 Hey Ricardo Greetings will give everyone a few more minutes to be able to come on in Good morning. We're holding for a few more folks to be able to come on in This is our normal tag update meeting from the TOC and I can see a lot of the tags I haven't dropped things in here. So maybe a short meeting. We'll see. All right. I have four after so I'm going to go ahead and get it started here Good morning or normal anti-trash policy applies. This is our meeting logistics. You have made it here or you're watching the recording later TOC present members. Here's our current TOC And this is our agenda today. Happy to be able to take other items as well I know that a few of the tags aren't presenting today. So we may have more time And app delivery is my first one that I'm not sure about I'm happy to be able to like have somebody unmute and tell me things from tag app delivery All right seeing no one. I'm happy to be able to watch chat to be able to come back to this I know that tag contributed strategy has a lot to say today. So Don passing to you. Yeah, we've had a lot going on over the last month or so One of the things that we're working on is is sort of a PR campaign for our tag because we feel like we have A lot of really good stuff. We have how to documents. We have templates And we get the feeling that people don't really know that we have them and we also need people to help us continue to grow that and Create more great resources. So a few people. So Catherine Paganini in particular and Carolyn Bunslick have been working on a blog post that we're going to outline all of the stuff that we've done and then we're going to start doing some more to promote some of those individual resources that we've been putting together So look for that coming soon. On the governance side we've had there's a PR out there to add values to some of the governance templates and to add a read me template. That's pending TSC rep approval. We're still waiting for our new reps to be assigned because we had sawed in Elena. So that is that's just on hold until we get new tag reps assigned so we'll hopefully make some progress on that one and then before the next meeting. For the contributor growth working group the they've been working on a Really kind of a new way for doing the templates. So for the templates what we had been doing were embedding comments in the markdown files and we were getting the impression that people didn't really notice those and weren't really seeing them. So rather than embedding the comments within the Within the files we're going to create some more robust how to pages for each of the templates. So we're working on in particular on the read me reviewing dot sorry the reviewing template for review. I see a comment from from dims about unblocking. I think you actually reviewed that that template and said it was good but you're not our official rep so we weren't sure if that was if that was good. So if we can if we can call that good based on your review. I think we can get that one merged I think they're I think they're in pretty good shape. You're right we haven't gotten to TLC liaisons that doesn't mean we couldn't dims go ahead. Are you another new TLC. So until we decided formally what we can do is just send that PR out to the TLC mailing list and if you don't get any responses in a day or so just consider it done right. Okay. I will I will do that today or tomorrow. Well thank you. Oh and Emily said that they would take a look at it today so that's good. On the maintainer circle side Paris has been doing some great planning so she's working on kind of a six month plan for maintainer circle so those are also looking pretty good. We're also looking at adding a couple of things to the contributor strategy tag so one is mentorship so this is something that a few people have already been working on but it didn't really have a place in any of the existing tags so I think we're going to put together a proposal to roll this into the into contribute strategy as an as an official working group to give it a little bit more attention and structure so look for that coming soon. We have also been approached by a group who's interested in doing something more formal around inclusiveness so giving a place for women non binary underrepresented groups to have a place where they can work together on things like talk proposals and getting visibility and conference presentations and all sorts of other things. So we're not sure exactly what that's going to look like but we've invited them to discuss it at our next tag meeting in a week and a half. So hopefully you'll be seeing that as well. And then we have a request for the TSA so this gets back to what I talked about at the beginning which was you know raising awareness about the tag. What we want to encourage all of you to do is as your you know reviewing things that come out of the individual projects as you're you know reviewing due diligence documents annual reports. We see occasionally in those when when we happen to look at them that there were comments that it needs governance help or you know there's something around growing contributors. Anything that relates to our tag just encourage them to reach out to us or put them in touch with us because they can they can drop into our meetings at any time we leave some time on the agenda for people just to pop in and ask questions. Or they can reach out via mailing lists or or on Slack so we really want to encourage you to make sure that the projects know that we're a resource for them and we're we're happy to help them so if any of these things come up and any of the documents that you're reviewing or the discussions you're having with the projects just just send them over to us and we'll be happy to help. Any