GeoTools / GeoServer PMC meeting - 2024-11-05

GeoTools / GeoServer PMC meeting - 2024-11-05

Attending

  • Torben Barsballe
  • Peter Smythe
  • Kevin Smith
  • Andrea Aime
  • Gabriel Roldan
  • Jody Garnett

Actions from prior meetings:

  • [WIP] Jody: Send CSP proposal to vote when Steve has confirmed default functionality is “fine”, and regex is only required if user wants to allow something
  • [WIP] Jody: Draft some slides for OSGeo AGM and share for review
  • All: Share the GeoServer 3 call for crowdfunding around, talk to coworkers, boss, etc.

Agenda

  • GS3 Updates
  • OGCAPI Features sprint
  • OSGeo AGM / Budget Request
  • GSIP 228 - 120 columns Palantir reformat
  • GSIP 229 - Limiting workspace admin file system access

Actions

  • Jody: Create landing page with FAQ for GS3

GS3 Updates

Gauge is updating, please share as we seek to reach more organizations!

  • We are getting common questions …

Discussion about the amount of work?

  • Yes that is one of the questions, this is similar to running 4-5 sprints at the same time :slight_smile:
  • Wicket 7 example example was a 50k activity (10k funding, 40k inkind). Done really cheaply with inkind covering travel, venue, accommodation, …
  • The Restlet change was also a very big expense

Target date?

  • The answer is no, because it is phase 1 pledge, only when the target is reached would invoice and work start
  • The other date is “when spring-framework 5.3” reaches end of life? But that already passed in August. We planned for end of year but they provided an updated time frame!
  • So this means ASAP, and that we are running some project risk that we are uncomfortable with.
    • Join geoserver-security list to help!
    • Or setup an spring-framework enterprise contract and custom build for “newer” 5.3 which is not sustainable approach
    • We were trying to be proactive about this with roadmap announcement

Make an actual page for GS3, with a FAQ for common questions

  • See questions above, and a few more

action: Jody: we covered a few last meetings, but it is good to write it up.

OGCAPI Features sprint

Gabe with the update:

Things to look forward to:

  • CQL2 is looking good in geotools land
  • Jody is working on a Proposal for ogcapi-features to be an extension is the sprint goal
  • Jody is working on making conformances optional, with a ServiceInfo metadata map entry for each conformance.
    • The “sorting” module has a distinct conformance that works with ogcapi-features, you should only turn it on if you want it.
  • This is the first full review of the ogcapi-core with APIDispatchers, APIService and friends …
  • Andrea is working on test coverage and pass QA
  • Gabe working CITE tests, having fun to run locally of course

Thanks to Camptocamp for organizing!

  • Q: How could we take part?
    • This week is a crunch: This was setup on geoserver-devel mailing list, those who took part in the discussion were invited to help out.
    • Upcoming please review the proposal and help test!
  • We also want to distribute the knowledge of how OGCAPI works
    • Right now it is in Andrea’s head, or his head from a couple years ago
    • Ideally we would like something for the developers guide.
      Similar level of details service annotation, abstract document extension, freemarker templates

OSGeo AGM / Budget Request

  • They asked again, this time with budget/sponsorship opportunities?
  • They plan to have an in person AGM at foss4g, Jody can present our slides?
  • Not sure about the budget request?

We also have a new sponsor:

  • Marlin! Added to our web page (another open source project which is very nice)
  • GS3 donations are directed to project sponsorship
  • GS3 milestone 1 things (wicket, imageN) can they be directed to project sponsorship?

GSIP-227 - Content-Security-Policy Headers

  • Waiting on confirmation from Steve, see action item.

GSIP 228 - 120 columns Palantir reformat

  • 120 characters, looks great!
  • Spotless can also detect missing headers
    • checkstyle is disabled for tests, and some tests are missing headers
    • Could use spotless to add missing headers, and then enable checkstyles

GSIP 229 - Limiting workspace admin file system access

Discussion, yes the browser dialog respects this.

But more importantly no ability to save datastore with invalid path.

Release planning

  • Peter is scheduled
  • Would like to do GWC this time, Jody can be available as backup

Chit chat

Chit chat on CVE and recent update questions

Yes you need to update: Upgradation of Geoserver - #2 by jive