • 26.03 Eclipse Tractus-X Open Planning was conducted on November 13th.

• Policy Hub recommendation to be archived: Decision of Data Sovereignty Expert Group that the Policy Hub is not needed anymore, as it adds no value to the ecosystem.

  • See for details this issue on the Office Hour Board. It will remain in progress to track further information.
  • Input from Mathias Moser to follow the official process as outlined in TRG 7.09

Security​

• Please check regularly if there are findings for vulnerabilities or dependency updates in the security tab of your project repository.

Community/Open Planning​

• Everyone is invited to join the Fifth Eclipse Tractus-X Community Days on December 4th and 5th in Stuttgart. See this link for registration
• New Calendar View for open meetings, see for details the open meetings page
  • Potentially type color for time and date could be set in white for better legibility.

Feedback / Questions / Requests​

• Discussion of planned PostgreSQL updates and image provider change

  • Mikel Garcia has updated the applicable TRGs, including the change from Bitnami to Cloud Pirates images
  • He also created a migration guide using the SSI DIM Wallet Stub as an example.
  • However there were issues encountered by Lars Geyer-Blaumeiser for the BDRS service with the automated Helm Upgrade failing, thus requiring a manual deletion and redeployment. See this link for further details.

• Question from René Schröder regarding maintenance of IRS -> Will contact Robin Gottschalk to follow up.

• Suggestion from Mathias Moser: TRG for quality of new or existing repositories in GitHub, e.g. with the 3 phases sandbox, incubating, graduated. He will elaborate this further. The plan would be in a later step to display this automatically as a "maturity level" for each repository in the Eclipse Tractus-X product list overview.

• Discussion regarding a legal need to remove/replace references to EPL licenses from files in Eclipse Tractus-X. Finding a solution is ongoing.

Office Hour meeting minutes​

Update Infrastructure/Test Management​

• Deployment phase for 25.12 is ongoing. None has deployed yet, please start.
• DTR has an update ongoing, but the PR is open. New version expected on next week

Update Release Management​

• Release Check issues must be created next week to confirm who joins or opts out of the test phase; reminders have been sent to previous participants.
• Current reminder for 26.03 open planning: https://eclipse-tractusx.github.io/community/open-meetings#Open%20Planning%20for%20R26.03

Update Security​

• Please patch high and critical security vulneratiblities before e2e test.

Update Community/Open Planning​

• Community Days: registration open; a lot of other data spaces have been invited.
• Container images: @mgarciaLKS raised a TRG update for postgres with an example linked eclipse-tractusx/eclipse-tractusx.github.io#1367, committers aligned on 18.x
• What's the last date to provide the semantic model? Should be in line with the Final KIT PR (25.12 = 2025-11-17)
• What needs a ticket for release and how to release a kit? If you release a KIT, you need a release ticket: PURIS example - If you release something unfinished or not released in standards, add a disclaimer.

Office Hour meeting minutes​

Update Infrastructure/Test Management​

• Briefing meeting for the upcoming test phase is on Monday; invitations were sent out. If anyone was missed, invitations will be forwarded upon request.
• Scope: overview of the test phase (deployment, who joins, and key updates).
• Test phase start: 20 October.

Update Release Management​

• Release Check issues must be created next week to confirm who joins or opts out of the test phase; reminders have been sent to previous participants.
• Feature freeze is approaching; merge necessary PRs, especially for core products, to enable testing.

Update Security​

• Vulnerability identified in Python Keycloak-related dependency (PyPI package with no fixed version) causing Trivy workflow failures.
• Mitigation: use .trivyignore, include a review date, and document the waiver in the release issue.

Update Community/Open Planning​

• News: blog entry for 26.03 is online (alignment day, open planning day). Open source participants should use the open meetings page.
• New committers: Theresa and Andrii approved; complete Eclipse Foundation paperwork.
• Community Days: registration open; workshop proposals and sponsors welcome.
• Container images: evaluating CloudPirates Helm Charts (Keycloak, Postgres, etc.) that wrap official Docker images; Eclipse feedback indicates Docker images are acceptable if referenced transparently.
• KITs coordination: new Matrix room created to align multi-dataspace development and onboarding; plan a weekly KITs office hour once processes are established.

