►
Description
Meeting minutes can be found here: https://docs.google.com/document/d/1Bf6a1Ywi4m0Ywo4vuBBp3Q9_AA_QKbWf99WxAqRbpMw/edit#heading=h.x07hritg5tq4
Meeting summary is here: https://chaoss.discourse.group/t/ospo-todo-group-working-group-meeting-august-24-2023/252
A
On
his
also
chair,
oh,
we
are
co-chairs.
Thank
you
for
starting
the
recording,
I
assume
that's
that
was
Elizabeth.
Thank
you
very
much.
I
am
now
chairing.
So,
if
you
don't
like
hearing
my
voice,
I'm
sorry
but
I
will
be
talking
and
and
kind
of
helping
facilitate
these
meetings
a
little
bit
and
driving
the
conversation
yay
yay
I
did
it.
B
So
and
part
of
the
part
of
the
justification
for
this
was
you
know
when
I
first
started
tearing
this
I
was
actually
working
in
a
hospital
and
then
now
I'm
now
I'm
not,
and
so
it
felt
like.
It
was
weird
to
have
only
one
chair
of
the
hospital
working
group
as
someone
who
doesn't
actually
work
in
an
hospital,
so
I
thought
it'd
be
great
and
Gary's
been
stepping
up
with
the
agendas
and
everything
anyway.
So
it
seems
like
it
seems
like
a
great
bet.
A
B
B
I
just
wanted
to
get
people
kind
of
thinking
about
that
and
and
feel
free
to
reach
out
to
me.
If
you
have
any
any
ideas
or
any
thoughts.
Even
if
you
don't
have
something
yourself,
but
a
best
practice
guide
you
would
like
to
have.
That
would
be
also.
That
would
be
also
good
and
I'll
I'll
put
together
a
doc
and
start
collecting
some
of
these.
As
well
and
start
sharing
it
around,
so
we
can
all
I
got
it.
A
C
A
C
Have
not
used
any
of
the
chaos
metrics
yet
in
part,
because
I'm
a
little
bit
intimidated
by
the
complexity
of
the
tooling
involved,
and
so
the
one
page
guide
with
estimates
of
time
to
spend
would
be
really
helpful
as
an
overview
of
the
whole
process
doesn't
have
to
explain
the
whole
process
just
like
sizing
for
project
size.
If
I
wanted
to
engage
with
this,
is
this
a
one-person
one
afternoon
project,
or
is
this
a
team
of
two
spending
a
week,
or
is
this
a
quarter
or
is
this
a
year.
D
No
I
feel
like
I've,
been
through
a
lot
of
cycles
of
exercises
like
this,
and
there
seems
to
be
an
element
where
you
have
to
revisit
what
you
selected
and
why
and
sort
of
I'm
curious.
Maybe
this
is
maybe
curiosity
is
not
always
the
recipe
for
best
practice.
But
like
is
there
what's
the
appropriate
Cadence
to
revisit
and
change
a
metric,
because
I
think
it's,
you
might
chosen
to
measure
something
for
one
thing,
but
then
things
change
over
time.
D
But
then,
if
enough
factors
change
in
your
organization,
it's
worth
revisiting
what
you're
measuring
and
why
and
potentially
changing
that
so
kind
of,
like
I,
think
it's
similar
to
the
question
that
was
just
asked
around
like
kind
of
time,
commitment
to
actually
implementing
it.
But
it's
also
like
thinking
about
the
life
cycle
of
that
metric
and
usage
of
your
organization.
Maybe
you'll
track
it
perpetually,
but
maybe
you
won't,
and
so
maybe
discussing
what
those
reasons
for
changing
might
be
and
kind
of
to
be
aware
that
this
isn't
a
fixed
exercise.
B
D
D
A
Yeah
I
think
the
Cadence
is
great
because,
when
you're
getting
started,
it
can
be
very
intimidating
to
like
know
when
do
I
even
care
about
this.
Is
this
a
one
and
done,
or
is
this
a
half
yearly
or
yearly
and
I've
put
in
another
little
one
that
I
had
thought
of
which
is?
Is
it
like
an
event
or
a
moment
that
can
happen
specifically
in
an
ospo
that
it
makes
sense
to
revisit
webmetrics
you're
using
great?
A
B
I
guess
that
that
was
also
me
for
someone
who
didn't
want
to
talk
a
lot
in
this
meeting.
I,
certainly
added
a
lot
of
attendant
items
we
so
we
we
have
an
Osco
panel
at
osseu
and
we're
in
the
process
of
putting
together
our
list
of
questions
for
the
panelists.
So
our
our
thinking
was
40-minute
session.
B
We
do
like
20
minutes
of
prepared
questions
and
then
open
it
up
to
the
audience
for
for
20
minutes
of
q
a
for
the
panel,
but
we
were
curious
because
we
figured
that
a
lot
of
people
in
this
group
will
be
either
into
session
or
types
of
people
who
would
be
in
session.
