 Yeah, okay, and Gary will join a minute or so. So we're good. Let's get started everyone. Yeah, we're here. Yeah, we're here. Okay. All right. Welcome back everybody. Welcome for those who are new if they are any This meeting is open to everyone Assuming that you'll have read and heard my heart the antitrust policy, which we have to display every single time and Make sure that you're aware of the code of conduct which basically says you have to be a decent human being and behave So with that being covered I think we can get started I am not aware of any Announcements so that's the section of the agenda is empty. Does anybody have any Items they want to bring up that is not covered in the agenda or that they want to add to the agenda today Okay, you're a none. I guess we can move on then They were three quarterly reports submitted. Thank you all for doing the hard work of putting all the bits together There are actually several questions that were brought up as part of the those reports so I think it is worth taking a little bit of time going through those The architecture working group Basically saying that they would like to have a technical writer. I don't know if that's something that Hyperledia can help with I see by Yeah, that's a resource we've had available to us in the past and just they don't have it at this point At least it's not obviously available. Yeah, I use that that is correct. This is Daniela. There is a Technical writer resource If you can send the request to the community architects email list that'd be great Is it still Gordon? Yes. Oh, he's great. You'll love them. Yeah, we've worked with him in the past quite a bit It's just that at one point he was not available and that's So the fact that he's now available is a change in status. So yeah He's a contractor. So he goes. Yeah, he has other So just send the request formally through that community architects less place Okay, thanks. You're welcome. All right, and before we move on. Is there any questions for the architecture working group? Or about the report I Guess I just had a generic sort of question Like in my mind an architecture working group would be doing a lot of work to help define Things for interoperability and I think on a previous call Mick had said that's not really what they're doing. I Mean, is there is there a need for that? So we have something higher level than two projects getting together and declaring something universal We could we could do that, but you're gonna have to give some Authority to the working groups and the reason why we've not tried to tackle that we can do a description of what might be interesting But that work is essentially wasted effort unless there's some commitment to actually enforce it and That commitment has never been there, which is why we've never gone down that path So we can talk about it. We can explore opportunities for interoperability. We can collect the technologies together that might be useful but the actual definition unless we're changing the working groups is Not work that would be fruitful Okay, yeah, and we have that discussion queued up. I think for later today so Because we have similar things with a performance and scale working group is you know, there's there's no teeth we can go off and Do all the investigation and studies and things like that we want but if people aren't gonna use the work it's sort of Yeah, so that touches on the the role of the working groups There is a task force and I've asked for reports or it's later on the agenda I suggest we just wait for that Any other questions specific to the report of the architecture working group? Otherwise, we can just move on to the next one So the next one was the identity Yep, so I know just just one more thing on this and this is more related to the Structure of the wiki. So if you pull up the working groups and go to the right-hand side There's the TSC quarterly updates and the list of the quarterly updates on it That actually seems to put the pages. So there's like a new TSC work group update It seems to put the pages in the old namespace rather than in the new namespace so we had to you if you go through the the Project update page and click on the new update there it puts it in the correct namespace But the ones that are linked on the working group pages and styles are not going to the right place All right, so there's some Leftover of the Exactly, it's just a little bit of leftover stuff. So, okay, how would you re architect that? hush But let's take that offline. We'll look at it That was a decision that I made at the time to not move those And I'm willing to revisit that at any point you know Well, just I would just say just remove the links that because it Okay, we just think we couldn't figure out how to move the page when we created it And so we just recreate it Moved it over so there's an extra one out there right now. I see okay All right, I didn't see working group any questions No, so I think we can move on then No question is good. And then we have the hero a project report They did Highlight a few questions and issues. I think that for the most part they have actually been answered They were too related the first two right responded to the questions directly and The last one there was a comment I think then added at the end which is the security audits I have to say I had not answered but when I read it I was like, but wait, we don't do that on a regular basis, right? We do that When there is a major release So so yeah, but the thing is that it seems like it wasn't done before the major release or after the major release But earlier if I remember correctly, sir That's the The date on the security audits on the wiki itself so you can go into the there's a aggregation I don't remember the exact thing. So I do remember queuing it up as part of the 1.0. You guys were