GeoTools / GeoServer PMC meeting - 2025-01-14

Attending

• Torben Barsballe
• Peter Smythe
• Jukka Rahkonnen
• Jody Garnett
• Gabriel Roldan
• Andrea Aime
• Kevin Smith

Actions from prior meetings:

• [DONE] Jody: Request a builds mailing list from OSGeo

Agenda

• happy new year
• GS3 push
• CITE Updates
• Security round up
• PR / Bug round up

Actions

• action: Jody to “2025 blog post” to the user forum? LinkedIn / Facebook / mastodon and highlight GS3 as a priority (please).
• action: Jody to follow up with SAC to see if he can help / hinder

Happy new year

blog post: GeoServer 2025 Roadmap

• GeoServer-2025-Sponsorship-Opportunities
• Stage of GeoServer 2.26.1

GS3 push

The gauge shows 80% of funding target - which is great progress.

We need a bit of a push to reach the goal; ideally to start work in Q2.

• Please help promote this activity?
• action: Jody to “2025 blog post” to the user forum? LinkedIn / Facebook / mastodon and highlight GS3 as a priority (please).
• Could the PSC also pitch in for this activity? We have some prior sponsorship (from cite certification for example?). Consider and make a motion, but it is likely a small amount.

CITE Updates

Update from Andrea:

• During Xmas Break modified tests to run again latest “production” tests required for actual certification).
  (this takes over from the geoserver fork from 6 years ago)
• Had to make small changes to GeoServer but not much

Adding github workflows for additional tests:

• restored: WMS1.3, WMS 1.1,…
• new: WFS20
• research: Looking at how to certify for output formats GeoTIFF

This is already being a big benefit for the project, super helpful for any changes to the dispatcher (for example recent fixes for WCS version negotiation).

IN PROGRESS:

• WMTS 1.0 tests are pretty much working, needs PR to reviewed
  (has problems with REST test, but the GUI runs more tests, ticket reported)

• WFS 1.1 workflow is running on old engine, cannot run on the new one due to bug. Andrea reported the problem. Test passes using GUI but not REST API. #109

  • The TEAM Engine “team” is working on team engine 6, and is unlikely to fix this soon.
  • CITE · GitHub
  • to get certified we use the GUI so we will be “okay”, but we like the REST API for blackbox testing

• WCS2.0: passing, but also has some problems found with the specifications (namespaces inconsistency between text and schemas - reported as #145)

  • expect this to stay “stuck” for a bit while OGC thinks about it

• GeoPackage 1.2 should be possible using the same approach as GeoTIFF (testing the output)

Actually getting the certification sticker / reference implementation:

• Peter: OSGeo is willing to host a VM in mid January…
  • #3322 (Request for VM to certify GeoServer) – OSGeo
  • Host Docker + GeoServer + PostGIS + enable the different tests
  • RnD: We need a script or something to “reset” the database tables after WFS-T transaction
• Discussion about how to run them 1 by one 1 would take some time?
  • Idea: Maybe it is worth making a test harness to run the GUI, Selenium for example. Even if we just run them a couple times a year …
• action: Jody to follow up with SAC to see if he can help / hinder

Security round up

Peter: Observes people are running older versions, how to help / respond …

• not a surprise, often it takes organization change control policies
  • We try and be careful on backwards compatibility
• but it is VERY important, and we cannot support older versions

Sample response:

GeoServer 2.21.4 is not supported presently, can you re-test in a supported version? GeoServer provides fixes for a year as outlined in our security policy, please see recent blog post FAQ.

CSP headers

• Steve asks if that can be on by default?
  • Jody says “yes” for 2.27.0 release, with an env variable to disable, and documented in an update page (for backwards compatibility).

When did geoserver stop trusting the geoserver admin?

• Not sure, but we get a lot of bug reports with that assumption …
  • Perhaps if you provide access to “geoserver” but not the “machine” …
  • We try and address that in our docs and it can change in the codebase over time
    • jody: would like to show “environmental variable” in the GUI when GeoServer admin is “locked out”. See recent example of layer service defaults …

PR / Bug round up

GWC azure job credentials are not working

• gabe provided something, but it is out of budget …
• gabe can restore when budget / permissions available

WMTS CITE compliance fixes

• gabe reviewed but did not have much to add
• It is about returning the wrong exception
  (if you do not have locator, then returning locator = null is not appropriate)

aside:

• release data directory is not doing what I expect when I make a new layer, the default gridsets are from MapML and do not match the other layers (900913 and 4326).
  Is this a worth a bug report? Jody to double check with a fresh nightly build and report if needed.

We are getting a number of PRs stacking up:

• we no longer have monthly bug stomps
• time is the most precious resource, please help if available!