questions on any of that. Good call. Don one other thing that just popped into my head was when we get people into sandbox, maybe we can add the such as a checklist item for them to go review the docs that are there and that way we are like forcing them to go take a look at the set of things that we have. Yeah, I would love to see projects when they move into sandbox review all of the templates and review all of the how to guides because I do think that it would it would help those projects a lot. What I'm thinking about instead of being able to say at sandbox, six months after you've been accepted sandbox where you've gotten through all of like the other things that we kind of like the onboarding for sandbox projects has a lot to it. I'd rather see them like once they've gotten kind of their feet into them and they understand like what all of the pieces are, then being able to come and actually use those resources. So we could set up like a note that goes out to people, six months after they've been accepted in. Would that be okay. Yeah, yeah, that would be great as long as it gets in the process somewhere so they learn about us and Yeah, perfect. Yeah, okay. All right, I will take an action then for that one. And we'll kind of like I, if I get space I will come and bring it to your next contributor strategy meeting so we can work on what the wording needs to say. Cool. Yeah, that'd be great. Thank you. All right. Awesome. Okay. Yes. That is fantastic. Anything else on the contributor strategy side of the house. Okay. Thank you Don. Thanks. Take observability. I know we've got a few folks in the line here. But I'm not sure if you've got like direct updates. I mean, I'm still having half ahead for observability. We're not trying to be able to move everybody directly over yet. Go ahead. Yeah, I didn't prepare anything I thought Matt would be doing it for this week. So, sorry. No updates. We had a huge influx of end users, which is super nice. We still don't know where they were coming from, but we had quite the influx. So that was good. The, the white paper is still a little bit blocked by people having injuries and not being fully fully working. No other updates as of right now. Question for tech observability. Moving right along tag runtime. I know Ricardo is here. You are here. Hello. Hi, yeah. Not a lot of updates. Just a few. So we had a few presentations from, from a couple of projects. So in the space of containers and runtimes. We do have a presentation in our next meeting from include our containers. This is a take on confidential computing from Intel thing. This is our next team. So excited to have that one was me is web assembly wasm interpreter, and we reached out to them. Hopefully there are, they'll have a presentation in our, in our meeting. Workloads. Cluster net is another project that is in sandbox and the CNCF that this project allows you to do Kubernetes cluster management manage workloads across multiple Kubernetes clusters. So they had a presentation in our last meeting. And K native is a project in incubation. And it's out for vote, I believe. So they also presented in, in our meeting. So it's glad to have the team join in and talk about the progress in, in, in their community and their project. And also we have cube bird and incubations out for vote. Basically, this is a project that allows you to run Kubernetes virtual machines in, in Kubernetes clusters. As far as the activities in, in the tag, we still have that batch system initiative working group in progress or PR is open so still under review. And we're planning for a session in cube, cube con EU maintainer session, continue to get the traction in the tag and, and more contributors. That's all the updates that I that I have. Happy to take any questions. No, thank you. Questions comments. All right, we may have the fastest meeting ever of everyone here. Thank you so much, Ricardo. Come on in security folks. Hey hey security folks have been training water, rarely trying to stay afloat with the very unfortunate set of events and tragic events that have been going on. On top of, well, recently, as you are well aware we've had an increased number of vulnerabilities, a lot of incident and response activities and our respective organizations. But despite of that, well, we've been able to contribute a lot of what we've learned and capture it down, write it up. We've gone on how we've revised well our outputs, we put out a request for comment on our security software factory reference architecture. If you're not familiar with this effort you might recall we published a best practices guide for securing this fly chain. Last year, we've done a follow up to that as an as a compliment as an aid to help folks. So thinking about implementing those best practices, how to go about it, give them a reference design for it. The corresponding software that some of the members of the group have pieced together as actual reference code is going to be donated to the open SSF. I'll link to that that's under the GitHub of GitHub comm slash secure software factory. Moving on to our second update bullet number two, we have also produced an update we're working on updating the cloud native security white paper. Moving up pretty close on having that completed. That's just a heads up know how to like to expect it and help circulate it create awareness of it. We are back on track on having community presentations come to the sick. There's a upcoming presentation on Oscar. This is related to governance, which while governance and compliance are two very important subjects to very important domains that go hand in hand with security. And the community has been thinking hard. How do we will go about automating much in the spirit of like reference