2014 07_Meeting_IRC_Log

Michal Čihař edited this page Apr 14, 2016 · 2 revisions
12:00 < ibennetch> Very well, let's begin then -- the first item is the reimbursement for the GSoC runion.
12:00 -!- chanaka777 [67f7328a@gateway/web/freenode/ip.] has joined #phpmyadmin
12:00 < ibennetch> Is there any discussion about this? it seems pretty straightforward to me.
12:00 < ibennetch> Hello chanaka777
12:00 < dstorm> hi
12:00 < chanaka777> hi
12:01 < Marc9> Hi chanaka777 and dstorm
12:01 < dstorm> hello Marc9
12:01 < ibennetch> If no one has any point to discuss about the GSoC expenses, then I think we can jump in to voting right away.
12:01 < Marc9> Well, I'm only sad that Google has such a limit, but nothing's perfect
12:02 < ibennetch> I agree, but at least they reimburse some of it
12:02 < ibennetch> I think this is reasonable and affordable so I vote yes we should reimburse the rest.
12:02 < Marc9> I also vote yes
12:02 < ibennetch> Michal and Hugues also voted yes by mailing list
12:03 < madhuracj> I think I should not be voting as I will be benifiting from this, hence have a conflict of interest there.
12:03  * dstorm being non member, can't say in this matter
12:03 < ibennetch> madhuracj: this is probably best in this case.
12:04 < ibennetch> There seems to be no objection, so we can move on and continue discussion of the security coordinator position.
12:04 -!- nijel [~nijel@] has joined #phpmyadmin
12:04 < ibennetch> I'll notify Michal so he knows to approve the expenses through Conservancy
12:04 < nijel> hi everybody
12:04 -!- zixtor_ [~zixtor@] has joined #phpmyadmin
12:04 < chanaka777> hi nijel
12:04 < ibennetch> nijel: Greetings, you got here just in time to notice we approve the first point on GSoC expenses.
12:04 < Marc9> What prompted my adding this item, is that this week we got 2 security reports involving 4 issues
12:05 < Marc9> Hi nijel
12:05 < nijel> great, that was fast  :-)
12:06 < Marc9> Note that there are only 4 participants to the security mailing list...
12:06 -!- zixtor [~zixtor@] has quit [Ping timeout: 240 seconds]
12:06 -!- zixtor_ [~zixtor@] has quit [Client Quit]
12:06 < nijel> I can still spend some time on fixing bugs, but I really lack time to do the communication and coordination...
12:06 < Marc9> So we would need a new security coordinator, and also more participants to the security mailing list :)
12:07 -!- zixtor [~zixtor@] has joined #phpmyadmin
12:07 < Marc9> A coordinator is the one who does the communication, not necessarily the fixes,
12:07 < Marc9> also takes care that we do not forget any issue
12:08 < Marc9> If nobody volunteers, I can take the security coordinator hat, but I would appreciate more participation to the security issues
12:08 < zixtor> I remember Ann + J.M. showing interest about being coordinator
12:09 < Marc9> zixtor, yes, they did it for the last round of issues, they also did the fixes
12:09 < Marc9> (but they are not here today...)
12:09 < zixtor> yeah, right
12:09 < Marc9> also, I'm not sure that they have the time to do it regularly
12:11 < chanaka777> Just wanted to know, did they told something like that ?
12:12  * ibennetch is thinking about whether I have time to commit to being coordinator
12:12 < Marc9> Last time I suggested that more team members participate to the security list, I don't think there was a single response. I don't want to point fingers at anybody, but more participation would help avoid anyone being burned out
12:13 < madhuracj> Also, I do not see any problem of all the team members being members of the security team. Of course if they are willing to.
12:13 < madhuracj> So we will have more man power there
12:13 < Marc9> I also do not see a problem with that
12:13 < chanaka777> Yes, agreed
12:13 < zixtor> Yes, I also always thought why we have two separate mailing lists..
12:13 < nijel> indeed, anybody is welcome to join that list
12:13 -!- dietcode [~Code-@cpc11-basf8-2-0-cust85.12-3.cable.virginm.net] has joined #phpmyadmin
12:14 < chanaka777> So why we do not discuss those issues in the team list ?
12:14 < Marc9> If I can do a time estimate for the coordinator "job", it could be about, say, 10 hours per year.
12:15 -!- mckendricks [~textual@] has joined #phpmyadmin
12:15 < Marc9> zixtor, I think the reason is that, before, there were more inactive members on the team list
12:15 < zixtor> Ok and I am willing to join the list and help with issues that I can..
12:15 < Marc9> zixtor, but now that the team list contains only active people, we could redirect the security list to the team list;
12:15 < nijel> indeed it's not much consuming, you just need to react reasonably fast on incoming mails and track which issues need to be addressed
12:16 < Marc9> however the real issue is manpower
12:16 < Marc9> if someone wants to try being a coordinator, I can be his mentor
12:16 < zixtor> Yes, so having everyone on the list will attract everyone's attention to the issues..
12:17 < madhuracj> @Marc9: I would like to give it a try
12:18 < Marc9> I can complete the "Security of phpMyAdmin" wiki page (process section) with the missing parts
12:18 < madhuracj> 10 hours per year shlould not be a problem. Having a mentor would be quite helpful for a start.