So
we
were
curious
if
you
had
any
any
questions
around
osbo
value
that
you
want
to
make
sure
that
we
cover
in
this
panel
or
any
any
thoughts.
A
That
might
also
overlap
with
those
concerns
because,
as
I
understand,
it's
not
like
a
one-to-one
mapping
of
Osmos
think
about
this
and
Chaos
tracks.
This
it's
like
there
are
going
to
be
some
metrics,
that
kind
of
might
be
surprising
and
how
they
contribute
that
value.
Those
would
be
helpful
to
to
create
some
conversation
and
mapping
around.
A
C
I
guess
this
is
another
sizing
question
I
know
that
ospo's
range
in
size
from
one
person
doing
a
role
part-time,
all
the
way
up
to
much
larger
as
an
organs
as
working
within
an
organization.
That's
yet
to
hire
an
Hospital
lead,
I'm,
just
sort
of
wondering
for
the
panel
or
for
the
group.
You
know
what
size
and
Hospital
organization
is
has
proven
to
be
successful
and
how
how
much
resources
do
you
need,
especially
in
a
time
of
challenging
resource
commitments,
to
successfully
pull
it
off.
C
C
E
I'm
allowed
I
think
that
is
really
important
to
also
Define,
also
for
how
big
the
company
should
be,
because
we
are
talking.
If
we
are
talking
about
an
hospital
for
a
company
that
has
hundreds
of
employees,
then
probably
the
things
are
different
than
a
corporation
that
is
born
across
across
all
continents.
A
D
I
guess
I
would
suggest
one
on
measuring
their
own
impact
as
an
Osco.
What
do
they
bring
to
the
org
and
how
do
they
unless
they
justify
their
existence,
but
I
know
that's
kind
of
coming
under
increasing
pressure
with
the
contraction
of
the
market.
So
it's
there's
always
kind
of
a
question
to
demonstrate
value
and
that
can
very
much
align
to
all
the
things
that
we've
already
discussed
in
terms
of
say
what
areas
that
they
or
functions
they
provide
or
how?
A
A
F
A
Super
I
will
watch
virtually
and
know
whenever
you're
feeling
awkward
up
on
stage
that
I
am
clapping
behind
my
my
screen,
fantastic
any
other
input.
Any
other
questions
feel
free
to
come
back
here
and
put
them
in
later,
but
before
we
move
on
going
once
going
twice
gone
all
right,
osbo
functions
and
a
to-do
book
chapter.
F
G
The
idea
right
is
to
continue
to
use
these
functions,
to
identify
metrics
that
could
support
these
functions,
and
so
the
first
process
is
kind
of
identifying
what
some
of
these
top
level
categories
might
be.
This
is
also
I
I,
think
a
potential
framework
that
we
could
use
for
the
to
do
book
chapter.
So
we've
been
asked
by
Anna
to
write
a
book
chapter
around
metrics
that
can
be
meaningful
within
an
ospo
and
how
they
can
I'm
going
to
support
practices
within
the
organization.
G
G
Are
not
always
going
to
be
read
by
folks
with
you
know,
large
and
really
well
developed
I
suppose
they
may
be
also
read
by
people
who
are
just
starting
to
think
about
osvos
as
part
of
their
organizations.
So
if,
if
people
could
just
kind
of
talk
a
little
bit
about
why
observing
the
adoption
of
Open
Source
software
within
your
organization
is
something
that
matters
to
an
ospo.
Be
really
helpful
for
me
here
as
I
just
write
a
few
sentences.
H
A
I
I
think
I'm
I'm
gonna.
Take
this
I
want
to
make
sure
that
the
direction
that
I'm
thinking
about
this
is
the
same
as
what
you're
asking
that
it's
presumed
that
most
software
organizations
use
open
source
right
and
this
question
isn't
necessarily
about.
Why
do
you
care
like?
Why
would
you
why
are
you
fueling
adoption,
it's
presumed
that
adoption
is
happening.
I
A
Yeah
I
think
that
that's
worth
putting
as
it's
part
of
the
framing
of
this
question
that,
like
almost
every
software
Organization
for
survival
purposes,
has
to
or
almost
every
technology
Organization
for
survival
purposes
has
to
adopt
open
source,
because
that's
like
part
of
why
I
think
we
care
is
because
you
have
to
have
it
as
as
a
highly
regulated
entity.
We
at
Verizon
care
a
lot
about
doing
it
in
a
way.
That's
not
violating
any
legal
compliance
situations.
A
We
want
to
make
sure
that
the
longevity
of
the
software
is
going
to
fit
our
needs
for
things
that
have
to
sit
in
people's
houses
and
have
very
sparse
updates
over
the
course
of
multiple
years.