architectures and securing our production environments, creating our pipelines. How do we know for certain that our governance intent our policies are in fact being met and that we can reason about that. In a holistic fashion, we can reason holistically about authorization, we can reason holistically about our regulatory objectives, and that in turn we can have the machine be interrogated to answer questions of it is in fact being met or not. We've also moving away from this update on to the next one and collaboration with other groups kicked off the global security vulnerability summit. I haven't personally been involved in this one. Brandon Lum has here with us today has and can speak to more detail to that. The guest is just, well, what do you have your in the bullet points facilitating discussions gathering the community to tackle vulnerability management and how to aggregate an open source databases the different vulnerability information. Brandon. Yeah, I have kind of been been working on this a bit more. Basically, the, the main motivation behind this is, you know, with things like CVs and like getting those registrations that that's out of many problems to which kind of come out one of them is like there's a backup CVS right there are a lot of people that CVS that they don't necessarily go through the process in time. And there is kind of like a drift between what's out there what's in the CV database. Another, another part of this is how do I consume the CVS. Do they contain enough information that I can answer a question like, you know, which part of my infrastructure is affected by a lot of projects. And even with S bombs and things like that, you still need a lot of vulnerability information and mapping in order to make sense of these questions. So, one of the things that we're doing is to bring the community together to kind of discuss about things. Figure out what is a solution that we can work towards in the future or some areas that we can find working groups around. And one of these ideas is something like an open source database of vulnerabilities, something like GST, something along the lines of vex the vulnerability exchange. So to think about some ideas like that and to really foster community to work on some of these much needed problems. Yep. Well, that's our update much in the same vein as as I open up. Just as, as so as preoccupied as we all are remind that security folks are out in the forefront of a lot of pressure right now. Have a little bit mindfulness and compassion of this folks in your respective teams of this folks in our ecosystem that have a lot of weight under shoulders and a lot of pressure right now people are coming to us on. Helping assess their security postures help them like Ryan ramp up for a lot of cyber activity. And well, it's, it's a, it's a, it's a time to think of well the importance and relevance of security. So, just to bang that on that a little bit, hoping to get some cover there on the talk. Thanks, Andrews. So kudos. Thanks for all the excellent work you all do. I had a couple of questions for Brandon Brandon are any vendors that already have vulnerability databases part of this effort. Are they do they seem to be interested in this. Yeah, so back a couple of months and we created a ticket on this and we saw a lot of people that were interested in this going just not only for vendors but like, you know, get up get that we're going to get a couple of my folks. Basically, there is a lot of interest to discuss about this topic. So, on that front, I don't think we're too worried about that. We have the Reynolds Foundation also that is helping us bring in a couple people that that I need that for this discussion. Okay, and I assume that you already have talked to the Cuban it is sick security and folks there. No, not yet we are going to. So we are kind of like figuring out the logistics of the event within this week. It'll be announced next week. So once that's out, we'll start outreach. I will appreciate if there anyone that you can think of that maybe interested or you think would be good to have as far as this discussion. Please, please send them away. I think so far, people have been aggregating on like a GitHub issue of some kind and everybody was saying yes I'm interested kind of thing there. We don't know where to send people to at this point right like so when you have the logistics figured out I think, you know, the daytime emailing list or something like that, that will be really good. So just just a heads up. Currently being discussed, but the plan is to host this. During our alongside the open source summit, which is in June. Once we decide everything this week about end of next week of the following week the website should be up so there'll be a good time for us to share. Is there a slack channel in the meantime. We are just doing things to email. Yeah, and then once we reset everything will go set up the necessary channels. This is finalized details back to here from push guard most likely who conducts a lot of the liaison between CNCF tax security and cover 96 security. But between him and Brandon whatever's not in the website they, they should provide it like some level of reach out and additional information. Okay, thanks a lot. That's all I had. What other questions is the group half for security tech. Amy, back to you. Thank you. Thank you and thank you for the good long update. There's a lot going on for you. So let us know how we can help. You've done that so passing the storage team. Hello. So, we had, we had a request from two of us to have another presentation as they are making some major updates to the project. They've added some architectural changes and the addition of things like a ratio coding. And they've also changed