►
From YouTube: 2023 03 31 Docs Office Hours
Description
No description was provided for this meeting.
If this is YOUR meeting, an easy way to fix this is to add a description to your video, wherever mtngs.io found it (probably YouTube).
A
Welcome
everyone:
it's
the
31st
of
March
2023.
This
is
documentation,
office
hours,
topics
on
the
agenda,
Jenkins
Awards
voting,
roadmap
updates,
pgp,
signing
key
MSI
windows
or
MSI
signing
certificate
and
possibly
two
more
items
on
end
of
life
items.
Any
other
topics
you
want
to
add
Chris
anything
you
want
to
add.
B
We
probably
won't
have
time
because
I
I
I
I've
been
wanting
to
talk
about.
You
talk
a
little
bit
well.
B
A
All
right,
then,
let's
go
through
them,
so
Jenkins
award
voting
period
ended
will
be
announced.
Results
will
be
announced
at
cdcon,
May,
8th,
Vancouver
Washington.
A
Bc
yep,
that's
correct.
Google
season
of
docs
janka's
project
won't
participate
not
participating
this
year.
We're
folk
full
focus
on
Google
summer
of
code.
Okay,.
B
B
So,
currently,
it's
like
I
can
see
like
most
most
mentors
have
already
reviewed
one
at
about
at
least
two
or
three
and
I
think
we
can
do
a
bit
more
a
bit
better,
but
I'm,
not
sure
if
we
have
the
time,
because
I
think
this
is.
A
Yeah
so
mine,
my
reviews
have
been
damaged
by
work,
so
I'll
be
reviewing
this
weekend,
okay
and
if
they,
if
they
don't
take
my
feedback,
that's
perfectly
fine
as
well
it
just
it's.
It's
not
worked
for
me
to
do
the
reviews
I
sincerely
apologize,
but
that's
that's
how
it's
been.
It's
just
been
well
code.
Signing
certificates
Etc
had
to
get
my
highest
priority.
B
A
So
John
Mark
today
said
he
thinks
that
we'll
likely
be
able
to
do
four
projects,
yeah
the
what
we've
done
this
year.
Meg
is:
we've
set
a
different
standard
and
I
like
the
standard
very
much
we
we
specifically
want
a
designated
lead
mentor
for
each
project
yeah
and
that
lead
Mentor
has
strong
experience,
has
permissions
to
the
repositories
Etc
and
then
want
three
plus
mentors
in
total
for
each
project.
A
Okay,
yeah,
that
way,
we've
got
and
Chris
my
sense
is:
we've
got
the
depth
to
do
both
those
things
for
for
up
to
four
projects,
yeah
I
think
so.
Apparently,
yeah
yeah
we've
had
really
really
strong,
strong
participation
from
several
of
these
candidates
to
be
be
the
additional
mentors
rather
than
and
Lead
Mentor
we've
got
me
Chris
Adrian,
who
else
John,
oh
Bruno,
possibly
so
so
it's
looking
it's
looking
quite
promising.
D
B
A
B
A
On
the
gsoc
site
and
then
candidates
and
upload
replacement
versions.
C
A
Well,
no,
it's
okay!
So
it's!
This
is
we're
in
the
draft
phase
now
right,
so
so,
they're
they're
able
to
refine
their
chain
refine
and
improve
Things
based
on
our
feedback
after
April
4
those
things
are
frozen
and
we
start
the
the
ranking,
the
the
prioritization,
the
assembling
of
our
proposed
mentoring
teams
that
will
then
be
submitted
to
Google
in
what
is
it
two
weeks
or
three
weeks
after
the
start?
Chris
I,
don't
remember
the
exact
timeline,
yeah.
D
B
I
think
it's
like
we
haven't
been
hearing
a
lot
from
some
of
the
mentors
so
I'm.
D
A
C
A
All
right
any
any
other
points
there.
So
the
review,
the
review
tracking
is
happening
in
the
in
the
worksheet
in
the
public.