Like
there's,
there's
a
lot
of
like
assurance,
like
Risk
tracking.
That
happens
there
right
to
use
the
term
from
risk
working
group.
We
care
a
lot
about
making
sure
that
the
risk
is.
We.
E
A
A
G
G
G
F
G
You
for
that
so
then,
so
if
I
was
to
to
come
back
to
this
and
if
I,
you
know
I
kind
of
focus
in
on
the
internal
adoption
and
the
discovery
I'm
just
looking
at
this
one
slide.
For
for
the
moment,
we
have
this
goal
of
of
highlighting
discovery
of
OSS
within
the
organization
and
from
there
we
can
begin
to
ask
questions
once
we
can
kind
of
see
the
landscape
of
Open
Source
within
the
company.
G
G
G
How
do
you
inventory
that
and
I
honestly
I
looked
online
quite
a
bit
for
trying
to
find
ways,
so
it
it
kind
of
has
to
be
done.
Doesn't
it
or
do
you
not
track,
not
maybe
not
the
entirety,
but
some
part
of
it?
You
have
to
have
some
visibility
into
it.
I
I
really
struggle
with
this
question.
I
see
Don
shaking
her
head.
No,
so
then,
how
do
you
ask
questions
against
that
like?
How
do
you.
D
G
D
Okay,
mostly
because
I
was
going
to
discuss
it
in
reference
to
your
prior
question,
because
when
I
think
about
why
we're
tracking
adoption
of
Open
Source
inside
the
company
I
just
see
it
as
sort
of
a
required
operational
function
like
it's,
it's
just
how
multiple
engineering
teams
and
efforts
come
together
to
co-build
technology
inside
a
company
and
as
part
of
a
product
of
a
company.
So
it's
it's
very
much
as
an
operational
function
that
is
required.
D
If
you
are
doing
this,
because
there
are
so
many
different
considerations
that
have
already
been
listed
out
above
and
so
when
it
comes
to
something
like
what
you
go.
How
do
you
go
about
discovering
this?
It's
really
about
setting
up
processes
that
allow
for
the
discovery
as
part
of
the
process,
as
you
would
for
any
other
code,
tracking
system
or
ingestion
tracking
system
that
you
have
in
your
company.
C
D
Yeah
we
just
you,
have
to
go
through
an
import
process,
and
so
you
log
what
what
you
import
and
when
and
then
we
have
that
version
inside
the
company.
But
it's
also
because
our
company
is
built
on
a
monorepo.
So
because
of
that,
we
we
have
to
separate
out
anything
that
is
not
our
own.
Just
from
a
perspective
of
ensuring
IP
and
correct
participation,
engagement,
usage
of
that
IP,
and
so
we
have
to
ensure
that
open
source
is
in
its
own
bucket.
G
C
C
But
most
software
development
tools
have
some
sort
of
dependency.
Discovery
thing
built
into
them
that
can
be
imported
and
I.
Don't,
alas,
I
don't
know
the
name
of
the
the
global
tooling,
but
basically
you're
scooping
up
data
from
your
repositories,
ingesting
them
into
a
database
of
some
sort
and
then
making
decisions
from
them.
G
B
So
you
know
nobody.
Nobody
really
looks
at
what
I
install
on
my
open.
So
it
opens
our
software
I
installed
on
my
machine
to
using
my
own
personal
development
environment.
So
there
are
a
lot
of
areas
that
you
really
just
can't
necessarily
get
that
that
kind
of
information
you
know
this
it
goes
back
to
like
you
know
the
early
2000s.
We
would
have
this
conversation
with
with
companies
they'd
be
like
yeah.
We
don't
have
any
open
source
at
all
and
you
know
you're
like
well.
G
F
A
Yeah
Gary
yeah
I'm
I'm,
going
to
use
my
my
hands
up
privilege
to
to
mention
that
Christine
asked
a
question
in
the
chat.
Oh
bye
Christine
your
question.
Oh
no,
here
it
is
there's
a
question
in
the
chat
of.
Do
you
see
companies
clamping
down
on
things
like
success
and
privileges,
to
ensure
people
don't
install
open
source
tools,
locally,
I.
Think
I
can
hang
on
to
my
my
response
to
you
Matt
long
enough
that
we
can
kind
of
dive
into
that
question.
If
anybody
has
responses,
I
have
responses.
B
F
B
B
I
They
tried
that
in
our
computer
science
department
and
we
wrote
a
four-page
letter
explaining
why
this
wouldn't
work
and
send
it
to
everyone
at
the
top,
and
it
was
unanimously
agreed
to
now.
If
you
can
imagine
how
difficult
it
is
to
get
a
computer
science
department
to
unanimously
agree
on
anything,
they
agreed
on
that.