Office Hour meeting minutes​

Release 25.12 – Participation and Preparation​

• All teams must create their release check issues in sig-release by latest next week to prepare for the briefing meeting.
• Connector participation in 25.12 is undecided; decision expected after Tuesday’s discussion.
• Even minimal releases (e.g., only bug fixes) should still raise a check issue.
• Test phase briefing → next week, kickoff → two weeks after briefing.

Changelog & Documentation Changes​

• DocuSaurus updated to v3.9.1.
• New changelog presentation: structured by year/release using DocuSaurus blog plugin.
• Added contributor/committer acknowledgements (from GitHub analytics).
• Archived kits now provided; possible change to single current zip package instead of multi-version archives (to be discussed in committer meeting).

Governance & Repository Changes​

• Digital Product Passport repository deprecated and archived per TRG rules.
  • DPP verification docs → moved to Data Trust & Security Kit.
  • Full DPP documentation now lives in Ecopass.
  • Tutorial relocated to Tutorial Resources (still migrating images).
• Topic on centralising tutorials for Community Days still open.

Office Hour & Moderation Planning​

• New round-robin schedule; participants to confirm dates in the shared discussion link.
• Some moderation slots reallocated due to vacations/conflicts.
• Check for a new series needed with beginning of next year

Committer Elections​

• Theresa nominated as committer (focus: release management).
• Election closing next Thursday; committers asked to vote.
• Andrii's PMC election pending next PMC Monday meeting.

Community Days​

• Agenda still forming; workshops/presentations needed.
• Deadline for workshop confirmation: ideally within next 1–2 weeks, but minor changes possible up to event date.
• Semiconductor-X project may provide up to two workshops (cross-dataspace, traceability) depending on progress.

Security Reminders​

• Teams must check and address security tab issues to avoid deprecation.

Postgres 17 Upgrade & Image Source Problem​

• 25.09 used Bitnami Legacy images (last viable for that release).
• For 25.12+, Bitnami Legacy is not sustainable — need an alternative.
• Options under consideration:
  • Official Docker Hub Postgres images (license implications to check).
  • Cloud Pirates Helm charts/images (to evaluate; may wrap Docker Hub Postgres).
  • Hosting our own images (currently no team capacity).
• Eclipse Foundation guidance: use Bitnami Legacy for Sept release, evaluate Cloud Pirates for next.
• Action: Committers to research viable alternatives and check licensing with Eclipse Legal (possibly via Angelika).
• Decision deferred to Committer Round.

Office Hour meeting minutes​

Infrastructure Test Management​

• GNI X-Ray Test Sessions:
  2 sessions held; no active registrations.
  Keep status in progress for potential October session.
• External Product Test Phase:
  Release Candidate 3 published by Lars & team; some issues remain.
  Next evaluation meeting on Tuesday.
  Confirmed: Catena-X does not provide dedicated dev environments — teams are responsible for their own.

Release Management​

• Release postponed; target Tuesday/Wednesday.
• Preparation:
  • Change logs ready for review (Teresa prepared initial version).
  • Need contributions for Known Issues and product-specific notes (e.g. BPDM, Connector).
• Screenshots in Release Notes: Discuss post-release.
• Changelog Improvement Idea: Block-format inspired by Docusaurus for better presentation.

Security​

• Reminder: Check the security tab regularly.
• Deprecation of "Digital Product as Repository of Surveillance" planned next week.
• Plan to migrate VP visualization to Industry Core.

Community & Events​

• Catena-X Community Days (End of December): Registration open.
  • New field to list products you contributed to.
  • Multiple select option fixed.
  • Booking changes may require cancel/re-register.
• Call for workshop leaders/presenters.
• New “Community Events” room created for event promotion and discussions.

Committer Election​

• Andrii proposed as new committer — key contributions on EDC component, DSP/DCP TCK, release process improvements.