at 1.0 alpha 3. I believe they got So unless there was some serious re-architecting between Your alpha 3 and alpha 7 or whatever it was that was your final release candidate then it has been audited It was beta 6 I think so yeah, I mean it's been a while and I think there were lots of changes so Okay, I mean we're up This is a discussion we can have but we should do it offline and I'll jump on that email thread Let's look at the dates and and see You know what the churn was Our nose right the general policy is when major releases come out But if there was like significant gap and significant re-architecting maybe we should get you back on track with semantic versioning and Talk about doing another, you know follow-up on it Starting with the basis of the first one right and just looking at the deltas One something was like a long time ago and there were so many changes in beta versions So it's not really very up-to-date now with the major release. So it's like Really, I think that there was a question that was like this was a question for a while now. So Somehow I've got I've got the impression that we were to integrate or so and then make another security audit. So that's I don't remember making that decision, but yeah, let's take this offline We'll discuss further. I I've seen I know the threads there and I know it's been waiting for a while, but Thank you. Yeah, we'll talk about All right, Zipin I see you have your hand up. Is that from before the mist? No, it's after you quickly moved on from identity working group report. I Have a question about this because I had sent a I had sent a request to the community architects to have a repo repos in GitHub for Identity working group as well as the same thing, which is of course not related to this but basically We need a more rigorous process for consuming Updates on the identity working group paper, which was first open Because it was Google Docs and there were some rogue edits and we locked it down, but we would like to allow controlled updates So we thought GitHub being the tool of choice for everybody. We would do it there And I had sent out send out a request to the community architects having heard anything back At least as far as I remember but I would like a clarification on that so that's I So I think as as you and I discussed there is precedent for doing that, right? and the Internal discussion that we are having is this is a separate org and I think it isn't I can I would appreciate it if you involve us in these discussions because it is not a separate or obviously and Yes, there is precedent for it, but even if there isn't we'll we'll still continue to ask for it. Anyway, go ahead Right, so I Will do that, you know after this meeting and Follow up on the email thread. I will just create the repose and Let the chips fall where they may right? We will discuss who is to be the Initial set of committers and what the rules should be, please Sure. All right So let's keep on moving then I'm not sure what the upcoming report. So I haven't seen any notifications yet. So that's why that section is empty and I think the good news is we are up to date with the India would do Sorry It's in the Yeah, in these next. Okay So let's move on to discussion items First, I wanted to give me an opportunity to give us an update on the working group task force I Understand there's been quite a bit of discussion already offline and there are civil Issues and proposals that have been put forward some discarded others Seem to have some support. So I'm not sure where we stand and whether there is anything that is ready for us To possibly approve or what? So Mick I Guess I'll say that the discussion is kind of tapered off and the the proposals that we have for three through eight at least for those of us who have been participating in the discussion seemed to be the ones that we're Kind of sticking to So Rather than then Request a vote at this point. I just want to make sure that everybody is aware. We are basically proposing that we get rid of working groups As they exist today And that we split them into two parts one, which is essentially a SIG That's focused on technology And so we take a technical area like architecture or privacy and confidentiality or identity and focus less on the work products that go along with that and more on Education and discussion and ideation In the six the second Structure that we're requesting or that we're proposing to replace it with is Task specific task forces that is that we take the idea that we have right now That seems to have been very successful Of the task force and actually formalize it a little bit more and so that would look more like what the working groups have looked like except that the scope would be limited to a particular Set of work items there would be a limited time scope for those And Extensions for time would not be allowed unless the TSC approves it So the core is just to come back to that is that we remove existing working groups And I'm saying it that way specifically so people will get in read the proposals and comment on them. Oh All right, so I Remember there was a discussion about the names Because you had suggested that I think you just said again SIG which is already And Brian said please please pretty please don't do that don't overload the name we already have Is that still true? Is there any recommendation for an alternative? Just keep reusing working What why would the information group? It TIG okay, I Propose a suggestion gab-fest Gabfest would be perfectly fine with me. I really if we okay, can we just keep calling that one thing you should call it that please I See the objective Yes, please Let's let's hang on sec let's stop for just a sec. Let's pop the stack the name is not really what's important The question is really do we buy into the change in roles? We can