-
Notifications
You must be signed in to change notification settings - Fork 686
Standup Notes 2021 03 29
Participants (alphabetical): Allie, Conor, Erik, Kevin, Kushal, Mickael
- Finalize and land key deliverables for SecureDrop 1.8.1 release
- Restore reproducibility for SecureDrop Workstation build artifacts; update docs
- Finalize design for SecureDrop Client Safe Deletion and begin implementation
Issue: https://github.com/freedomofpress/securedrop-debian-packaging/issues/218
Next step: Allie/Kushal will collaborate on bootstrapping step described in https://github.com/freedomofpress/securedrop-debian-packaging/issues/218#issuecomment-804900737
After transition to new build system, all wheels will need to be rebuilt
PR: https://github.com/freedomofpress/securedrop/pull/5870
Breakage is not related to changes in the PR - Conor will ping John when he's back
Yesterday:
- SDW release
Today:
-
Will pick up reviews
-
Backlog grooming
-
Catch up on https://github.com/freedomofpress/securedrop-debian-packaging/issues/218
-
Do step 1 (build wheels for the bootstrapping process): https://github.com/freedomofpress/securedrop-debian-packaging/issues/218#issuecomment-804900737
-
start thinking about how we will manage maintainers of repoducible wheels (one day it'll be nice to no longer host wheels that are reproducible)
-
Blockers or Asks:
- None
Yesterday:
Today:
- Review secureboot checker https://github.com/freedomofpress/securedrop/pull/5879/files
- Upgrade boxes, we need an issue for that breakage - I'll open
- Kev had a nice idea: does the upgrade-box breakage affect Focal? Maybe not
Blockers or Asks:
- Kev: Paxtest changes in place, please re-review https://github.com/freedomofpress/securedrop/pull/5848
- Mickael: Addressed RPM comments, needs stamp https://github.com/freedomofpress/securedrop-workstation/pull/666
Yesterday: (Friday)
- securedrop-export QA; audit comms & issues
- Update docs requirements across docs repos (motivated by dependabot PRs)
Today:
- File some low/informational issues from audit
- Look into workstation updater issue if time allows
Blockers or Asks: None
(OOO)
Yesterday: (Friday)
- OrgSec & learning time & misc
Today:
- Changes to restore playbook per sprint plan
- Will verify Conor's testinfra
- Docs repo updates
Blockers or Asks: None
Today:
- Reading about OSSEC and how the rules work
- https://github.com/freedomofpress/securedrop/pull/5882 created PR for OSSEC rules for fwupd
Tomorrow:
- As required Blockers or Asks:
- Can we please add OSSEC knowledge to our development docs?
- Kushal will start putting some notes in wiki for initial review
Yesterday:
- workstation release and audit publication
- https://github.com/freedomofpress/securedrop-client/pull/1210
- merged https://github.com/freedomofpress/securedrop-workstation/pull/666 Today:
- https://github.com/freedomofpress/securedrop-client/pull/1210
- https://github.com/freedomofpress/securedrop/pull/5882 also look at FWUPD options (and open a follow up)
Blockers or Asks: None