General Reminders​

• Moderation list update needed (René added).
• No office hour next week due to public holiday in Germany.

GitHub Fork Access Clarification​

• Forks in private accounts do not inherit original repo’s write access.
  Owner must explicitly grant rights.
  Public forks: read-only access by default.

Office Hour meeting minutes​

Update Infrastructure/Test Management​

• Bitnami Image Dependency

  • Bitnami container images (e.g., Keycloak, Postgres) are moving behind a paywall; legacy images will be deprecated and not maintained.
  • Security risks for future releases if legacy images are used.
  • Eclipse Foundation and other users are also affected; no immediate action required, but migration planning is needed.

• Repository Naming & Creation Guidelines

  • No strict naming convention; guidelines to be documented on the website.
  • Requirement: At least one ticket in SIG release, compliance with TRGs, and proper documentation (README, license).
  • Action: Present new repository requests in office hour; contributors to be added and approved.

Update Release Management​

• Release & Test Phase Updates

  • EDC 0.11 release candidate delayed by one week due to upstream issues.
  • Products using EDC will start testing one week later; other products should stick to the initial plan.
  • Tight timeline for release; last week reserved for bug fixes.

• Feature Planning for Release 25.12

  • Open planning session scheduled for August 14th.
  • Teams must refine features and inform needed teams/contributors before the session.

Update Security​

• Security Responsibilities
  • Teams are responsible for addressing security vulnerabilities in their releases.
  • Eclipse Foundation will support major issues but responsibility remains with the product teams (related committer).

Update FOSS Governance​

• API Versioning Discussion

  • Debate on enforcing API versioning (e.g., v2, v3 in URLs).
  • Previous decision: Recommend but not mandate versioning; no TRG (Technical Release Guideline) enforced.
  • Open for further discussion in the committer round.

• Project Description & Initiative Listing

  • Updated project descriptions to include Manufacturing-X and clarify scope.
  • Initiatives must contribute back to Tractus-X to be listed.

Update Community/Open Planning​

• Community Day Announcement

  • Community Day planned for December; registration opens in September.
  • Manufacturing-X initiatives invited to host workshops and demos.

• Tutorials & Identity Hub

  • New tutorial released for Identity Hub deployment and development.
  • Intended for demonstration and proof-of-concept, not production use.

Feedback / Question / Request​

• New Initiatives & Collaboration
  • Wind-X collaboration: Plan to create a Python SDK for asset administration shell, combining existing SDKs for broader API support.
  • Open invitation for contributors from other initiatives (e.g., FactoryX, Semi, Energy Data X).

Office Hour meeting minutes​

Infrastructure & Test Management​

Management & Progress Updates​

• Recent development tasks were completed, including resolving rate limit issues.
• Teams are reminded to create release check issues for the upcoming major release, including mapping features to test cases and noting responsible committers.

Environment Reset for Testing​

• Discussion on whether a reset of the test environment (25.09) is needed for a clean slate.
• No strong need identified; decision deferred to the next portal meeting for further input.

Release Management​

Timeline Review​

• Timeline for upcoming releases (25.12 and beyond) was reviewed.
• Alignment and open planning days are scheduled; some concerns about holiday overlaps, but dates are fixed due to release dependencies.

Security & Governance​

Security​

• Reminder to update the security tab and deprecate outdated repositories post-release for security reasons.
• Ongoing process to review and close out old (not maintained) repositories.

FOSS Governance​

• Ongoing review of the "one license file per folder" policy; to be discussed in the next committee meeting.
• Decision: No notice section required for blogs, news, or meeting minutes; required for other documents.
• Discussion on maintaining and updating changelogs for TRGs (Technical Reference Guides).
• Reminder to update API versions in the API hub and ensure .tractusX files are properly tagged.
• Emphasis on maintaining quality and consistency across KITs and APIs.