figure out the name part of it later, right? Do you buy into the change in roles? That is number one that what we've been currently doing as working groups, which are sort of broad area things focus more on information and discussion on ideation and That we split out all notions of work items into task specific things That's the core of the proposal. Don't get hung up on Sega or other things that that's totally irrelevant at this point Yeah, the question is do you want the structure changed? My bad for highlighting the issue about the name. Yeah, let's not jump into the rat holes before we at least know where we're standing What I suggest is just from present point of view We you know, I would welcome You know reaction on the on that very point that they just brought up and then you know If there is general agreement then next week we can look at the different proposal one by one and approve them for So I actually had a question and unfortunately it revolves around the naming what how do you view? Your proposal compared to the existing six that we have Product or are they Yeah, so the existing six don't have any work products at all and the existing six are managed by the board not by the TSC principally and my What I think in the discussion that we have is that these are technically focused and the TSC Still that that we report Interesting conversations and interesting ideas to the TSC through those working groups One one career, I mean six do produce documents at times And so I you know, I wouldn't make I wouldn't go as far as saying they don't have work products They're not held accountable to the work products though, that's correct. They're not chartered to do that Yeah, I don't think I don't think any of us is gonna complain if you put together You know something that captures your ideas or notes or whatever nobody's gonna complain about that but but right now we hold the working groups accountable for work products and The core problem is that those work products are effectively meaningless at this point the working groups don't have enough Teeth or authority To do constructive work. So the role really is descriptive anyway, so let's just make them descriptive and leave it if I could Repeat something that I know I mentioned I I think there were some other commentary about this I think the idea of rebooting the working groups to those that that You know people really can make a case for is important and making a case for involves not just saying Hey, I think it's a good idea to have an architecture working group I think making the case for is that there's some threshold number of maintainers on projects who commit to being a part of it and saying hey We're maintainers on fabric or maintainers on sawtooth and we're maintainers on a Roja We care about sharing ideas with each other and about architecture and Converging where opportunistically or when somebody has a new idea for how to do you know BFT algorithms on one We'd love to learn from my others But that commitment from maintainers Because that's where the teeth can come from without having to make it a you know Thou shalt or thou must implement what somebody else has come up with You have to make it intrinsic you have to make it make it you know something that comes from the developers themselves and Let me try to and say you can have a working group if the maintainers are plugged in and if they if they lose interest if They're not interested in participating then you you shut it down is perhaps the Best acid bath for determining whether you keep a working group or not, right, but Brian the difference between I'm interested in talking about Architecture and I'm going to do something that affects what I'm doing Across projects are very very different things We've been in the architecture working group and the PNC We've been changing the way that our meetings are operating and just inviting different projects that come in and do Overviews for the information that they have that Informational approach has been very successful But that's very different that that is we can get engagement around interesting topics That where we're sharing information back and forth That's very different than turning around and saying okay as Mark referenced earlier now We're going to come back and we're going to drive an interoperability standard. There's a huge gap between those two and I completely agree that focusing the What is currently the working groups on? Informational exchanges is a fantastic idea and that's basically what we're proposing But splitting out any of the active work items into something that the TSC number one Creates in a very scoped specific way number two has much more direct oversight on And number three gives authority to make modifications So all we're saying is take those two roles that you described split them out into two different processes Yeah, do you already have an idea of what? What kind of groups we would create? Um the this the topic specific high-level discussion oriented We've got several that are good right now You know architecture identity performance The education the community the CI work all of that Are not that I mean what we're trying to do right what we're trying to do with the proposals is Describe how it's actually working today. Yeah Right, I think that's really that's really the point is the task forces that have been scoped have been successful at coming back with Change oriented work items The working groups have not been successful at that, but they are being successful when we have discussions about deep topics So let's just formalize that relationship and leave it at that I also tend to so a couple of things You know there was there was mention about you know the Brian mentioned you know maintainers for instance I think that again a task force Should be spun up at the request of