the name to cube fs from two hours and that's mostly a branding, kind of making it easier for for adoption. And from a tag storage point of view. I've put the link in there for the for the project updates presentation. And we, we think we're done from from intelligence review, but we need somebody and we need the sponsor to have a look and just review and see if there's there's anything else. We're kind of waiting for next steps from from to see on this one. But then it should be able to go for for a dv process. I assume there's anything else. And I think at the last stage to see was was just fatting some of the interviews and sort of and user use cases. Open EBS is going is also going through a set of changes. There were a number of a number of discussions and around the licensing and trade marks and things like that which I think which have now been completely resolved. So we had a discussion with the team. Last week. Around next steps, because the my data who used to be the, the owner or the main main retainer of the, of the EBS project has been acquired by by data course so we had a meeting with some of the new team. And what what we're looking what we'd like to do is have a discussion at the next time meeting, which is the 23rd of March, with the to see liaison review may ought to be a sponsor potentially. So if we can go through the current state, the current repos which parts of the projects are going forward and things like that. And we can make a call at that point as to whether we want to progress with the due diligence for the move from sandbox to incubation. And so I'll reach out to Aaron, who I believe is is our liaison at this point and and and invited to that to that call. And the curve storage system, I believe we we had that I gave the subject last time to just double checking if there was anything else that was needed there was a question from the to see around. Whether it's whether the curve source system should move forward sandbox and our recommendation is yes it should move in sandbox. In terms of, in terms of the, the white papers that we've been working on the climate disaster recovery that's that's completed and we published that in our repo today. And so that's that's sort of being on the review and we have published, and so it's taken in comments after coupon. So, so that's the final version. The performance and benchmarking white paper was kind of being a bit snowed under and haven't quite finished that off but but we'll look to do that soon. In terms of the next meetings and the next things we're working on this month is some work on providing some storage inputs to the cartographers project who are looking to provide an update to the cloud native maturity model. The next coupon. And so we're, we're looking to have the, the storage related items, both in terms of, you know, technology and process, etc, and added in there. And at the end of the month, like I mentioned before, we have the open EBS, we have the opening presentation. So that covers our updates. So that we don't lose track of open EBS I've made sure that they're on kind of like the whole trackers for everything moving around. I've put them in the like needs to see sponsor column, but it sounds like that is not quite where we're at yet. I, I believe all of the, all of the sort of blockers, all of the blockers that we had previously and licensing discussions and trade marks and those kind of things are being resolved. Yeah, so to not lose track of it I'll leave them there and basically hear, wait to hear back from all of you. Yeah, that's fine. Okay. Okay. Okay. So if you have a schedule, anything else like that people want to be able to highlight or ask questions around. All right, thank you, tags George. Thank you. We've got some updates in here that did not make it into the deck because they happened in like the minutes before we have both cert manager and Kyverno. Sponsors, both Dimms and Ricardo Rocha have taken those on. So thank you very much. Projects moving around and open EBS is now on the list of like something waiting for sponsors. So with that, let's see who else we've got here as far as updates for pieces in here. I do not have Leon line so I will pass to Ricardo Rocha for cloud custodian volcano. I'm just an absurd manager so go ahead. Yeah, so for volcano I think we can move for vote. Yes, we will call it today. Yeah, for custodian we've made a lot of progress on the DD as well. So that will be new soon. All right, lovely. Thank you for that. Elena's not with us. Captain, we have Cornelia on the line. Maybe we have Cornelia on the line. I just have to find the buttons. Oh, that's fine. And it doesn't look like my camera is still working. You've got some things welcome to zoom. Oh, there we go. No, it was a hardware. It was a hardware problem. So, yes, so we've done the first round. I've done a thorough review of the, the submission and have given the first round of feedback to the captain folks and they are working on adding some things to the due diligence document. And I'm also starting to gather people to interview so it's in progress finally. That is glorious. Thank you for the update. Okay, native native is currently in voting. All is well there backstage similarly in voting. I do not have Dave on the line to be able to chat about artifact hub. And Aaron is similar than that here so he click we'll have to wait until next time, but we're still keeping them an eye on them. And yes, 50 spire as we did in our last meeting, they are just in Cormac is pairing with Emily Fox and Dave. That's kind of our update from all of that questions, comments, anything else. Andreas here and muted, come on in. Yes, question on spiffy spire house. Coming along. I mean, they just kicked it off. I want to say