12:18 < Marc9> Thanks Madhura, so when can we start? :)
12:19 < Marc9> Thanks Atul for giving help on security issues
12:19 < ibennetch> Good, then madhuracj can do it -- but if he finds the work unsuitable then I can take over as coodinator.
12:19 < madhuracj> I believe you sent the initial replies to the recent security reports. I can follow them up.
12:19 < zixtor> Yes, I am willing to join the process
12:19 < Marc9> Now, what do we do, a redirect or we keep two distinct memberships?
12:19 < ibennetch> I don't think it makes sense to have co-coordinators, better to have one person managing it. Just to be clear.
12:20 < madhuracj> I think it's best to keep two seperate list and invite members to join the security list if they are willing to
12:20 < Marc9> Indeed, the coordinator is the one who sends a "team" response to incidents, once the team agrees
12:20 < ibennetch> I think two memberships is fine for now. There's no gain to me to have it merged to one list; we can just all join both.
12:21 < chanaka777> okay that's fine
12:22 < Marc9> madhuracj, I sent the initial replies to the reporters, and made the initial tests on all issues
12:23 < ibennetch> So madhuracj is the new coordinator and will work with Marc9 to take over smoothly the current issues; the rest of us who are interested will join the security mailing list.
12:23 < zixtor> Yes, right
12:23 < Marc9> Great
12:23 < nijel> perfect
12:24 < Marc9> May I add one small subject to the meeting: the next meeting in person?
12:24 < madhuracj> Please go ahead
12:25 < nijel> okay
12:25 < Marc9> I wrote about going to PHP conference in Italy and got a few answers, but I would like to know if we can consider this kind of conference, or not
12:26 < nijel> it's not something I'd prefer, but it's acceptable for me
12:26 < zixtor> I vote for FOSDEM
12:26 < madhuracj> I think it's ok
12:27 < Marc9> I heard that someone would not participate if we go to FOSDEM
12:28 < chanaka777> I vote for PHP conference
12:28 < zixtor> Marc9, Oh, I didn't know that
12:29 < Marc9> Maybe it's not time to "vote" yet, just clarify the possibilities
12:29 < madhuracj> May be we can list the possible options, study them more and vote on them. I guess we are not in a hurry to decide
12:29 < zixtor> Are we considering FOSDEM vs PHP conference?
12:29 < madhuracj> @Marc9: indeed
12:29 < ibennetch> I think Italy is very much a possiblity.
12:29 < ibennetch> (As is FOSDEM)
12:29 < Marc9> One of the reasons pro-Italy is the weather, of course;
12:29 < zixtor> Right, first we list other options too..
12:30 < ibennetch> I imagine both are reasonably close to J.M. as well for train travel
12:30 < Marc9> another reason is to go to a different kind of conferences, to add some variety
12:31 < Marc9> but, it's true that FOSDEM is difficult to beat in terms of subjects span; plus we could apply for a booth
12:33 < Marc9> I don't think we should consider DebConf 15 in Germany
12:33 < ibennetch> But the PHP conference falls on the anniversary of PHP, right? So it's a bigger deal than other years.
12:34 < Marc9> ibennetch, well I wrote today to their contacts, but I'm not sure that the 2015 date is set
12:34 < nijel> I'd also skip DebConf
12:35 < Marc9> nijel, what about openSuSE conf?
12:36 < nijel> Marc9: honestly I think it's getting smaller and smaller, so I'm not really sure it's good idea to consider it
12:36 -!- zixtor_ [~zixtor@] has joined #phpmyadmin
12:37 < Marc9> nijel ok
12:37 -!- zixtor [~zixtor@] has quit [Read error: No route to host]
12:37 < nijel> just to make the information complete: The openSUSE Conference 2015 is going to take place in The Hague, Netherlands.
12:38 < Marc9> We should consider only conferences where the entry price is not heavy
12:39 < Marc9> Ok, we can continue discussing in the next few months, but if FOSDEM materializes, we'll have to take a decision, say, in October
12:40 < madhuracj> We probabl can start a discussion on the team mailing list.
12:40 < madhuracj> probably*
12:41 < nijel> that's true for overseas flights it should be the time to book...
12:41 < Marc9> and I'll let you know when I get an answer from PHP Italy Day
12:42 < nijel> okay
12:42 < ibennetch> Okay, that sounds reasonable to me
12:42 < nijel> I will go to FOSDEM most likely anyway, but I don't think that makes any change in deciding :-)
12:43 < Marc9> nijel, a lightning talk about weblate?
12:43 < nijel> Marc9: maybe, I'll see :-)
12:44 < Marc9> Now _this_ would make a change in deciding ;)
12:44 < ibennetch> :)
12:44 < nijel> I don't think so ;-)
12:44 < madhuracj> :)
12:45 < ibennetch> Okay, then; things seem to be winding down so unless anyone has a last minute item to bring up I think we can begin to wrap up the meeting
12:45 < Marc9> ok for me
12:45 < chanaka777> sure
12:46 < nijel> okay for me
12:46 < ibennetch> Thank you all for attending today and have a great week!
12:46 < Marc9> bye all
12:46 < dstorm> bye everyone
12:46 < ibennetch> Of course we can continue to discuss, but the "official" meeting is over
Clone this wiki locally
You can’t perform that action at this time.
You signed in with another tab or window. Reload to refresh your session. You signed out in another tab or window. Reload to refresh your session.
Press h to open a hovercard with more details.