Automatic Updates Initiative meeting on Aug 8, 2023

Created on 20 December 2023, about 1 year ago

Updated 3 January 2024, 12 months ago

This meeting:
➤ Is for core developers, initiative contributors, the Drupal Association and anyone interested in the initiative.
➤ Usually happens every other Tuesday at 1700 UTC.
➤ Is done over chat.
➤ Happens in threads, which you can follow to be notified of new replies even if you don’t comment in the thread. You may also join the meeting later and participate asynchronously!
➤ Has a public agenda anyone can add to
➤ *Transcript will be exported and posted* to the agenda issue. For anonymous comments, start with a :bust_in_silhouette: emoji. To take a comment or thread off the record, start with a :no_entry_sign: emoji.

Transcript

0️⃣ Who is here today? Comment in the thread below to introduce yourself and tell us why you are joining us.

1️⃣ Do you have any topics to propose for the meeting today? Feel free to propose them in this thread, and then I will give them their own unique threads for discussion. Conversation moving slow? Go ahead and open your own thread in the next numeric order.

2️⃣ Update on Security Audit of PHP-TUF/Rugged. We have a leading proposal. I've circulated to @dts to help validate the contents of the proposal, but assuming no red flags, I'd like to try and get it signed this week.

3️⃣ Security Audit of Drupal code - this is currently still blocked :red-flag:

4️⃣ Want to see if we can help with resolving - https://gitlab.com/rugged/rugged/-/issues/139So we can redeploy

5️⃣ 📌 Add php-tuf/composer-stager to core dependencies and governance — for experimental Automatic Updates & Project Browser modules Needs work is RTBC:tada:, Composer-Stager A dependency for Package Manager which is core dependency for AutoUpdates and Project BrowserIt does that heaving lifting to allow us to run Composer commands on staged copy of the Drupal site’s code base

Participants:

hestenet, Wim Leers, mlhess, ergonlogic, drumm

📌 Task

Status

Fixed

Version

2.0

Component

Meetings

Created by

🇺🇸United States hestenet Portland, OR 🇺🇸

Live updates comments and jobs are added and updated live.

contrib-only

Comments & Activities

Issue created by @hestenet
Comment about 1 year ago →
🇺🇸United States drumm NY, US
hestenet → credited drumm → .
Comment about 1 year ago →
🇨🇦Canada ergonlogic Montréal, Québec 🇨🇦
hestenet → credited ergonlogic → .
Comment about 1 year ago →
🇺🇸United States mlhess
hestenet → credited mlhess → .
Comment about 1 year ago →
🇧🇪Belgium wim leers Ghent 🇧🇪🇪🇺
hestenet → credited Wim Leers → .
Comment about 1 year ago →
🇺🇸United States hestenet Portland, OR 🇺🇸
Status changed to Fixed 12 months ago10:59pm 3 January 2024
Comment 12 months ago →
System Message
Automatically closed - issue fixed for 2 weeks with no activity.

contrib.social Blog FAQ Discussions

Production build 0.71.5 2024