or at least supported by multiple projects by the maintainers of multiple projects not just one and two That in fact that they do have teeth that the intention is to come out when a specific actionable proposal That may affect the projects in some way which I think would sort of incent participation, right And I think out of that and I think we're seeing that with like the CI CD and so forth is that you're actually seeing more engagement because there's There's investment There's potential for affecting you so therefore you can involve to make sure it's in the right direction So I think that's kind of what we're saying here and yeah Again, I don't care what we call them we call them technical sigs or tea sigs or it doesn't matter But I think that what we have in the task force is is working pretty effectively All right, anybody was any concerns The task force that have been created so far have been around governance most of them And to say that that is a model that should apply to specific technical output Except for the CI CI CD stuff Most of the task forces that we have had so far are focused on governance like this particular one for example, the working group task force but uh vip and I I would The observation sorry the observation is is that we have not done enough There is a bigger problem that is preventing that and that is that we're not getting That we don't have an idea what convergence is we don't have an idea of driving specific cross project functionality at this point and I think that's that's On the tsc to come back with or to come up with you know what that vision is and what those work items would be I think some of the interoperability work for example might be an interesting place to start on that But we'll have to but we have to come back at a higher level to to drive that I mean, that's all that's all bound up in in some of these notions of convergence as it is consistency in tools Consistency in communication Consistency in governance are the areas where the projects do overlap and touch which is why the task forces have been been assigned to do that Yeah, it's not this Gary. I mean I agree with your assessment there. Mick. I I think but on the other side, right? I don't think that we can you know, I don't think that we can have our cake and eat it too, right? I mean, sorry. I missed a few things in here. I joined a little late Like uh, I I I mean to me. I don't understand what I mean If anybody who's a member of hyper legend wants to join Store them something up and it's a naming thing or whatever they should be allowed to join up create a community And we should provide a place that they can actually have a wiki and do stuff, right? That's part of being a member of hyper legend people can do what they want whether or not they have a work product or not I don't think that we can have a model like We keep talking about interop integration or whatever But that's not but but but let's face the facts the goal of this whole place has changed since then Yes, teams are trying to do it and teams are trying to do economies of scale and leverage common components and whatever but There is no modus operandi here within hyper ledger that we're going to have a unified uniform code base That went out the window the second we started emitting multiple code bases that have no chance of ever Becoming unified interoperating or even running on the same language So I think i'm not sure why i'm just i'm not really sure what we're really So trying to figure out why the tsc has to be involved in those Yeah, the the point is not that we're gonna have that discussion, right? The point is is that the task forces that we have right now are not focused on inter project Issues precisely because there haven't been any inter process issues because we're allowing the projects to be independent That's the only point so So gary, I agree with you that I think anybody is welcome to create groups that they feel like, you know, would be helpful And if they have any if there's enough Interest they we should be allowed to proceed I I think the interest in adding some formal names for those things is just You know, it allows us to have them listed on the On the website and to make them more easy to find by people might be interested There's an advertising or communication aspect to this that I think is worth, you know, considering but Fundamentally, I agree with you. I don't think anybody is trying to prevent those things or saying unless you're formally approved in that way You can't discuss anything I want us to loop back to a point that That um, you know with a performance and scale working group we've seen We had a lot of participation for the first deliverable, which was the white paper But going forward trying to get people interested in the second white paper and all has been So the main, you know the the days we have the most people attending the calls or when we have someone from like fast fabric Come talk to us about their work or something like that But for the most part the performance and scale group is now Vipin and I on most calls and you know one or two other people will will join but uh So, you know, not sure what we can do with that to reboot it As something else I was thinking of making it a state where we just get together every other week or something and Talk about different performance issues versus trying to deliver another white paper. So I'm all for what mix proposed All right, so I think we can leave it at this for today Thank you mick for you know explaining exactly where we stand As I said earlier since I don't hear strong pushback on the general idea I think we should try to make this formal next week by looking at the proposals and approving those Okay, um, and I will I will pull the sig references out and replace it from the moment with t-sig Just I don't want