Community & Events​

• Recap of successful French Catena-X Days in Paris, including workshops and presentations.
• Ongoing search for contributors with wallet/identity hub experience; open meetings scheduled weekly.
• Presentation of Tractus-X to the Eclipse Data Space Working Group (EDWG) and discussion about associating the project with ADBG for increased visibility and marketing.
• Farewell to Evelyn, with best wishes from the team.

Office Hour meeting minutes​

Infrastructure & Test Management​

Release Roadmap​

• 25.09 release is in testing; 25.12 is upcoming.
• Teams must create and fill out release check issues, including responsible contacts, app versions, and feature lists. This must be done for both, KITs and FOSS Products.
• Quality gate checks should be created and linked early.
• Products not part of the release should be communicated.

Kubernetes Update​

• Core cluster update started; end environment update scheduled (1–5 PM).
• Upgrading to version 1.33.0 (from 1.28/1.29).
• Teams should consider the new version in their release checks.

Release Management​

Timeline Review​

• R25.09: Currently in development and test case creation phase. Deadline for KIT readiness: August 18.
• R25.12: Briefing meeting for testing in July; each team should send at least one representative.
• Open source community encouraged to contribute to "KITs" (documentation/tooling packages).
• Discussion on deadlines for KIT PRs—suggestion to focus on merge deadlines rather than initial PRs.

KIT Management​

Versioning & Changelog​

• Maintain changelogs in every request.
• Avoid last-minute KIT changes; contribute early to prevent release delays.
• Release check issues for KITs are still required and tracked on the release management board.

Refinement Phase for 25.12​

• Teams can already create features for the next release.
• Upcoming "Alignment Day" for cross-team coordination.

Security & Governance​

Security​

• Reminder to use the security tab and available tools (e.g., Snyk) to address critical/high findings.
• Contributors should consult committers for access.

FOSS Governance​

• TRGs (Technical Reference Guidelines) 7.XX, 7.XX, 7.XX updated; 7.XX to be deprecated. Improved handling of license/copyright information, especially for images and non-code artifacts. Find details in the PR.
• Reminders
  • Markdown files must include a notice section; code files require license headers.
  • Reviewers should enforce these requirements.
  • Discussion on imported notice sections and license mismatches. Not recommended

Community & Events​

Tractus-X Promotion at Catena-X Tech Days (France)​

• Event on July 9; open invitation to join and help build the French community.
• Announcement posted to the mailing list. Link to event.

Mailing List Etiquette​

• Replies and reactions to mailing list messages notify all members; use with consideration.

Open Discussion & Q&A​

• Issuer service deprecated; functionality moved to Identity Hub.
• Call for developers with Identity Hub experience.

Office Hour meeting minutes​

Infrastructure​

• no topics

Release Management​

Topics discussed:

• Release Timelines
• Recap Open Planning Day

Security​

Topics discussed:

• Regular Reminder Committers: Please check the security tab!

FOSS​

Topics discussed:

• automate dash + review
• github.io 3rd party check only on chnage "package.json"
• api-hub "needs an update"
• One license file per folder

Community/Open Planning​

Topics discussed:

• NEXT COMM DAYS IN MAY!!!! 22.05-23.05!!!
• New Committer Gonçalo
• Committer Election Borja
• EDC is not the connector, is Eclipse Dataspace Components

Feedback/Questions/Requests​

• No specific topics to discuss, except moderation round robin and hint on how to state questions

Office Hour meeting minutes​

Infrastructure​

• All products included in the release should create their release check issue.

Release Management​

• A reminder was sent out regarding the alignment meeting scheduled for Wednesday, May 7th.
• A briefing on the testing phase will take place on Monday, April 28th.

FOSS​

• The Docusaurus migration to version 3.7, including necessary library updates, has been completed. This upgrade included significant cleanup. A detailed description of what changed can be found here.

Community/Open Planning​

• Everyone is encouraged to participate in the Community Days in May 2025.
• Once the Docusaurus migration is merged, a pull request will be submitted to add a calendar view to the Eclipse Tractus-X website.

Feedback/Questions/Requests​

• No specific topics to discuss
• The release timelines for TX, CX, and the broader ecosystem are now aligned and available here.