GeoTools / GeoServer PMC meeting - 2024-11-05
Attending
- Torben Barsballe
- Peter Smythe
- Kevin Smith
- Andrea Aime
- Gabriel Roldan
- Jody Garnett
Actions from prior meetings:
- [WIP] Jody: Send CSP proposal to vote when Steve has confirmed default functionality is “fine”, and regex is only required if user wants to allow something
- [WIP] Jody: Draft some slides for OSGeo AGM and share for review
- All: Share the GeoServer 3 call for crowdfunding around, talk to coworkers, boss, etc.
Agenda
- GS3 Updates
- OGCAPI Features sprint
- OSGeo AGM / Budget Request
- GSIP 228 - 120 columns Palantir reformat
- GSIP 229 - Limiting workspace admin file system access
Actions
- Jody: Create landing page with FAQ for GS3
GS3 Updates
Gauge is updating, please share as we seek to reach more organizations!
- We are getting common questions …
Discussion about the amount of work?
- Yes that is one of the questions, this is similar to running 4-5 sprints at the same time
- Wicket 7 example example was a 50k activity (10k funding, 40k inkind). Done really cheaply with inkind covering travel, venue, accommodation, …
- The Restlet change was also a very big expense
Target date?
- The answer is no, because it is phase 1 pledge, only when the target is reached would invoice and work start
- The other date is “when spring-framework 5.3” reaches end of life? But that already passed in August. We planned for end of year but they provided an updated time frame!
- So this means ASAP, and that we are running some project risk that we are uncomfortable with.
- Join geoserver-security list to help!
- Or setup an spring-framework enterprise contract and custom build for “newer” 5.3 which is not sustainable approach
- We were trying to be proactive about this with roadmap announcement
Make an actual page for GS3, with a FAQ for common questions
- See questions above, and a few more
action: Jody: we covered a few last meetings, but it is good to write it up.
OGCAPI Features sprint
Gabe with the update:
- So far going well, everyone has something to work on, …
- There is a planning board for the activity:
OGC API graduation code sprint · GitHub - And a small repo so we can have issues
Things to look forward to:
- CQL2 is looking good in geotools land
- Jody is working on a Proposal for ogcapi-features to be an extension is the sprint goal
- Jody is working on making conformances optional, with a ServiceInfo metadata map entry for each conformance.
- The “sorting” module has a distinct conformance that works with ogcapi-features, you should only turn it on if you want it.
- This is the first full review of the ogcapi-core with APIDispatchers, APIService and friends …
- Andrea is working on test coverage and pass QA
- Gabe working CITE tests, having fun to run locally of course
Thanks to Camptocamp for organizing!
- Q: How could we take part?
- This week is a crunch: This was setup on geoserver-devel mailing list, those who took part in the discussion were invited to help out.
- Upcoming please review the proposal and help test!
- We also want to distribute the knowledge of how OGCAPI works
- Right now it is in Andrea’s head, or his head from a couple years ago
- Ideally we would like something for the developers guide.
Similar level of details service annotation, abstract document extension, freemarker templates
OSGeo AGM / Budget Request
- They asked again, this time with budget/sponsorship opportunities?
- They plan to have an in person AGM at foss4g, Jody can present our slides?
- Not sure about the budget request?
We also have a new sponsor:
- Marlin! Added to our web page (another open source project which is very nice)
- GS3 donations are directed to project sponsorship
- GS3 milestone 1 things (wicket, imageN) can they be directed to project sponsorship?
GSIP-227 - Content-Security-Policy Headers
- Waiting on confirmation from Steve, see action item.
GSIP 228 - 120 columns Palantir reformat
- 120 characters, looks great!
- Spotless can also detect missing headers
- checkstyle is disabled for tests, and some tests are missing headers
- Could use spotless to add missing headers, and then enable checkstyles
GSIP 229 - Limiting workspace admin file system access
Discussion, yes the browser dialog respects this.
But more importantly no ability to save datastore with invalid path.
Release planning
- Peter is scheduled
- Would like to do GWC this time, Jody can be available as backup
Chit chat
Chit chat on CVE and recent update questions
Yes you need to update: Upgradation of Geoserver - #2 by jive