to get hung up on the on the naming issues. So I'll make that change I think chris kind of had a good idea for that Okay, thank you All right, let's go back to the agenda and move forward Uh deep briefing of the maintainer summit Dan You know, I have to thank dan for basically finding a host eccentric for hosting the meeting And then for running most of the meeting You know, he sent out earlier because he couldn't attend this call today Short summary of what happened. I think in general just to quickly paraphrase You know the meeting went well and was appreciated by all There was a lot of good discussions and work happening there And at the end when we kind of asked around would you rather, you know, would you like to have more of those? The answer was overwhelmingly yes. The only question that's not so clear is how often we should have those meetings and so We'll have to see there is a I know that some of you couldn't attend I've asked for you know reports and There is an invitation Several people they were different like, you know Part of it was run as an in-conference format and there were different groups that capture some of the output Into various ways and it would be helpful to have to add to the maintainer submit page At least the pointer to those reports if they were on chat or elsewhere So that there would be one place where can people where people can go to and find all of those I think that's all I can say but this is there any questions Or anybody wants to add anything to what I said Okay, hearing none. I don't see anybody raising their hands So I think we can move forward then one of the topics we actually discussed during the meeting was kind of asking around hey, what's What do you think should be part of the normal or common repository structure? Some of the files that you know, everybody would expect to find and I think it's fair to say that in general When you look at how the projects get organized Obviously, we have a lot of projects that came into hyperledger with their own history And they are the own ways of doing things and then we kind of added to this we patched and you know Made changes, but none of this was very well coordinated And now, you know, some of this was grandfathered and it's just like well, unless you have a good reason You don't want to change. That's fine. But at the same time, I think it would be helpful to have more Homogeneity along the different projects and maybe more importantly there are new projects that start from scratch or pretty much from scratch like ursa And you'd like well, they don't even have an example of what to start from And I think it would be helpful for us to define Some standard That maybe is not forced onto everybody necessarily, but at least provide some basic guidelines as to what you should do So I don't necessarily want to get into the discussion But I you know, I was interested to hear if anybody has You know, I want to take the details of what the common repository structure should be offline Um, so I created a task A page and started listing files and I encourage everybody to Go at it and add to it and comment but I just wanted to hear if anybody has any Comments on the general idea I think in general the more common things are across the projects the easier it is for people to Work on multiple projects, especially new people coming in You know, you don't have to go learn a completely different system to go do something, right? And then there are questions as you know There's the list of files you expect and then I saw I think it was Chris who said well Maybe we should also specify which format the file should be, you know, whether you use markdown or not I don't know how far we want to go There's also questions as to you know, some of the files seem to be critical and are worth discussing Which is why I have a separate issue for the maintainers file I think we all agree There's a there's got to be a maintainers file somewhere in your repo and pretty easy to find But there's the question about what do we find in this? And especially, you know, there's been the request has been made by the staff To have an easy way to find contact information for all the maintainers of the different projects Today if you look at and we did some of this During the maintainer summit, we kind of said hey, what do you have in yours? And it was pretty clear that we already had variations that were somewhat arbitrary In terms of you know, we all have this notion of you know, there are the current maintainers and there's some You know retired the maintainers You know Some people have different names for this and this is kind of stuff is like well Maybe we should just set on one name and all use the same And then there's the question as I said about the contact some use github IDs Some use email addresses or linux foundation IDs And so again, it would be better to set along what that ought to be so that everybody gets the same info And you know some of this relates to being for the main for the staff to be able to easily reach out to the maintainers The other has to do with even like, you know, when we talk about the The voting for the every year for the tsc election The point was made is very hard to actually find a valid email address for everybody And that's even true for maintainers apparently because not everybody used their You know email address So any comments there? Otherwise again, I mean my point is really to highlight the fact that I've created those files And those pages and I want to have discussion of lines on the details so that we settle on Something that we mentioned you can say, okay, we think we have it We approve that and we make it, you know, the standard for hyperlator So I think that Another thing that I was trying to say in my comment was that there are actually some files that I think are Static