►
From YouTube: Brigade Community Meeting -- 2022-03-29
Description
A recording of the Brigade Community Meeting on 2022-03-29
A
Hello
brigadiers
and
welcome
to
the
march
29th
2022
occurrence
of
the
brigade
community
meeting
in
a
first
today
we
actually
have
no
attendees,
I'm
going
to
record
a
brief
update
on
the
project
anyway
and
post
this
to
youtube
later,
as
I
do
with
all
of
the
meetings,
even
when
they
do
have
attendees.
A
I
I
think
our
lack
of
attendance
today
is
probably
due
to
I'm
aware
of
a
few
maintainers
who
messaged
me
and
said
they
couldn't
make
it.
Some
of
them
are
actually
up
in
the
air
right
now,
and
also
for
those
who
aren't
aware.
Alternating
occurrences
of
this
meeting
happen
at
different
times.
What
we're
trying
to
do
is
accommodate
both
people
in
u.s
time
zones
and
in
other
international
time
zones,
particularly
brazil
and
australia.
A
A
So
here
we
go
I'll
bump
up
the
size
of
this
text,
a
little
bit,
as
I
said
short
agenda
for
today,
quick
update
on
the
community,
we're
continuing
to
see
new
contributors
arrive,
which
has
been
fantastic.
The
more
the
merrier
and
we've
been
seeing.
A
Some
really
good
work,
really
good
contributions
from
new
people
who
are
showing
up
mostly
on
the
dashboard,
but
we
also
do
have
a
few
others
who
have
shown
up
and
made
contributions
to
brigade
itself,
which
has
been
absolutely
fantastic,
we're
finding
our
work
is
increasingly
community
driven,
which
is
a
good
thing.
It
does
make
it
a
little
harder
to
predict
timelines
on
things
that
we
want
to
do,
and
it
does
make
things
a
little
bit
more
chaotic,
but
that's
okay.
A
Also,
the
community
is
beginning
to
take
up
a
larger
percentage
of
the
small
issues
which
we
really
appreciate.
That's
awesome,
quick
update.
On
google's
summer
of
code,
we
did
submit
three
different
project
ideas
to
the
cncf,
who
in
turn
goes
through
some
process,
which
I'm
not
really.
I
don't
have
a
lot
of
insight
into
what
that
process
is.
I
don't
necessarily
believe
that
all
the
ideas
that
we
submitted
make
the
cut,
so
I
will
try
to
find
out
more
information
about
that,
because
I've
got
a
lot
of
people
asking
me
about
this.
A
There
have
been
a
lot
of
people,
a
lot
of
new
contributors
who
have
expressed
interest
in
working
with
us
for
gsoc
and
I'm
sorry.
I
don't
have
great
answers
for
most
of
those
people
right
now,
but
I
will
talk
to
somebody
at
cncf
and
find
out
what
I
can
about
timelines
and
and
when
we
can
expect
to
know
whether
the
ideas
we
submitted
are
actually
becoming
formal,
gsoc
projects
or
not.
A
Last
time
we
met.
I
talked
about
the
get
basics
for
brigade
contributors
video.
We
had
noticed
that
a
lot
of
new
contributors
were
also
new
to
get
a
lot
of
our
new
contributors
are
students
or
early
in
career,
and
so
some
of
the
things
that
we,
you
know
are
a
little
bit
anal
on
with
this
project,
things
that
we
really
insist
on
like
having
signed,
commits
and
verified
commits,
or
that
is
to
say,
commits
that
are
gpg
signed.
A
You
know,
that's
not
necessarily
an
easy
thing
for
everybody
to
do
if
they're
not
super
familiar
with
git
or
not
super
familiar
with
the
gpg
suite.
So
we
did
put
out
a
video
to
help
people
through
that
it
received
positive
feedback
from
a
few
new
contributors
who
were
helped
by
it.
A
It
received
positive
feedback
from
the
maintainers
of
other
projects
who
want
to
make
use
of
the
video,
and
it's
even
been
suggested
that
we
could
genericize
it
and
promote
it
as
a
helpful
resource
for
people
contributing
to
any
and
all
cncf
projects.
