The Jenkins governance board meets today at 6:00 PM UTC on Zoom. The Zoom URL is https://zoom.us/j/91564716663?pwd=R3A2RDFGcU1wTVdoVTErYm1jNzVWdz09
Current meeting agenda is:
Agenda:
News
Releases
Jenkins 2.401.3 released Wednesday July 26, 2023
Security release as announced in Jenkins advisories mailing list, includes 2.416
Merges are paused to the master branch of Jenkins core until after the release
Jenkins 2.414 is the next LTS baseline
Jenkins 2.414.1 release candidate Aug 9, 2023
Jenkins 2.414.1 release Aug 23, 2023
Action Items
Mark Waite archive the governance meeting notes to a GitHub repository, use the Google doc as the working document, then publish final notes (done)
Mark archive submitted to the governance meeting archives repository in a merged pull request
NEW Alexander Brandes: Thoughts about using HackMD (https://hackmd.io/team/jenkins-governance (https://hackmd.io/6mgEkr1rS7Ca4j4a5YxZfA)) as a living document, like the infra team does?
Then we could push meeting minutes directly to GitHub and retire the google doc totally.
Mark Waite retrospective on signing certificate renewal process and its improvements
Code signing certificate update for MSI and WAR files
PGP signing key update for RPM and DEB files
Debian key packaging improvements (some other projects use that technique now)
Notification and process improvements
Reimbursement improvements
Details being gathered in the retrospective document
Mark Waite submit jenkins.io pull request to combine subprojects and SIGs into a single concept - “working groups”
More pull requests needed
Jenkins board and officer elections in November 2023
Proposal: Mark Waite and Alexander Brandes run the 2023 elections using same process as last year
Community activity
Artifactory bandwidth reduction project
JFrog hosts https://repo.jenkins-ci.org and covers all costs for the Jenkins project
JFrog is happy to continue hosting and sponsoring https://repo.jenkins-ci.org
Bandwidth use has been excessive due to abuse and misuse of its services
Duplicate downloads of released artifacts (jenkins.war, some tool installers)
20 TB per month saved by blocking IP address of one abuser (March 2023)
JFrog has asked us to password protect our mirrors for the next reduction in bandwidth
Mark Waite’s proposal is described in detail in the help desk ticket
Action: Mark scheduling a discussion session this week with Jenkins infra, Jenkins security, and others
Damien Duportal, Daniel Beck, James Nord, Stephane Merle, Herve LeMeur
Other are welcome to attend
Prototype.js removal blog post guides new contributors
Prototype.js removal epic making progress
Plugin progress visible in the tracking sheet
Concern for company maintained plugins to services we cannot test ourselves
Artifactory - maintained by JFrog (Over 22k installed)
Fortify - maintained by MicroFocus (Over 4k installed)
Xray test management for JIRA - maintained by David Duarte (Over 2k installed)
Synopsys Coverity - maintained by Synopsys (Over 1k installed)
qTest - maintained by Tricentis (Over 1k installed)
HTMLUnit 3 upgrades proceeding through 250+ plugin pull requests
Completed for test harness, core 2.409, tools, plugin pom 4.66, and plugin bom 2163
See the tracking sheet for latest status
Thanks to Tim Jacomb and Basil Crow, see Tim’s replacement script
4 Google Summer of Code projects midterm evaluations complete