the meeting was the 15th ish. I'm happy to be able to hear from Emily around. We're working on scheduling so that we can get together and ensure that we have a confirmed plan of action to be able to knock this out. That's encouraging to hear, looking forward to it. Awesome. Thank you for your work here. Amy. We are missing couple, right? Correct, those happen in the meet the minutes just directly before this meeting so I didn't update slides they are however over on the public working doc. And here, you all can see the updates that have been made. And based on the feedback that I just heard from tag storage, I have moved open EBS out of the kind of land that it was in before and they are now in the waiting for sponsors area. All right. Questions. Any other pieces that people want to be able to discuss this morning. Any quick update on the timeline for the last to see member. Hold on. I've got that in a different screen in here, but timing for that one is going to be we are currently in our qualification period. The qualification period will close. March 8 at noon Pacific. And then from there, the vote will open and we've got a eighth through the 15th vote. And that vote happens through the TOC directly. Right now we're in our two week qualification period mandated by the charter. Then from there, I will be publishing the list of qualified candidates at the time when the election opens. So, Sounds good. So, I just had one more thing crossed my mind when we were looking through. I think there was one of the tags had a request for additional TLS roles are open kind of thing. I forget exactly which one it was. Opportunities are one next one. Eight. A slight eight, I think. Yeah, see there the last one. So can we do something on email or Twitter or something like that to show highlight that, you know, there are tags that are looking for people. Yeah. Well, I believe this might actually have been an old update as well from tag observability. The way that this has worked in the past is people have stood and the tags basically kind of like decided amongst themselves and then presented up to TLC, but there's there's really nothing that says that we couldn't actually establish more policy around how we do that kind of outreach. So. Yeah. Yeah, I'm actually going to pass back to Richie because this is kind of like that area that unless there's nothing to say here. Not really. Okay. Chairs, we should have them. Okay. Yes, absolutely. Yes. All right. I'm happy to be able to hear from folks that are interested in like stepping in Ricardo, come on in. Yeah, I was just saying, trying to say something that. Yeah, I think it would be good for most tax and to have that way to outreach to some of the folks that are interested in stepping in right so and I think like, at least tag runtime has a some openings. The chair, the, the, the tags that are asking for new chairs, drop a note over to the TOC mailing list. That's really like our biggest best place to be able to kind of highlight this. Sounds good. Okay. I mean, that's a big public mailing list. I don't have any other better place to be able to put it so put it there. Yeah, so in a similar vein, what, what are we doing in QCon EU or something to highlight the work being done by the tags. So in the past, Cornelia has done a fabulous job of being able to do a kind of keynote highlighting how everything comes together in here. All of the tags do actually have their own talk to be able to walk through all the work they're doing for their. What else do we want. Yeah, essentially we're asking the people in the room. Yes, Emily knows a lot about this as well. The tags are in the maintainer track. So we just went through the maintainer track and reviewed it. It looks like almost every single tag has a submission that has some level of content about what's going on with it. It's entirely up to the tags and whoever is presenting we require the co chairs to actually do the submission but it can really be anybody from the tag that does the final presentation to highlight the needs of the group and this is really their opportunity and platform to get some more contributions. So if contributor strategy has recommendations to kind of not only help projects but potentially help tags, get more contributions from the community as well as some more of those technical leadership roles because that is something that is always problematic in open source communities, especially for leading these projects that are not code. They're not hands on keyboard kind of work. That would be highly recommended and might be something that's worth highlighting to kind of drive more of that community involvement. Yeah, just just to add. Every, every tag is as much as every project, always straddling for like maintainer bandwidth, TL bandwidth. So we are very receptive of anyone willing to avail themselves to pitch in an a substantial matter. More than just, hey, coming to passively lesson on a meeting and get the updates, ways that they can actively contribute, and not just the low hanging fruit, but sure they can start there. Certainly, like I don't want to discourage that but people who are willing to take an issue and drive it from the onset and definition of that problem to the completion of whatever that work stream may maybe. So yeah, we're at tax security and I would say speaking for every other tag, ways that we can send the message that hey, we are actively looking for more participants more contributors would would like go long ways and making sure that sometimes people are discouraged by either bystander effect of oh they're already working on that, or I don't know if like my contribution would be meaningful enough but knowing that so we're we're looking to grow we're looking for more