across all the projects. So for instance the security reporting policy that is a hyper ledger thing That we came up with at the level of the tsc And every project follows it um And so the text and the content of that I think rye you've been the one that's putting it in there Need to all be the same we should say that explicitly I think the same should apply for for instance the code of conduct, right? We created a code of conduct early on for hyper ledger and Everybody should be At hearing the same code of conduct and so the contents of that file or the link to the The wiki or whatever should be the same in all the projects. We shouldn't have differentiation at a project level I do agree that the format of the maintainers is going to be I think an important piece and I do think also that it should Again maintainers of a project are the people that everybody looks to And so making them is easily accessible and findable in chat and Wherever I think is going to be important piece of that so I would favor, you know LFID and um, and and you know rocket chat and Get help plus email Right All right, anybody else Well, you also have stuff like standard github stuff too, right? Like if we're trying to help people make it easier to get their pull requests reviewed and stuff like that, right? Moving to using, you know, codoners, I guess by default admins get notified, right for changes But if you move to like, you know codoners file, right? Which I didn't actually ever look fully at the content, but I believe it has at least, you know, github ID or whatever that's in there um Yeah, I mean so at least for the maintainers you're right on that side, I mean on the other side right on the LFID thing Right anybody can come in and create an LFID and like they all create nonsensical names and then half of them don't use real emails So there's I mean maybe LFID should actually validate real emails Yeah, and rye has something to say. I know that you don't even have to register with a new with your email address That's correct There uh You do have to validate your email to get an LFID but it can be It can be a nonsense email and There are other issues there as well, so I suppose there's Uh gdpr issues, yes There are a lot of issues. Yes gdpr sucks You know it doesn't It's not if you put up front that not if you put it up front Yeah, if you put up front that you're collecting this information that should do it So without codoners So one of the things about codoners we ran into with basu Is our workflow we would put people who want to review specifically on And if we turn that on every review gets every codoner to kind of reviews Some of the workflows that have grown up in our community So, you know, some of these github features we turn on might not work well with existing projects Yeah, so I did uh That that is because I used a rather blunt version of codoners, right? um, and you can uh make that as fine-grained as you want down to a specific file I uh I don't really have any religious attachment to using codoners Um, I was trying to use it in a different way than everyone else was using it so Uh, we can reevaluate that and do it However, the work groups. I'm sorry. However, the projects want to use it. Um Even the fine graver's in a problems because it's still going to tag everyone in there for each pr affecting it and we only want Reviewers to get tagged if they're requested to be brought in Yep I I personally Can you guys hear me? Yeah Oh, yeah, so unlike rye. I do have religious beliefs around this. Um I I really like the mozilla model of delegating sub trees of um Projects so using the codoners file down to a single file or down to folders Um, actually allows you to spread out the load of doing the reviews um of incoming pull requests, so um Anyway, I would encourage people to look at how fire fox is managed and if you want me to Write something up. I can it's actually worked very well for many years and they have a large maintainer base But I guess the question is how far should uh hyperledger go into pushing down projects workflow practices Is that something that hyperledger should be doing their projects? Well, I mean yes and no The tfc should Should product should have some autonomy in that regard Yeah, I mean I mean the advantage of codoners, right just as an example I mean the nice thing about it for other people is so your process you want to have people request a reviewer Okay, but I might not know who to request and I might create a pr and I might sit out there for a while So, you know, I mean the notion could come down to you, right? I mean, maybe we just wait until that's an issue for people and You know if people I think it is worthwhile providing. I guess I would say this Rather than the maintainers file separate thing, right because it doesn't affect anything, but maybe It's kind of like anything, right When people start using new tools or tools that are new to them or a new feature comes out, you know I think there are some things that the Tfc or whoever wants to do ready the tscs technical leaders could at least tell people Hey, here's what you can actually do. You know, maybe you should consider using a codoners file, right? I'm not saying you mandate it, but there could be things that we could Provide out there for people to do. I mean, I'll give you an example, right? My wife works for a company They roll out new tools to them all the time No one ever tells them anything About what the hell the new tool actually does or it's new capabilities So I do think at least providing some guidance on options that people might have might be useful Um, and maybe we don't mandate something like codoners for exactly the reason that somebody said if they have a different process They want to use for Good, but I think the mandate would be bad so recommendations in the spirit of The previous