►
Description
No description was provided for this meeting.
If this is YOUR meeting, an easy way to fix this is to add a description to your video, wherever mtngs.io found it (probably YouTube).
B
We
all
have
been
too
active
during
the
week
with
reviews
or
not.
Much
has
happened,
I
don't.
B
C
A
A
Or
something
6.1
so
yeah,
so
this
they
need
to
they.
They
are
testing
it.
Now
I,
as
I
spoke
to
Pascal.
C
A
C
B
D
I
mean
they
still
don't
use
the
package,
though
they
abandon
it.
They're
like
this
is
a
terrible
idea
which
makes
me
think
that
they're,
not
great
candidates
for
evaluating
changes.
C
B
Okay,
but
we
already
had
approval
for
this
one
let's,
but
then
we
have
to
wait
a
while,
because
Greg
I
think
it's
on
for
patient,
but
eventually
he
will
come
back.
D
C
B
C
You
file
is
that
how
it
work?
No,
that's
not
few
file.
D
B
C
A
D
I
updated
a
PR
today
too,
maybe
the
robots
haven't
found
it
yet.
B
Yeah,
no
probably
it's
still.
D
It's
the
Icelandic
stem
cell
Builder,
IPC
nonsense.
B
B
D
Not
you
no,
but
it
turns
out
I
have
the
ability
to
change
it
from
a
draft
also.
C
D
Remove
IPC
is
enabled
by
default
in
Jammy
system
D,
which
causes
it
to
remove
inter-process
Communications.
After
that
user's
session
has
exited
unless
you're
a
system
user
vcap
is
not
a
system
user,
so
systemd,
even
though
postgres
isn't
running
under
systemd
at
all.
It
gets
all
of
this
temp
stuff
deleted
and
postgres
just
refuses
to
run
under
Jammy.
With
this
enabled.
D
With
running
15.,
postgres,
15,
well,
I
think
it's
like
13
and
higher
or
12
and
higher
something
depend
upon
these
shared
files
that
count
as
IPC
stuff
and.
D
I
knew
there
was
text
somewhere,
so
the
options
were
change:
vcaps
user
ID.
We
thought
that
was
a
great
idea
turns
out
terrible
idea
because
of
persistent
disks
and
the
user
IDs
stored
on
those
change.
The
barrier
of
where
a
system
ID
is
currently
everything
less
than
a
thousand
vcap
is
completely
1000
exactly
or
just
disable
IPC,
since
it's
something
that,
since
we
don't
have
normal
users,
provides
no
value
and
only
likely
to
cause
harm
to
postgres
and
anything
else
using
shared
stuff.
Whatever
this
IPC
stuff
cleans
up,
there.
B
Are
people
using
bosch-based
jump
boxes
right.
D
D
So
the
IPC
stuff
isn't
like
a
big
deal.
It's
something
that
systemd
didn't
even
used
to
do.
It's
like
it's
a
minor
cleanup
thing.
It
seems
like.
D
I
get
I
have
this
feeling
that
it
probably
gets
cleaned
up
anyway,
eventually
I'm
not
entirely
sure,
but
we've
definitely
never
seen
a
problem
with
IPC
stuff
filling
up
before
and
I
think
some
people
are
kind
of
angry
that
this
is
on
by
default
on
the
internet,
and
then
nobody
listened
to
them
time
machine.
We
should
go
back
and
make
the
vcap
a
system
user.
C
D
Because
why
wouldn't
it
so
back
when
vcap
was
declared,
not
a
system
user
system,
users
were
only
a
organizational
thing.
It
was
like
these
are
system
users.
These
aren't
there's
no
behavioral
difference
and
then
a
couple
years
ago
system
view
was
like
Hey
great
we're
going
to
do.
Behavioral
changes
based
on
if
you're,
a
system
user
or
not,
which
ruins
stuff
for
us
yeah.
C
A
C
C
D
Want
well
what
he's
doing
now
is
better
than
what
he
was
doing
before
I
think
before
it
was
stuff
he
added
he
was
like
this
will
make
it
work
on
him
once
and
it
totally
didn't
make
it
work
on
him
ones.
He's
saying:
okay,.
A
Yeah
so
yeah
I
will
I
will
I'll
ping
him
again.
A
B
B
D
C
B
It's
it's
different
with
this
here
virtualbox
another
person
tried
like.
Why
is
everybody
all
of
a
sudden
interested
in
Virtual
box,
like
Bosch
light
based
stuff,
I.
D
Don't
know
this
this
other
guy,
though
he
couldn't
create
the
VM
and
I
told
him
yeah.
You
need
to
go
get
logs
and
he's
like
I
can't
get
the
logs
instead
I'm
going
to
spin
up
the
boss
director
in
virtualbox
and
use
that
to
deploy
stuff
to
vsphere
I'm,
like
that's,
not
a
great
idea,
but
it
technically
will
work,
I,
guess
and
then,
like
you,
apparently
tried
that
he
has
the
exact
same
problem:
creating
a
boss
structure
in
virtualbox,
because
presumably
his
manifest
is
busted
in
some
way.