D
A
There's
the
other
end
of
all
the
way
from
the
integrated
developer
environment
there
can
be
restrictions
before
code
gets
pushed
up
into
the
internal
code.
Repository
of
no,
you
can't
use
this
one
because
it's
not
approved
or
you
can
use
this
other
one,
because
it
is
approved,
there's
a
cataloging
that
goes
on
there.
A
There's
the
secure
code,
analysis
and
sast
for
anybody
who
remembers
what
that
acronym
and
it's
like,
there's
SCA
software
composition,
analysis
that
gives
you
that,
like
s-bomb
and
that
list
of
dependencies
that
you
can
do,
but
then
there's
the
other
way
of
like
doing
just
on
the
static
code.
Instead
of
looking
at
it
when
it's
being
built,
there's
a
lot
of
different
approaches
that
you
want
to
create
that
catalog,
but
then
there's
also
keeping
the
catalog
updated
and
what
policies
do
you
create
on
top
of
the
catalog
I?
A
Think
that
discovering
where
it
is,
can
take
pretty
much
any
one
of
those
approaches
where
you
start
on
the
developer
environment
or
you
start
on
what
people
are
pulling
into
production
or
you
start
on.
What's
in
the
code
bases
right
now
or
you
start
on,
you
have
to
catalog
it
when
you're
integrating
new
code,
it's
a
it!
There's,
not
really
a
good
standardized
approach.
I,
don't
think!
There's
a
good
one!
Size
fits
all
for
it.
G
Like
you
were
pointing
out
Don
like
we
just
can't.
We
can't
ever
really
know,
what's
happening
inside
of
an
office,
for
example,
but
there
are
certain
areas
where
we
do
have
processes
in
place
where
we
ask
questions
about
software
for
certain
things
that
we
do
and
it
might
be
in
those
places
where
we
could
at
least
have
some
Discovery
it'll,
be
a
small
slice
of
the
pie
as
to
the
overall
open
source.
G
A
G
So
this
is
me
again
so
so
part
of
chaos
cast
one
of
the
things
that
we
had
talked
about.
I,
don't
remember
where
maybe
in
the
community
call
was
having
do
you
remember
in
this
group,
I
think
I,
don't
remember.
Was
it
a
you
Alyssa
that
had
asked
about
people's
response
to
one
of
the
most
recent
LF
reports?
G
G
G
H
F
G
H
I
think
that's
great
I
I
would
extend
it.
I
have
no
idea
exactly
what
you're
thinking,
but
it
doesn't
have
to
be
just
LF
reports,
because
I
think
it
would
be
really
interesting
to
get
an
assignment
to
actually
read
one
of
the
paper
like
the
papers.
You
know
like
it
would
be
really
interesting
to
to.
E
G
That
was
actually
right.
Yeah
we
could.
We
could
localize
it
to
a
podcast
and
I.
You
know
it
as,
for
example,
if
it
was
like
a
if
it
was
an
LF
report.
I
think
a
lot
of
people
would
probably
be
really
interested
in
kind
of
listening
to
what
folks
say
from
from
this
community
thought
of
the
report
and
kind
of
it
would
be
a
nice
synthesis
of
kind
of
what
was
in
the
document
and
just
people's
reactions,
so
I
I,
just
it
was
kind.
E
G
Idea
the
book
club
book
club
from
from
from
our
community
call
as
well
as
the
discussion
that
we
had
on
the
report,
maybe
two
weeks
or
four
weeks
ago,
whenever
that
was
kind
of
coming
together,
it
was
just
a
really.
It
was
a
really
great
idea
and
I.
Think
I
remember
who
had
the
the
idea
was
a
married
blessing,
I
think
who
was
on
this
call.
Have
this
idea
to
do
this
as
a
chaos
guest
so
more
to
come
on
that
I
just
wanted
to
put
that
out.
There
yeah.
B
Yeah
and
then
just
to
add
to
that
we're
sort
of
rebooting
chaos
cast,
so
we
haven't
done
an
episode
in
eight
or
nine
months,
and
so
we're
we're
starting
it
up
again,
and
so
the
idea
is
to
do
one
episode,
that's
kind
of
around
you
know.
What's
what's
new
in
chaos,
that's
been
happening
since
the
last
podcast
I
would
actually
like
to
talk
about
that.
B
Maintainer
report
I
think
that
would
be
a
really
good
topic
to
have,
but
in
general,
if
you
have
other
ideas
for
things
we
should
be
talking
about
in
the
chaos
cast,
podcast
go
ahead
and
add
those
to
the
planning
dock.
There's
a
store,
random
ideas
section
at
the
bottom,
so
so
feel
free
to
have
ideas
and
add
your
name
so
I
know
who
added
this
I
know
who
to
talk
to,
but
I'd
love
to
have
ideas
from
this
group
in
particular,.