discussion I would propose that we have a common repo structure task force Come back with a specific recommendation and move on We're not gonna. I know we can debate that for three calls rather than on this call No, no, but Absolutely, Chris. This is in the spirit of what I meant by I I want to highlight this I don't necessarily want to get into the details Although I think the question of, you know, whether this is mandatory or not is is maybe a more general one. I mean Historically, we have not been very good at Enforcing anything. So I don't expect us to change that and You know, I would hope we could Yeah, I mean, we should enforce. We should enforce. We should enforce governance We should enforce governance Based on the fact of whatever we're telling people that should be doing and you know If there's additional things that we think we should recommend to people to make sure that there's better ways to adhere to that governance Right, because if you read the rules Right hyper ledger says right if the code is contributed blah blah blah company believes that if they go use this code They're indemnified blah blah blah to use it per se, but we've already found violations of that So if there's additional things that we should recommend that people should do to do that I think you know the tsc can be you know one place that can do that, but for other other things. Yeah, I agree but I I do think though that you know, so part of You know part of being hyper ledger is being part of the community and I think having a fragmented community doesn't really serve anybody's interests And you know, I think what we discussed at the maintainer summit was basically that getting to some agreement as to The the things that you would expect to find in hyper ledger repository and help somebody new to the project Find the people that they would or should interact with as And and and find the information about how do I contribute? You know isn't important, you know all those kinds of things getting those to be as consistent as possible across the products is a good thing Right and that we should be striving towards that now whether we mandate some things or not I don't know, but I think there are some things specifically like the security policy that I think we should be mandating And then something like the maintainer structure. I think we could be making a strong recommendation maybe not mandating but Um, and then you know, do we have a co-owners? I don't know. Maybe that's something that a project is to choose Um, you know to use as Gary was saying, you know, here's a tool if you want to use it Can be very effective. If not, okay But you better have something else that helps people find Who should be reviewing my code in my polar class? All right, great. Say segue We we I want to move on so again, you know, please said, well, maybe you should have a task force I don't know if we need to formalize it for me It's like well, there's a wiki page already a couple of them relate to the repo structure And uh the content of the maintainers five. I think I encourage people to keep Beating at it and then we'll see what comes out of it. Oh I could argue that you want to have a task force with a specific deliverable at the timeline So that it doesn't go on forever and ever right I agree that if you know My intent was like, okay, let's get started like this. And if it doesn't work, we can make it more formal. Okay So I I'm reserving the right to do that. I just okay, you're the chair Let's see how that works. Maybe you're right. Maybe I'm too optimistic We'll see but so you were talking about the security stuff So why don't you take that and explain what this is about and what you think we should do about it? um, well So there is a security reporting policy that They've You know pulled together and articulated. It's in the it's in a wiki page and Recently, I don't know. Maybe within the past couple of months A common practice Was implemented in github of having a security Um, what is it called a security reporting file? I can never remember. Yeah, security reporting policy, right? um, and so you can in your github repo you can specify a security reporting policy And and so you do that in the settings that it comes back as a security dot md file, basically um, and I think rye you've been going through certainly on some of the projects and adding a link to The wiki is that correct? um, I took some texts that dav wrote and I kind of uh, I bladded it out and It's been mostly merged. There are some versions or there are some places where it hasn't been merged, but um Yeah, that's broadly spread Yeah Yeah, and the language was just a quick the language was just a quick first pass Um with the intention of further review Yeah, well we can I mean, I think I found it was fine. Um I do think though that you know again um I think we ought to codify it and make it sort of here You know the tsc has made a ruling that says thou shalt have one of these in every republic Right to make it easy for people to figure out. How do I report your security? If I could second it, I would have a situation on the fabric project recently where somebody Blurred it out in the email list. Oh, there's a huge security hole in fabric would you know, it's really just a documentation issue but Again, not cool I think we want to encourage Consistency across the projects to make sure that that doesn't happen Okay, so that sounds like a good idea And so I encourage everybody to apply this right or to implement it right there With that waiting, but otherwise I guess that would be part of the Common repo structure and that would be highlighted, right? Yeah Okay. Thank you Let's move on. We have one more agenda item that I want to try to touch on Tracy is on We had discussed different ways, you know to what there was, you know discussion But