-
Notifications
You must be signed in to change notification settings - Fork 624
Commit
This commit does not belong to any branch on this repository, and may belong to a fork outside of the repository.
Signed-off-by: seabeepea <[email protected]>
- Loading branch information
Showing
1 changed file
with
90 additions
and
0 deletions.
There are no files selected for viewing
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| Original file line number | Diff line number | Diff line change |
|---|---|---|
| @@ -0,0 +1,90 @@ | ||
|
|
||
| # 6/13/2019 | ||
|
|
||
| ### Attending: | ||
| * Cary Phillips | ||
| * Larry Gritz | ||
| * Rod Bogart | ||
| * Peter Hillman | ||
| * Kimball Thurston | ||
| * Nick Porcino | ||
| * Christina Tempelaar-Lietz | ||
|
|
||
|
|
||
| ### Discussion: | ||
| * Welcome new TSC members: | ||
| * Nick Porcino - Oculus | ||
| * Christina Tempelaar-Lietz - Epic | ||
| * Kimball Thurston - Weta | ||
| * Piotr was invited by hasn’t responded. | ||
| * Project goals by SIGGRAPH: | ||
| * Reach “adopted” status, seems attainable. | ||
| * CII badge progress is at 68% | ||
| * Need CI setup | ||
| * Need static/dynamic analysis setup | ||
| * Need to address security issues/policies | ||
| * Put out a new release, version 2.4: | ||
| * Address outstanding CVE’s | ||
| * Document existing CVE’s | ||
| * Compiler warnings | ||
| * CMake fixes | ||
| * Acknowledge most Issues and PRs; many can be closed as is. | ||
| * Proposal/position on the future of Imath; go into the BOF prepared to discuss. | ||
| * “Guide to the OpenEXR Project” | ||
| * GOVERNANCE.md, CONTRIBUTING.md, etc. | ||
| * Clarify project roles and clarify terminology: | ||
| * Committer vs. TSC | ||
| * Nick Rasmussen is an example of a committer not on the TSC. | ||
| * Need to clarify terms of service, how long do TSC members serve. | ||
| * OCIO meeting notes designate a PR Reviewer? | ||
| * Ad-hoc for that project to ensure fast turn around due to large number of contributions | ||
| * May want some form of this to ensure that PRs are reviewed | ||
| * Legal: | ||
| * Who keeps track of CLA’s on file? | ||
| * Should just be part of the process (CLA, DCO checks) | ||
| * Old PRs, what to do about obtaining CLAs prior to merge | ||
| * Need to check w/ ILM legal just to clarify old copyright / CLA | ||
| * Does OCIO have a policy of accepting small fixes without a CLA? No, that’s OIIO. All ASWF/Linux Foundation projects require CLA’s for every PR, no matter how small. | ||
| * CII Badge requires “acknowledgment of bug reports”. What should our policy be? | ||
| * Standard use of GitHub labels, documented in CONTRIBUTING. | ||
| * Use of GitHub Milestones to indicate priority. | ||
| * Status of the CII Best Practices Badge: | ||
| * Must ensure timely response to posts on openexr-dev | ||
| * What does it take to ensure that the website now uses https? | ||
| * Security: | ||
| * [email protected], [email protected] | ||
| * John to arrange setting up the forwards to private tsc | ||
| * Outstanding CVE’s: | ||
| * One has a PR that needs to be merged. | ||
| * Other CVE issues have been resolved but the issues were never closed. | ||
| * CVE’s should be documented in CHANGES.md. | ||
| * OpenEXR needs a designated security expert | ||
| * Cryptographic protocols are not applicable. | ||
| * Ready to set up Azure? | ||
| * Compiler Warning flags | ||
| * -Wall with GCC 7/C++17 on Ubuntu gives a handful of warnings, straightforward to fix. | ||
| * What about Windows? | ||
| * Code coverage, static analysis, dynamic analysis: SonarCloud? | ||
| * Just needs to have been done at least prior to release (as opposed to fully integrated to release schedule) | ||
| * Test policy adherence? | ||
| * Should we update source code copyright notices? | ||
| * Cary will check with Lucasfilm Business Affairs. | ||
| * What’s the status of moving the github repository? | ||
| * TODO’s and action items: | ||
| * Label issues and PR’s | ||
| * Gives perception of response | ||
| * Use milestones instead to mark issues for including in next release | ||
| * Need to be more aggressive with closing issues that had a back and forth resulting in a consensus there’s nothing to do | ||
| * Standard comment about a house-cleaning event in migration to ASWF | ||
| * Merge/act on existing PR’s | ||
| * Fix compiler warnings | ||
| * SonarCloud: Static and dynamic analysis | ||
| * Azure | ||
| * Web site/documentation | ||
| * JM: Can be moved independently, whenever ready | ||
| * CP: wants to re-do web site to make it easier to maintain | ||
| * Email addresses for info & security | ||
| * Imath white paper | ||
| * Christina - will work on SonarCloud | ||
| * Kimball - will work on PRs, cmake, compile warnings | ||
| * Nick - will review PRs as well |