people to pitch in. So I just want to add on top of that this has been a systemic problem, especially within security tag and I'm sure other tags have felt it. We've tried to codify set a little bit more clarity in what those expectations for those various roles within the security tag are as a community nomination process around tech leads where we've tried to be more transparent and describing the, the values and the work ethics and the responsibilities that we're kind of expecting out of that role so folks know what they're getting into and what potentially those time commitments are a drop links to both of those in the chat for anyone that's interested. It's still a learning process and there have been some good feedback on how we can make continue to make improvements, but this is, I believe a larger community problem because there are so few individuals that have the time cycles and the passion for driving a lot of this like project management because it takes you further out from actually doing the work and that that's something that's always been a struggle, especially if it's a pet project of yours. Yeah. Let's do Ricardo first and then Richard. Yeah, so one question that I have for the new to see members is, I think that the tag security tag is actually more mature than some of the other tags and I see a lot of the definitions are in there. They're a GitHub repo so I wonder if that can actually be something that could be transferred over to the TOC or merge with some of the stuff in the in the TOC repo and and become more of a process across all the tags. So the first instinct is to say that we should get the sick contracts folks to put it where it would make sense. Yeah, and it could be the computer. Yeah, yeah. I'm fine with being able to review PR to come in. How's that. We've seen some some response from folks of, oh, I'm asking how I can get involved and you're showing me this long text and this is long to read. It kind of filters out people who are actually willing to learn like assimilate how I said that we work. So it's actually been really fruitful. I know like, well, the initial response might be, well, there's a lot of words here, but we put a lot of thought and effort into it and it's actually like help this like define expectations from folks and people have responded positively in return. Yeah, one way to look at this address is like where is the natural pipeline for people to get into tags. And for me, it seems like it's the projects that you oversee. The end users that use those projects right so having good lines of communication with those two groups from the tags seems like the best way to because they'll be naturally have affiliated with the specific tag right. That's why I was asking about like other communication mechanisms that you all are using or finding value in to target those two groups. I definitely see value. I know contributor strategy has codified and like integrated a lot of long term discussions around the subject that they've been thinking really hard and long about it. And what Emily saying in the chat is just that it might be specific to security. A lot of the folks we attract our security professionals that may not necessarily know how to become like go through the maintainer ranks of a project, and they're more gravitating towards security advisory. So I don't know that there's certainly there's cross-pollination and like similar journeys and trajectories of people coming from interest of a project or a community day or like other people like and security going from InfoSec to cloud native and up level up leveling their skills we might have like different funnels there, but there's there's parallels for sure. Dems here I was going to pass back to you. Yeah, well, Emily was saying something on chat so Emily did you want to voice it. It was just a reiteration of what Andres already covered the security tag. There's a lot of work that can potentially be reused and expanded across the tags. However, we've always been slightly different and where we're getting a lot of our contributions from. And that's because during KubeCon and we talk about security reviews, there's always somebody who's had perks that was like you're doing security reviews at like volunteer based that's insane. Usually it's everybody's doing security audits and then having the conversation about what it is that we're actually doing within the group. The other portions of it are because our community members span both software engineering and architecture as well as security. We have the added value of those separate conference avenues. So when we're networking and we're having conversations at like Defcon or Black Hat or RSA about the work of the tag we're drawing more in that way so it's a little bit different. But usually we advertise it's a great way to get an in depth security review associated with your favorite projects to pick one read our documentation or help contribute to the documentation around a given project. Seeing some comments and chat about how valuable that is Josh do you want to give voice. Josh and that coming off. No, that was it. Okay. Okay, that was it. Yeah, because like I don't I don't think you know security reviewers need to necessarily come through normal project contribution channels obviously it's nice when they do but not everybody has the time. And I've been in a couple of projects where we just got basically the CNCF security review. And it was just enormously valuable because, you know, maintain our time is so scarce and they don't necessarily have time to look for every possible security issue. So it's just in a terrifically valuable service. So extrapolating a little bit from what it what is being said, I think we've identified that there is like