[Geoserver-devel] GeoServer PSC Meeting Notes, Dec 19 2023

GeoTools / GeoServer PMC meeting - 2023-12-19### Attending- Torben Barsballe

  • Kevin Smith

  • Andrea Aime

  • Gabriel Roldan

  • Jody Garnett

Actions from prior meetings:- Jody: Submit budget + sponsor activities to board (copy geotools example)

  • [DONE] Jody: Make a motion to sponsor Marlin and GISSA 2024

Agenda- Release 2.23.4 Planning

Actions- Jody: Call for vote on GSIP 221, plan to update early Jan

  • Andrea: warn people about Java 21 build requirements and start merging PRs. Also make a GWC 21 PR.

Release 2.23.4 Planning

Looks like we have a volunteer - Peter! Thank you Peter!

He will need backup on GWC (if there are any changes)

  • checking: yes an update is needed

OSGeo Budget Request / Sponsorship Opportunities

The OSGeo elections are stalled on communication - so the current board has not been replaced

Jody would like to plan a blog post for January 1st (new calendar year).

  • please provide feedback to the list; or contact jody directly with your input

  • there will be a pull-request for review/feedback

GSIP 221 mkdocs

https://github.com/geoserver/geoserver/wiki/GSIP-221

Q: Doc freeze?

Yes - a good idea when proposal is accepted

  • it is quick to convert as I have script? So can we freeze for 1-2 days after successful doc conversion

Q: Do we just want to update main? Or the active branches?

  • A: Update the active branches

Q: version selector version VS stable URLs

Action: Jody will call for a vote on the proposal, plan to doc freeze the 1st week of January

Java 21 work ongoing

https://github.com/geotools/geotools/pull/4591

Q: Allow to Java 21 build to fail?

  • A: No, go for broke :slightly_smiling_face:

This handles people who just install java … and end up with Java 21.

Q: Why is this working? I thought JAI would break things …

  • A: We are not running QA - indeed if we build with Java 17 or Java 21 the QA will fail

  • We compile with Java 11, and then Java 17 and Java 21 will load the older classes with less strict requirements

How to go with it? Just go with a warning that code will build with java 21 in the actions.

Use maven CI friendly versions

See https://maven.apache.org/maven-ci-friendly.html

Andrea +1

Requires Maven > 3.5.0

Jenkins is showing two different maven versions:

We should probably be more consistent here, but in any case Jenkins supports this tool as-is

Security Vulnerability Roundup

The Coordinated Vulnerability disclosure policy is going fine.

Notes:

  • sikeoka has been working on several fixes

  • gabe has one to look at