D
D
B
C
A
In
my
response.
D
C
D
B
We
should
we
have.
We
can
ask
him
to
go
for
from
step
three
right,
yeah.
C
C
D
Yeah
turns
out
the
guy.
The
message
above
was
very
accurate,
which
I
realized
after
trying
to
reproduced
myself
I'm
like
all
right
I.
Have
it
all
and
then
I
read
a
message.
I'm
like
this
makes
a
lot
more
sense
now,
so
they
fixed
their
end
because
so
you're
following
through
the
I,
forget
what
mapper
it
is
to
the
to
the
mapped
device
path,
resolver,
which
just
tries
a
bunch
of
letters
that
match
the
letter
you
gave
is
invar
in
Dev,
but
it
should
work
on
the
the
first
path.
D
Resolver,
that's
the
good
one,
but
it
can't
because
it
no
longer
matches
because
I
think
Kenneth
was
saying
that
qemu
has
some
sort
of
limit
for
the
device
name
when
mounting
volumes
in.
So
that's
why
it
used
to
get
stripped.
So
it
does
seem
like
in
openstack
CPI.
We
could
just
strip
it
in
the
CPI.
I
didn't
see
anywhere
that
this
volume
ID
was
used
on
the
by
the
agent
other
than
for
finding
the
path
of
the
device.
So
it's
not
like
we're
going
to
break
something
else.
I,
don't
think.
D
B
B
B
I
thought
those
those
characters
are
static,
so
you
would
like
the
match.
Group
is
everything.
After.
B
Yeah
right,
yeah
yeah,
it
should
just
be
the
agent
I.
Think
it's
not
too
hard
just
change
the
name
and
I
think
that's
more
flexible.
B
D
Yeah
he
said
that
newer
versions
of
qmu
don't
strip
the
regex,
the
volume
ID
they
have
more
characters
allocated
to
it.
I
don't
know
if
that
version
of
qmu
is
actually
used
by
any
openstack
versions,
definitely
not
any
of
the
old
ones
we
use,
but
even
then,
unless
you
magically
get
a
volume
Collision
like
with
the
first
20
characters
like,
let's
probably
find
a
strip
them
all
for
now,
at
least.
D
C
C
D
C
B
Did
you
all
see
this
Joseph
did
because
he
commented
so
I'm
working
with
a
few
folks
within
VMware
to
to
come
up
with
some
ideas
of
what
this
could
look
like
and
the
problem
we're
trying
to
solve
is
I,
don't
know
embedding
some
are
servicing
some
as
bomb
related
and
attestation
related
files
in
a
in
a
in
a
way
that
we
can
later
get
these
files
out
of
a
release.
B
So
they
will
just
be
in
your
Source
tree,
but
they
are
of
they
have
special
meaning,
and
you
want
to
probably
use
other
tools
to
look
at
these
files
or
process
them
in
a
later
step.
So
yeah.
This
is
a
proposal
to
embed
these
types
of
files
and,
like
originally
I
started
out
with
the
idea
of
like.
B
Maybe
we
want
boss
to
generate
s-bombs
right,
like
maybe
it
could
run
sift
underneath
and
stuff
like
that,
but
that's
putting
too
much
responsibility
onto
the
boy
CLI,
because
then,
at
that
point
by
CLI
needs
to
be
correct
about
these
things.
B
Different
workflows
at
a
later
point
that
that
still
need
to
be
implemented
would
be
able
to
attest
certain
s-bombs
or
like
if
there's
a
go
mod
file.
In
your
repository
in
a
certain
place,
you
can
have
a
process
that
runs
that
verifies
that
all
the
things
that
are
in
the
vendor
directory
are
not
vendor
directly
in
yeah
this
it's
vendor
right.
The
vendor
directory
are
actually
matching
what
you
have
in
your
go
mod
file
and
it
matches
the
upstream,
and
then
it
attests
right
at
the
station
saying
these
things
have
been
verified
in
this
environment.
B
So
we
can
trust
that
those
embedded
artifacts.
So
that's
the
attestation
part
and
then
there's
the
s-bomb
parts
which
I'm
up.
We
had
some
further
discussion
which
hasn't
been
documented
online.
Yet,
but
maybe
actually
we
don't
want
to
for
the
go
mod
case.
Actually
don't
want
to
produce
an
s-bomb,
because
it's
the
s-bomb
is
based
off
the
go
mod
file.
Maybe
do
you
go
mod
file
or
to
go?
B
Some
file
is
actually
the
artifact
that
we
want
to
expose
as
a
supply
chain
artifact,
and
then
we
just
have
another
station
that
says
this
go
mod
file
has
been
verified
and
your
Downstream
tooling
can
just
reduce
an
S1
from
this
go
mod
file.