Worksheet
right
you
ever
liked
it
I'm,
pretty
sure
I
do
I've
I've
had
it
before.
D
A
D
D
C
B
Let
me
think
sorry,
I
can
talk
about
other
things,
but
for
right
now,
I
was
like
I.
Think
I
can
tell
like
some
of
the
proposals
are
quite
promising,
but
it
depends
on
like
the
file
reservations
too,
because
I
think
this
year
in
particular,
so
many
many
money
is
starting
to
submit
the
purpose.
I
was
late
to
Google,
so
we
haven't,
we
haven't
done
like
we
haven't
seen
like
most
proposals
like
they
asked
me
to
food
drive
version
on
the
portal,
yet.
D
A
D
B
A
A
D
A
That
as
future,
it
is
in
fact
released.
Okay,
those
kinds
of
things
so
then
user
interface
rework
is
clearly
in
progress
right
now
and
user
guide
improvements
have
been
in
progress
for
a
while,
so
those
kinds
of
things
need
to
be
updated.
Remoting
over
websockets
is
done.
It's
production
use
lots
of
places.
So
we've
got
a
number
of
things
like
that
that
need
to
move
around
on
this
so
that
they
accurately
show
where
we're
at.
C
A
All
right,
then,
this
one
I
think
is
worth
us
having
a
conversation
about
to
hear
particularly
Chris
if
you've
had
any
further
feedback
to
offer
Meg
to
be
sure,
you're
aware
of
it
and
have
any
things
to
suggest.
So
what
happened
is
the
the
2.397
Jenkins
weekly
okay
uses
a
new
pgp
signing
key
for
the
dev
and
the
RPM
files?
A
A
Oh,
unless
you
change
the
install
configuration.
B
A
B
A
So
what
we
would
do
is
change
this
text
here,
instead
of
this
signed
by
message,
it
is
signed
by
string.
It
would
say
something
as
noted
here
where
it
says:
allow
unsigned
equals
true
or
some
such
thing
just
a
minute.
Let's
find
it
and
the
problem
with
allow
unsigned
equals
true
or
allow
insecure
equals.
Yes,.
B
A
A
And
a
new
install
and
the
only
ones
who
would
actually
detect
this
are
those
who
read
the
new
install
instructions.
We
don't
have
anything
like
this
in
the
upgrade
instructions
yeah
now
387.2
will
have
it
in
its
upgrade
guide.
It
will
tell
people
to
to
use
this
use
the
new
key
and
it
will
it
just
works.
Okay,.
A
Well,
they
they
end
up
with
one
blockage
installed
that
was
not
installed
with
a
strong
signature
right
with
a
with
a
from
a
signed
package.
So
yes,
now
it's
only
one.
It's
only
packages
from
this
repository
that
are
made
that
are
allowed
to
be
done
without
the
signature
check,
and
so
that
means
it's
in
this
case
only
exactly
one
Jenkins,
but
it
is
one.
C
And
with
Jenkins
you
could
do
some
damage
and
what
I'm
thinking
is,
if
I
were
a
certain
kind
of
person,
I'd
be
scooting
around
the
internet.
Looking
for
this
release
of
Jenkins
and
systems
that
might
give
I
mean
it's
it's
like
you
know
it's
something
that
it's
kind
of
a
it's
going
to
be
a
known
thing
and
I'm
also
thinking
that
this
is
a
workaround
that
should
only
be
implemented
by
people
who
know
what
they're
doing
right.
D
A
A
C
B
A
Oh,
oh
I,
take
it
back.
There
is
something
we
do
need
to
do.
That's
now,
you've
now
I've
thought
of
this,
and
this
is
a
perfect
thing
with
you
here:
Chris
you're,
the
release
lead
for
387.2,
correct
yeah.
B
A
We
need
to
merge
the
approve
and
merge
and
merge
the
change
log
and
upgrade
guide.
Are
you
okay?
If,
in
these
last
few
minutes,
we
take
the
time
to
do
that
review
and
do
the
merge.