how can we have a better handle of all the decisions that are being made? We often in the past Issues popping back up again and again and everybody says wait I think we made a decision on that already, but it's not always so easy to find those and so It was pointed out that well, there are tools now that could help us make that better And I think Tracy took the action item to show us a little bit what it could look like And investigate there were essentially two options. One is lighter than the other But Tracy, why don't you take it from there and tell us where you think you stand on that? Yeah, so conference provides different mechanisms as Arnold mentioned One is what they call DACI decisions and the other one is just decisions As you can see on the screen the different fields that are provided are Kind of listed here, right? The DACI decisions definitely has a lot more As far as what it is. I think the the commentary is really that both of these are a bit overkill for what we actually need There is a mechanism Using page properties that we could use To specify what specifically the fields are that we we are interested in capturing for each of the decisions Whereby we could create a template that creates those page properties by default and labels a page so that we can actually You know view the status of What each of the decisions are that we're trying to make I feel like we're leaning towards that as the option and not using the the built-in confluence templates if you will so It's still open. I don't think we've necessarily decided that that's the direction we want to go, but If it is like I'm happy to put together those templates Just based on, you know, what it is that we want to capture And put that out there in the TSC space Yes, so I'm biased on that one. I have expressed that before so you know, but you know, I am for the lighter version so I mean, is it really just what we're looking for is the title the status and the outcome um, if you will Is that really the three fields that? You know provide the most value for us I would think yes I mean, you know, I think having the driver or whatever you want to call it um Listed is also useful because if there's any question You can go back potentially Yeah, and I've been taught long time ago if it's you know assigned to a whole group It means it's not assigned to anybody Yeah, that's true so do we want to have Like the recording of a vote or something like that or is it too high level for that Yeah, I think that would come in where you would change the status to Uh decide it and then the fill in the outcome of what specifically was decided Right, but would we also The vote like you know, it was you know unanimously passed or passed by one vote Oh Add that to um the page itself Yeah, I don't know if you want to add the page property In and of itself or just a comment on the page itself is good enough Yeah, I want to make sure people understand the basics of the this mechanism is you know There are different pages that correspond to different issues and what we're looking at is a way to get A high level view of all the different pages slash issues And a few attributes are highlighted that actually are in the page itself So there can be more information in the page itself, obviously Tracy Yes How does this affect um like the tsc meeting minutes? Is there a little macro or something that I could embed in the minutes that link to the decision pages when votes are taken in the meetings or should we just Just normally link the page or whatever. I just wondering how much of this is automated Yeah, I mean, I guess I would probably just link to the page if you will right the page would capture Another decision right as I think it was mark mentioned, right? uh, whether it was unanimous or Uh, you know, we had any people who were Opposed that sort of thing Right, so we would record the roll call vote in the minutes With a link to the page with the item and the discussion in the comments And then once its status has been decided we'll add a backlink from the issue page to the tsc Mark I would probably say That in the minutes you probably just have a link to the page Um, you know, and then the page itself is where everything is captured Oh, so do the roll call in the page itself. Yeah I don't know. What is everybody else think? I mean, that's fine. I don't care. I'm just taking I'm taking uh asking questions because I'm the one who has to do it I would just I mean you're gonna link it but the link itself isn't going to tell you anything I would in the recording of the minutes say that it was resolved Yeah, I mean definitely, but I think the you know recorded in the page, but Certainly in the minutes you want to you know, was it just discussed or was it resolved? Yeah, I agree chris agree great Right, I mean it would be really nice if there was like a little macro kind of thing that had a roll call And I could take them off and I would just embed it in both the minutes and the top of the issue page Right, and then it would just be in one place, but I'll I'll hack around on confluence I'm getting pretty good at doing little things like that There is an include macro where you could include just a section of the page Day, okay, so we could we could definitely look at that All right. We have this time guys So I make a motion we accept this proposal I have one let's think about on next time No, I think we can defer the vote I mean, I think there is you know I sense general agreement to go with a simpler version Tracy you've wanted to put a template together if you could do that for next week We can have a formal vote that Yeah, sounds good Why don't we just vote for Tracy does whatever she wants I mean I always look at it like he or she who does should do what they want All right Thank you all for joining. Talk to you next week. Good. Bye