So
the
video
was
previously
public
but
unlisted.
A
I
listed
it
as
of
today
based
on
the
the
positive
feedback
that
was
received,
so
it's
out
there
for
anybody
to
easily
find
and
view
now
just
a
quick
update
on
our
security
posture,
most
of
the
last
two
weeks
and
perhaps
even
prior
to
that
we're
consumed
with
security
related
issues.
A
A
So
some
of
the
things
that
we've
started
doing
over
the
past
few
weeks,
we
now
scan
images
as
part
of
our
ci
process,
so
any
image
we
build,
we
scan
it.
If
any
vulnerabilities
are
found,
it
doesn't
automatically
fail
the
build,
but
it
does
surface
to
us
for
informational
purposes.
So
we're
trying
to
take
baby
steps
towards
better
software
supply
chain
security
here,
so
the
the
idea
is,
is
not
necessarily
that
a
vulnerability
stops
us
from
moving
forward.
A
But
it's
it's
just
it's
just
an
fyi.
At
this
point,
we
want
to
know
about
vulnerabilities
that
exist
and
we
want
to
be
transparent
about
those
now.
That
being
said,
we
have
used
information
that
we've
gleaned
from
those
scans
to
go
and
address
specific
issues
and
further
reduce
the
vulnerability.
So
this
is
information
that
we
are
acting
on
as
we
become
aware
of
it
also
as
part
of
our
release
process.
Now
we
sign
images
and
we
also
produce
s-bombs.
A
Those
are
software
bills
of
material
for
those
who
aren't
familiar
and
we
publish
those
to
the
github
releases
page
as
part
of
each
release
and
just
to
fully
vet
that
process.
We,
as
of
today,
have
cut
release
candidates
of
every
peripheral
and
a
new
release
of
brigade
itself
is
also
pending.
A
A
We
want
to
hear
about
it.
Karen
is
running
point
on
that.
I
did
see
the
survey
that
she
created
and
it
looks
good
to
me,
but
I
don't
believe
it's
been
disseminated
to
anybody
yet
just
a
few
other
items
that
are
still
pending
brigade
in
five
minutes
episode,
three
has
still
not
been
released.
That's
due
mostly
to
the
security
work
over
the
past
two
weeks
that
took
precedence
and
then
also
illness.
On
my
part,
you
may
be
able
to
hear
that
I
don't
sound
right
today.
A
I've
got
a
sinus
infection
that
I'm
recovering
from,
so
I
will
again
try
to
prioritize
this
over
the
coming
weeks.
I
know
I've
been
promising
this
episode
3
for
some
time,
and
I
really
hope
to
get
it
done
before
we
meet
again.
A
Also
google
analytics
work
is
still
pending.
We
are
collecting
all
the
analytics,
but
we
don't
really
have
all
of
the
right
filters
in
place
and
everything
yet
to
generate
useful
reports
from
those
analytics.
So
that
also
is
something
that
we've
got
to
get
done
sooner
rather
than
later.
Also
george
has
promised
a
blog
post
about
the
cron
event
source,
which
went
ga
two
three
weeks
ago.
A
I
think-
and
that
also
has
been
delayed
due
to
illness,
but
I
believe
he
said
he's
back
to
coding
today,
and
the
blog
post
was
one
of
his
top
priorities,
so
we
should
have
a
post
about
that
soon.
A
So
that's
all
that
we've
got
for
today,
since
we
don't
have
anybody
else
in
attendance.
We
obviously
are
not
going
to
open
the
floor
to
discussion
of
other
items,
but
hopefully
we
see
more
people
two
weeks
from
now
when
we
have
the
the
occurrence
of
the
meeting
that
is
scheduled
for
the
convenience
of
of
international
contributors
and
community
members.
So
thank
you
everybody
for
your
time.
If
you
have
gone
to
youtube
and
watched
this
video
and
we'll
see
you
in
two
weeks,
bye.