If
they,
if
you,
if
you
wish
so.
B
B
Yeah
because,
like
there's
different
things
that
go
into
a
release
that
have
different
Origins
and
we
we
don't
want
to
have
opinions
about
these
things,
just
like
the
different
formats
that
these
things
could
be
in
and
that
we
recognize
these
files
as
supply
chain
files,
that
Downstream
tools
probably
have
an
interest
in,
and
then
the
process
around,
like
creating
attestations
and
those
supply
chain
and
those
s-bombs
for
blobs
right.
That's
a
a
problem
we
can
solve
down
the
line
and
what
this
would
allow
like
if
we
start
embedding
these
files.
B
And
then
like
additional
tooling
like
we,
so
basically
this
is
about
what
are
the
types
that
we
want
to
support
initially,
and
support
is
nothing
more
than
saying
we're.
This
is
the
type
definition
that
we're
gonna
have
a
list
of
we're.
Gonna
have
a
list
of
certain
type
definitions
that
we
allow,
that
we
recognize
as
a
supply
chain,
find
another
file
that
people
can
start
incorporating
in
a
brush
releases.
D
B
D
B
That's
not
yeah
and
that's
why
I
think
Bart
should
stay
awake.
Yes,
that's
you
when
you
go
deal
with
shift
yes,
but
I
mean
sift
from
a
file
perspective.
It
is
it
has
a
version
definition
in
the
file
schema
right,
so
you
should
be
able
to
like
bars
to
Jason
and
find
diversion
and
then
switch
your
logic
in
your
parser,
based
on
which
version
of
the
sift
thing.
It
is.
B
D
Should
try
to
start
I'm
just
saying
that,
like
this
is
given
the
the
flux
and
all
these
things
like
it's
going
to
be
just
a
a
mess
of
unconsumable
stuff
for
the
near
future,
it
doesn't
mean
we
shouldn't
do
this
now,
but
like
I,
don't
have
a
lot
of
confidence
that
any
of
the
releases
are
going
to
be.
Have
you
know
if
you
have
a
group
of
releases
you're
not
going
to
be
able
to
do
anything
with
those
in
any
same
way
for
the
next
year,
probably
yeah.
B
So
that's
why
I
like
the
idea
of
at
least
exposing
to
go
mods
and
the
the
Ruby
like,
because
those
files
you
can
actually
what.
D
D
It's
a
lot
of
old
Goku
that
still
uses
depths
like
should
we
support
those
two
I
mean
I
feel
like
the
s-bomb?
Is
the
right
abstraction
it's
like.
That
is
a
generic
thing
that,
like
yes,
your
scanning
tool
will
take
whatever
your
language
is
doing
and
convert
it
to
that
like
us
having
to
do
the
language
part
feels
like
we
don't
have
the
team
strength
to
do
that
amount
of
work
and
keep
up
with
it.
D
C
D
I,
don't
know
like
that.
I
think
is
just
going
to
be
a
mess,
because
I
can't
tell
you
what
version
works
with
this
tool
and
also
that
tool,
because
there's
not
a
thing
like
it's
just
a
broken
landscape
right
now,
but
I
think
the
s-bomb
is
the
rights
type
of
artifact
to
be
putting
in
here
currently
because
there's
not
a
better
one.
D
B
C
B
D
I
think
the
pipelines
we
trade
fixing
them
yesterday,
there's
some
we're
changing
it
to
Auto
release
and
that
part
is
currently
orange.
So
we
were
working
on
it
yesterday
and
we
were
waiting
for
it
to
go
through.
I,
haven't
checked
it
today,
but
yeah
as
soon
as
as
soon
as
we
get
that
cleaned
up,
it
should
go
out
automatically
thanks.
D
I
know
I
know
a
lot
of
our
pipelines.
Right
now
already
do
this
for
golang,
where
they
will.
You
know
if
boss
DNS
release,
it
does
a
scan
of
what
is
there
now
and
what
we
last
shipped
and
if
there
was
a
high
critical
cve
difference
between
the
two,
so
that
means
one's
been
fixed.
Then
it
will
Auto
release
I,
don't
know
if
we
have
tooling
for
ruby
gems,
yet
I
would
hope
that
was
built
as
part
of
this,
but
I
don't
know
like.
D
Ideally,
that's
I
think
where
we
want
to
be
like
yes,
Ruby
gym
was
bumped
and
it
fixes
a
high
critical
cve.
You
know
bumping
just
because
we
bumped
and
they
changed
to
read
me.
We
don't
want
to
release
on
that
like
that,
doesn't
seem
important.
So
we
want
to
have
some
granularity
where
we
release
on
important
stuff,
which
is
yeah
not
trivial,
to
automate,
but
we'll
see
how
well
we
get
it.