contributor strategy that is applicable and we've also identified that there's an additional persona outside of the folks that have contributed that the special that the technical advisory groups might be looking to reach out for contribution. So maybe like we're not looking to duplicate efforts with what we've written and tax security, we want to combine and get together with the contributors strategy folks. Thanks for the point of dims. But yeah, maybe we're just arriving at we have multiple personas that we're targeting as our audience. And then one last thing that I had was, if we do have a to see as a contributors dot MD, which has a list of people, and people just create PRs for themselves in there to add themselves and so maybe it could be. We can reach out to these people and see if they will, they want to associate themselves with a specific tag and essentially wind down this contributors dot MD because I don't think it's doing much. What do you think, what do you all think, Amy. I mean, yes, it is kind of a historical artifact that part is true. It predates all of the tags and six. My thinking from a point of not to be able to lose any of that is to be able to kind of focus on, like, I think it's fine to be able to have that list of to see contributors, but I think it's also like maybe being able to have like the tags have their own contributor lists as well to be able to say hey this is how you identify like who's working well I know that security does a great job with that and Emily like I actually have something to say about that so that we we within security tag have had extensive conversations about our contributor and our member list and the value that it is providing the community and one of the decisions that their group is made is to wipe the member list. And the reason why is because from a security perspective and generally from a community perspective, not everybody knows how to do a commit or to submit a PR and there are a lot of contributions to the work of our group that happened outside of the repository. So it's one of those that we want the work of the group to be able to speak for itself so we've we've established guidelines associated with some of our paper publication processes around how do we define authorship contribute contributions and reviewers, making sure that those are publicly aware, making sure that folks are tagging themselves on the issue that we're tagging them with their GitHub handles because that's an easier level of interaction than actually doing a get clone on the repo so we've had a lot of discussions about it I don't know where the status of that effort is, but I know that it is something that they've deeply considered about how best to serve the community. So maybe a one time thing would be to like email all these people who are listed there and say, hey, figure out which tag or working group that you're interested in and please make sure that, you know, you show up there and sunset what we have right now in this contributors.md. Maybe I don't know for there yet. I'm simply because it doesn't sound like we have a good enough mechanism for people to be able to say yes, I'm part of like this particular tag or something. And there isn't a way to be able to like kind of like seamlessly like kind of move that through and Emily's back again, come on in. There's actually an open issue with the CNCF about how do we recognize individuals that have done some form of contribution to a particular group and there is there was some initial badging associated with LinkedIn profiles for folks that were on the CFP committee or the program committee for cloud native security con. And we were looking to kind of tap into that for our community members that have actually participated in a security review through potentially GitHub profile badge the way that there's the Arctic vault badging associated with projects. So that's an open ask. We've, I think it's been almost two years now that it's been open. I'd really like to see more work done in that space for how we can identify individuals that have done a contribution either currently in the past or a specific style of contribution whereas security reviews are very different than just participation in the group. A part of reason for poking at this, Amy is, you know, we have to look at from the point of view of the individuals to right like they should be able to say hey at CNC if I'm doing these set of things and it's valuable to, you know, our company because it's easy. So, and they can like ask for time see I need more time to be doing doing more things in CNCF. So, and here is where you can see all the things that I'm doing at CNCF. Then we'll end up getting more folks into the tags or working groups or whatever. Actually, part of the reason that I'm holding on this is not because it's a good idea or like any of that. I know that Dave had some strong feelings about how this should actually work as well. So my feeling is that we don't have all the people in the room to be able to weigh in on it. Perfectly happy to be able to take this isn't like an agenda item on a further meeting. Okay. It's not because like I don't think that we don't have enough people here for like this. And I want to be able to make sure that we're getting the voices that I know had strong opinions about it. Absolutely. I will put it on a future agenda item. And that sounds perfectly fine. Okay, anything else that we need to discuss. All right, more in chat around being able to yes, like this absolutely is important and I don't know that we've got a good way to be able to do this right now so right no other agenda items rising. I think I will send everyone back into your day. It's good to see all of you. Thanks for your work here. Be well.