Skip to content

Latest commit

 

History

History
83 lines (65 loc) · 3.44 KB

2024-02-27.rst

File metadata and controls

83 lines (65 loc) · 3.44 KB
Raw

Open Source WG: 2/27/2024

John M. chaired the meeting. Andy could not attend because of travel.

Security: Roman Z.

See Roman's slides for details.

AR: Projects send 1 or 2 names to Roman

  • Starting a new work package for security. Need to establish UXL processes for reporting, handling vulnerabilities, SDL, etc.
  • Roman has been looking at security procesess of open source projects and is responsible for Intel security processes for some of the UXL projects.
  • Roman has agreed to lead subgroup to work on this. He needs 1-2 people from each project. Anyone is welcome to join. It is not limited to people with a defined role in a project. Short term the effort will be in setting up processes, longer term effort will be about tools.
  • Security group members will be added to private slack channel. Long term could be both private/public channel

Open Source recommendations: John M.

AR: Review checklist for your project and consider addressing issues.

  • Using Red Hat open source checklist, Rod looked at the UXL project repos to see what can be improved. It is summarized in a spreadsheet and detailed reports. oneTBB report is missing. Some people had trouble accessing the links. Robert verified that the links below do not require a google login:
  • We reviewed the oneMKL report, but discussed the issues for all projects. Most of the discussion was about communication:
    • report recommended slack, concern about having too many communication tools and drawbacks of slack (e.g. 90 history). preference for mailing list, github discussions, and other means.
    • slack is a recommendation, not a mandate.
    • concern about the need to keep some information private (e.g. discussion of unannounced products)
    • discussion about the different tools, they support different communication styles
    • recommendation to understand where a project is looking for more contributors, and how more communication can further that goal, letting people know how to communication with other developers
  • Identifying project roles
    • Seemed to be general agreement that this was good and can be done
  • Public decision making
    • projects are doing this to varying degrees
    • would like to hear about what other projects are doing and share their experiences in future meeting
  • Other topics had less discussion, but should be reviewed
    • Discuss in slack channel or raise in next meeting