Skip to main content

Gabor Almadi

office hour meeting minutes

System team

  • Whenever a new room is created in the Eclipse Matrix chat, please announce it in the main Tractux-X room, office hour and mailing list so everybody can learn about it and join.

Security team

FOSS

  • There was a new election for a project lead role for Stephan Bauer
  • The Eclipse Project Handbook changed the section about handling copyright headers. A year range is not longer necessary, only the year when the file was created so there is no need to keep an eye on updating the headers. It is still allowed to put year range (creation date and last modification year) in the header but they have to be separated with comma character.
  • Please sign the Eclipse Contributor Agreement when trying to contribute to the webpage. Without that it is not possible to merge commits to the main branch.
  • ❗ Please don't put any Catena-X content or resource on the website without permission.

Open planning / community

  • New Open Meetings Links are listed directly on our webpage to participate and separate calendar files can be downloaded from there.
  • Office hours will probably start a few minutes later so the people don't have to wait until everyone gets there.
  • Commiters and Contributors Meeting could be a new form of communication where the committers are more involved getting some pressure off the System Team.
  • Newjoiner rounds for basic introductions would be held every 2 weeks in a separate session.

Open discussion

  • Umbrella chart:
    • Currently there is a temporary solution for the Managed Identity Wallet by SAP until the open source version is fixed. This is a COTS application and it raises questions like how it can be integrated into an open source software stack like the umbrella chart. It is not confirmed yet whether the version from SAP can be used without a license. Currently all components can run without MIW but data exchange functionality won't work.
  • Public API versioning is still an open topic where no decision has been made to create a TRG or guide the Tractus-X community to follow one versioning strategy.
  • An alternative for MS Teams should be found as it is hard to manage for an open community (e.g. Discord).

office hour meeting minutes

System team

  • No update

Security team

  • Many open cases (>10) from GitGuardian, please check you inboxes (or spam folders)
  • A bug bounty program is in the making

FOSS

  • Happy new year: Don't forget to update the year in your copyright headers
    • some corner cases will be clarified until next office hour
  • There is a new draft TRG 2.06 regarding dependabot usage
    • please update your DEPENDENCIES file(s) to ensure that the suggested changes are license compliant

Open planning / community

  • Last open planning session went very well
  • There's a new open meetings page

Open discussion

  • discussion regarding the "Notice for docker image" to be moved into a separate file.
    • TRG 4.06 will be updated to mandate a dedicated file.
    • Please keep in mind to update your docker build workflow to include the new file instead of the README.md. See example of TRG 4.05 for reference.
  • discussion on where to discuss about new / changes to existing TRGs: TRG draft section, within the PR or GitHub discussions
    • Sebastian is going to create a PR so everybody can vote on it
  • As multiple people struggle with our current docusaurus1 setup, there will be a training/hands-on session soon. It's will be announced on the mailing list.
  • Content updates for KITs: Please ensure that no copyrighted content (incl. Catena-X) is contributed to Tractus-X.
  • False-positive issues opened by Trivy - please raise a "tooling support" issue in the sig-security repository
  1. docusaurus: the generator for the pages you are reading right now