Samvera Tech Call 2022-07-13
- James Griffin
- Collin Brittle
- Heather Greer Klein
Meeting Logistics:
Time: 9:00am PDT / Noon EDT
Zoom Meeting URL: https://princeton.zoom.us/j/7739591625
(link will launch Zoom client – if you do not have Zoom, expand the instructions below)
Agenda (meeting notes below)
Datacite documentation request (Heather)
Questions from Datacite:
I think the work to add DOI registration features to Hyku done by Ubiquity has been incorporate into the main codebase (since there’s some code that can hold DataCite creds), but we’re not completely sure how it works. Where could we find documentation?
Is there are support in Hyrax for DOI registration? From these pull requests it seems like maybe? [Backport] Provide patterns and infrastructure for assigning remote identifiers (DOI, Handle, etc.) by cjcolvar · Pull Request #4465 · samvera/hyrax Provide patterns and infrastructure for assigning remote identifiers (DOI, Handle, etc.) by cjcolvar · Pull Request #4458 · samvera/hyrax . If so, we’d love to know more and get links to docs, if possible, so we can share that info with our community.
Reorganizing Hyrax Github repo documentation (.md files) (Julie)
Moderator: @Bradley Watson (Emory University)
Notetaker: @James Griffin (Princeton University Library)
Attendees:
@Collin Brittle (Emory)
@Juliet Hardesty (Indiana University)
@Heather Greer Klein (Samvera Community)
@Daniel Pierce (Indiana University)
@Thomas Scherz (University of Cincinnati)
@Brendan Quinn (Northwestern University)
@Rob Kaufman (Scientist)
Meeting Process
Notes
Community Projects
Docker Hub and GitHub releases
fcrepo is maintained by mbklein on Docker Hub
Otherwise there are Docker images on GitHub
Desire to publish NPM packages is there for Samvera contributors
Deprecate the Hierarchy of Promises
This can be archived
DataCite Documentation Request
Heather had outreach from DataCite folks
Interested in documentation for Samvera/DataCite integration support by community members who are actively using DataCite
Is there any existing DataCite documentation?
Hyku integration is offered by Scientist.com contributors
Not many attending the call are experienced in using DataCite integration
Chris Colvard may have more significant experience
Same code, just ported into different branches
Hyrax Documentation Reorganization
/.githubdirectory has some duplicate Markdown filesDocumentation as Markdown or text files should be moved to the root (
/) of the repositoryGitHub has an updated workflow for creating workflow templates
Addressing this just requires that the
ISSUE_TEMPLATE.mdbe moved to a different directory (/.github)
/documentationdirectory also exists, but GitHub does not parse this as a supported documentation directoryNo opposition to retaining this, but GitHub does support
/docsChanging
/documentationto/docsmight still be desirable
Rails CVE
Vulnerability for Rails 7.0.3.1, 6.1.6.1, 6.0.5.1, 5.2.8.1
This was discussed within the Hyrax IG
If you use
#serializein ActiveRecord, there is the possibility of a RCE attackThis is not used in Hyrax, but it is invoked within Blacklight
Solution is to upgrade Rails, and this also breaks YAML serialization for Blacklight upstream
Rails community should offer new patch versions fairly soon
In turn, Blacklight patch releases should also be released in the near future
bulkraxandallison_flexalso call the afflicted methodA volunteer shall create issues on Hyrax, bulkrax, and allison_flex addressing these issues
Please also monitor the #blacklight Channel in the Code4Lib Slack
valkyrie-shrine 1.0 release
Thank you from Brendan Quinn!
Next Scheduled Samvera Tech Call (07/20/22)
Moderator: @Daniel Pierce
Notetaker: @Bradley Watson
Support Requests (Slack)
None unresolved
Pull Request Review
No reviews were requested for any existing pull requests
Call concluded at 09:33 PDT/12:33 EDT