09/06/19
Attending
Time:12:00PM PDT/03:00PM EDT - 01:00PM PDT/04:00PM EDT
Zoom: https://princeton.zoom.us/j/281265700
Participants
- Trey Pendragon (Princeton University Library)
- tamsin woo (UC Santa Barbara)
- Noah Botimer (U. Michigan)
- James Griffin (Princeton University Library)
Agenda
- GitHub Board Review Column
- Review Deliverables (Component Maintenance Working Group (Phase 3 - Sustaining)
- Planning for Next Phase of Group
Notes
om Deprecation
James will send an update e-mail to the Samvera Community announcing the deprecation of om
Then, the PR will be merged and James will move the repository on GitHub
Reviewing the Deliverables for this Working Group
- We said we would review the Core Components list
- We lasted for one year and not six months - no one could recall us explicitly extended the WG
- Updating the Core Components List
- We have an open PR to update the Core Component list on the website
- We did deprecate components where appropriate
- (solrizer and om)
- We advanced getting Components up to standards
- We promoted Core Components
- iiif_manifest was promoted to Samvera
- Technical Debt
- We did not really do much in order to note where technical debt lies for Core Components
- Noah: We did discuss this for certain components, we kicked certain Gems out and didn't fully discuss anything more extensive
- solr_config updates for ActiveFedora and the om dependency for HydraEditor were addressed
- Installation Data
- We need to re-run the reporting tool developed by Ben Armintor to assess the usage of each Core Component
- Representation on the Roadmap Council
- Mark has been representing us on the Roadmap Council
- Addressing Security Updates
- We have not run into any security alerts
- Noah: We also have GitHub repository alerts enabled in at least some cases
- Tom: We have not received any security alerts, and there were certainly security issues within Hyrax during this period
- Suspects that the best approach is to call out an action for any future group to evaluate security processes
- For the Core Components, there are actually applications which deploy the Gems, and check their own security (DCE and Notch8 are proactive about security concerns)
- We would have likely heard from any others
- Trey: There is one security alert in github.io Repository
- Tom: There is a need to call for an improved process in future phases of this WG
2019 Technical Health Report
- We need to write this
- Rails 6.x just came out is going to constitute a large section of this
- Otherwise, we have been able to deal with significant technical or security issues for Components
- Next meeting: Should focus on drafting this report as the goal of the meeting
- Tom: Create the document now and add some structural work on it between now and the next meeting
- https://docs.google.com/document/d/157lBPaTC_zk19Einbm5Skux3ieqX9LYVuR3BmeUF5vQ/edit?usp=sharing
- How should this be structured? On a per-component basis?
- Members will continue to work on this asynchronously before the next scheduled meeting
Action Items
- Update documentation for the Core Components on github.io
- Run the reporting tool again with updated repositories
- Trey can take this action item (but might need to reevaluate the tool given that there are new Partners)
- Then, write the technical health report
- We should be able to deliver this report at Samvera Connect
- This will be followed by a request to spin up a new phase of this WG as appropriate
Next Phase of this WG
- We ended before right before Samvera Connect
- This was problematic
- We should refresh again right after Connect, so that there is follow-through
- Tom: Concurs, extending into early November would permit a future group to charter itself at some time around the holidays
- Trey: We will run through Connect and potentially even help generate the call for participation
- Trey is not going to be a part of the next iteration
- Do we need to recruit? Are there volunteers in this WG?
- Tom: Let's assume that we figure this out at Samvera Connect
Rails 6.0.0 Compatibility
- Nobody is testing Rails 6.0.x yet
- But, there should not be any problems with testing against newer releases of Ruby
- Tom: A Hyrax branch exists which will drive core component compatibility
- Trey: Are we at 5.2 compatibility?
- Tom: Hyrax dependencies certainly are, and Tom will be releasing a Hyrax RC soon with these updates
- Trey: Valkyrie supports Rails 6.0.x, but does not use much of Rails any longer
Meeting adjourned at 12:24PDT/15:24 EDT