A
Because
I'd
reviewed
it
with
Kevin,
Kevin
Martins,
but
I
would
really
like
to
get
it
merged.
We
like
to
have
it
merged
well
before
the
release
date,
so
that
that
keeps
the
release
leads
things
about
which
they
must
worry
less.
A
A
Here's
what
it
is:
okay,
this
this
is
infrastructure,
so
let's
do
an
update
the
branch
this
will
cause
it
to
build
again,
while
it's
building
again,
let's
review
it.
Okay,
okay,
so
I
had
reviewed
it
once
previously.
Here
is
the
banner
for
the
signing,
the
change
of
the
signing
key
and
a
link
to
the
blog
post.
Let's
double
check
that
this
link
is
the
correct
link
by
going
here
and
testing
it.
C
B
A
A
Has
got
a
mistake
in
it
that
baselpro
detected
okay
and
so
let's
go
fix
it
Oh
wrong.
One
jenkins.io.
D
A
D
A
B
A
A
Okay,
good
all
right,
so
the
mistake
I
had
made
was
I
copied
a
three-year-old
blog
post
and
used
its
instructions.
We
have
since
updated
the
installation
instructions
and
these
on
the
right
hand,
window
are
the
new.
Are
the
modern
installation
instructions?
Okay,
so
we
want
to
use
the
better
ones,
and
now
we
need
to
change
this.
C
A
C
A
A
B
B
A
No
okay,
let's
do
a
refresh,
oh,
maybe
I
haven't
pushed
yet
it
would
help
if
I
pushed.
A
B
D
A
A
And
this
one
probably
matters
to
Chris
as
well,
so
there
are,
in
addition
to
the
pgp
signature
expiring,
that
one
we
renewed
ourselves.
The
code
signing
certificate
that
we
use
to
sign
the
windows.
Msi
installer
is
also
exp.
It
has
now
expired
and
we
started
the
renewable
process
about
a
month
or
a
month
and
a
half
ago.
It
turns
out
that
lawyers
had
to
be
involved
I
and
the
process
is
not
yet
complete.
B
A
On
the
2.387.2
release,
so
so
let
me
talk
to
what
that
means,
because
also
signs
the
jar
file.
A
B
A
Low
impact,
low
risk
right,
the
MSI,
installer
won't
be
signed
and
that's
high
impact.
A
So
one
of
the
proposals
and
I'll
be
sending
this
I'll.
Send
it
actually
to
you,
Chris,
to
to
Tim
jacombe,
to
the
Jenkins
board
and
to
vadek
felonier
the
security
officer
and
to
Damian
dupartel.
The
infrastructure
officer
proposing
to
drop
do
not
generate
an
MSI
with
2.387.2,
because
I
think
it's
worse
to
deliver
an
unsigned
one
than
to
not
deliver
one
users
that
want
to
upgrade
windows
to
2.387.2,
install
an
earlier
version
2.387.1
and
then
upgrade
the
war
file.
A
B
A
Why
the
MSI
installer
has
not
been
is
not
updated
as
far
as
I
can
tell
when
an
MSI
installer's
signature
expires.
There
is
nothing
shown
to
the
windows
user
to
hint
that,
because
we've
got
old
old,
MSI
installers
I
brought
one
up
like
1.612
or
something
and
it
opened
on
my
Windows
computer.
Just
fine,
even
though
its
certificate
is
long
ago,
expired.
A
B
A
D
A
They
they
will
be
notified,
so
let's
say
they
what
they
would
do.
Is
they
they
pick?
Oh,
we
actually
there's
one
thing
we
would
need
to
check
need
to
check
that
the
download
site
doesn't
is
not
broken
by
the
non-delivery
of
2.387.2.
The
windows
download
site,
our
Windows
download
page
I,
should
say
all
right,
2.387.2,
MSI,
right
and
we'll
have
to
explore
to
be
sure.
Are
there
other
things
we
should
put
on
the
checklist.