#jenkins-meeting log

18:00:20 <danielbeck> #startmeeting
18:00:20 <robobutler> Let the Jenkins meeting commence!
18:00:24 <danielbeck> hi everyone!
18:00:28 <danielbeck> well, this should be quick
18:00:39 <danielbeck> #info https://wiki.jenkins-ci.org/display/JENKINS/Governance+Meeting+Agenda
18:00:52 <danielbeck> #topic recap last meeting's actions
18:01:01 <danielbeck> #info http://meetings.jenkins-ci.org/jenkins-meeting/2017/jenkins-meeting.2017-09-27-18.00.html
18:01:14 <danielbeck> rtyler isn't around today unfortunately
18:01:36 <danielbeck> but the entry is on https://wiki.jenkins-ci.org/display/JENKINS/Approved+Trademark+Usage
18:01:38 <danielbeck> so that's done
18:02:03 <danielbeck> #topic LTS status check
18:02:26 <ogondza> right
18:02:26 <danielbeck> well, this is out earlier than usual, since it's a security fix
18:02:42 <danielbeck> #info https://jenkins.io/changelog-stable/#v2.73.2
18:02:43 <ogondza> we get the release remoting in during testing window
18:02:53 <ogondza> *released
18:02:58 <danielbeck> 3.10.2?
18:03:00 <danielbeck> or WDYM?
18:03:08 <oleg-nenashev> yes
18:03:19 <ogondza> yes, the one where we used snapshot originally
18:03:30 <oleg-nenashev> But It was the same as the snapshot I shipped for the initial snapshot release
18:03:47 <oleg-nenashev> * Excepting the release packaging flow I had to backport
18:03:47 <ogondza> right, not much to report on when it is already out :P
18:04:06 <oleg-nenashev> We just need to monitor JIRA for a while
18:04:18 <danielbeck> ogondza and if it weren't, we couldn't tell anyone what's in it ;-)
18:04:40 <ogondza> heh
18:04:44 <danielbeck> oleg-nenashev do you expect problems?
18:04:50 <danielbeck> more than usual I mean?
18:05:17 <oleg-nenashev> nope
18:05:20 <ogondza> btw, I am working on cleaning ATH of some of the less useful/duplicated tests
18:05:34 <danielbeck> ogondza great
18:05:39 <ogondza> to make it more reliable to stable testing
18:05:43 <danielbeck> I also saw the, uh, PR PR
18:05:56 <ogondza> PR PR, right
18:06:11 <danielbeck> #info https://github.com/jenkinsci/jenkins/pull/3073
18:06:22 <ogondza> but that is unrelated to .2 released today
18:06:26 <danielbeck> right
18:06:27 <ogondza> all from me
18:06:31 <danielbeck> thanks ogondza
18:06:44 <danielbeck> so regarding security content I plan to start a thread on the dev list
18:07:01 <danielbeck> I think we got a bit too far on the 'secrecy' side TBH
18:07:33 <danielbeck> one of the fixes could probably have been done in public, and it's not clear really whether it was necessary
18:07:43 <danielbeck> so I plan to ask for feedback from the dev list
18:07:48 <danielbeck> #info https://jenkins.io/security/advisory/2017-10-11/#user-remote-api-disclosed-users-email-addresses
18:08:39 <danielbeck> in general we'll of course continue to keep security vulnerabilities closed until fixed, but in this case I'm not sure that was necessary
18:08:47 <danielbeck> that's all from me, too
18:08:57 <danielbeck> #action everyone to update their instances
18:09:06 <danielbeck> #topic next meeting
18:09:23 <danielbeck> October 25, same time (which is UTC, remember DST changes!)
18:09:44 <danielbeck> #endmeeting