Attending

Time:12:00PM PDT/03:00PM EDT - 01:00PM PDT/04:00PM EDT

Zoom: https://princeton.zoom.us/j/281265700

Participants

Trey Pendragon (Princeton University Library)
tamsin woo (UC Santa Barbara)
Noah Botimer (U. Michigan)
James Griffin (Princeton University Library)

Agenda

GitHub Board Review Column
Review Deliverables (Component Maintenance Working Group (Phase 3 - Sustaining)
Planning for Next Phase of Group

Notes

om Deprecation

James will send an update e-mail to the Samvera Community announcing the deprecation of om

Then, the PR will be merged and James will move the repository on GitHub

Reviewing the Deliverables for this Working Group

We said we would review the Core Components list
We lasted for one year and not six months - no one could recall us explicitly extended the WG
Updating the Core Components List
- We have an open PR to update the Core Component list on the website
- We did deprecate components where appropriate
  - (solrizer and om)
We advanced getting Components up to standards
We promoted Core Components
- iiif_manifest was promoted to Samvera
Technical Debt
- We did not really do much in order to note where technical debt lies for Core Components
- Noah: We did discuss this for certain components, we kicked certain Gems out and didn't fully discuss anything more extensive
  - solr_config updates for ActiveFedora and the om dependency for HydraEditor were addressed
Installation Data
- We need to re-run the reporting tool developed by Ben Armintor to assess the usage of each Core Component
Representation on the Roadmap Council
- Mark has been representing us on the Roadmap Council
Addressing Security Updates
- We have not run into any security alerts
- Noah: We also have GitHub repository alerts enabled in at least some cases
- Tom: We have not received any security alerts, and there were certainly security issues within Hyrax during this period
  - Suspects that the best approach is to call out an action for any future group to evaluate security processes
  - For the Core Components, there are actually applications which deploy the Gems, and check their own security (DCE and Notch8 are proactive about security concerns)
  - We would have likely heard from any others
- Trey: There is one security alert in github.io Repository
- Tom: There is a need to call for an improved process in future phases of this WG

2019 Technical Health Report

We need to write this
Rails 6.x just came out is going to constitute a large section of this
Otherwise, we have been able to deal with significant technical or security issues for Components
Next meeting: Should focus on drafting this report as the goal of the meeting
Tom: Create the document now and add some structural work on it between now and the next meeting
https://docs.google.com/document/d/157lBPaTC_zk19Einbm5Skux3ieqX9LYVuR3BmeUF5vQ/edit?usp=sharing
How should this be structured? On a per-component basis?
Members will continue to work on this asynchronously before the next scheduled meeting

Action Items

Update documentation for the Core Components on github.io
Run the reporting tool again with updated repositories
- Trey can take this action item (but might need to reevaluate the tool given that there are new Partners)
Then, write the technical health report
- We should be able to deliver this report at Samvera Connect
- This will be followed by a request to spin up a new phase of this WG as appropriate

Next Phase of this WG

We ended before right before Samvera Connect
- This was problematic
We should refresh again right after Connect, so that there is follow-through
- Tom: Concurs, extending into early November would permit a future group to charter itself at some time around the holidays
- Trey: We will run through Connect and potentially even help generate the call for participation
  - Trey is not going to be a part of the next iteration
  - Do we need to recruit? Are there volunteers in this WG?
  - Tom: Let's assume that we figure this out at Samvera Connect

Rails 6.0.0 Compatibility

Nobody is testing Rails 6.0.x yet
- But, there should not be any problems with testing against newer releases of Ruby
Tom: A Hyrax branch exists which will drive core component compatibility
Trey: Are we at 5.2 compatibility?
- Tom: Hyrax dependencies certainly are, and Tom will be releasing a Hyrax RC soon with these updates
- Trey: Valkyrie supports Rails 6.0.x, but does not use much of Rails any longer

Meeting adjourned at 12:24PDT/15:24 EDT

Browser not supported