►
From YouTube: Kubernetes Contributor Experience SIG 20180523
Description
Join us every Wednesday!
A
All
right,
hello,
everyone
welcome
to
the
May
23rd
2018
edition
of
kubernetes
contributor
experience.
My
name
is
Paris.
It's
nice
to
see
all
of
your
lovely
faces
on
the
screen.
First
things.
First,
what
we
always
do
is
we
do
some
new
contributor
introductions.
So
if
there's
anybody
on
the
call,
that's
never
been
on
the
call
before
and
would
like
to
introduce
yourself.
That
would
be
awesome
if
not
no
worries,
but
is
there
anybody
on
the
line
right
now
that
would
like
to
introduce.
A
Alright,
so
we're
gonna
just
head
right
into
our
agenda
all
right.
Well,
first
things:
first,
we
usually
always
get
a
quick
recap
to
make
sure
that
the
community
meeting
is
ready
and
off
to
a
good
start
for
tomorrow.
Are
we
good
to
go
everyone
Josh
I
think
we
just
cleared
up
your
last
hole
with
six
storage.
What.
B
C
C
C
A
B
B
B
A
A
Right
and
then
it
helps
you
doesn't
want
to
do
it
and
we'll
just
can
the
graph
of
the
week
for
this
week
all
right
and
then
so.
First
thing
on
our
actual
agenda
is
the
cap
for
the
community
meeting.
It
looks
like
George.
You
probably
already
said
that
Caleb's
gonna
kick
it
off
on
May
31st.
Did
you
want
to
add
anything
else
to
that
yeah.
C
A
A
C
A
Right
and
then
the
next
item
on
the
agenda
is
Kate.
Sport
is
there
anyone
here
that
has
ever
interfaced
with
case
for
it
before
I
think
Ryan's
on
the
line
Ryan's
like
I
have
Ryan.
Do
you
want
to
give
us
a
quick
overview
of
K
sports
or
there
said,
are
not
aware
of
what
it
is
and
just
said,
I
like
a
high-level
living
kind
of?
What's
going
on
with
the.
D
Quick
before
I
start
I,
probably
should
have
jumped
in
at
the
introduce
yourself
phase.
My
name's
Ryan
Quackenbush
I
am
in
charge
of
bad
C
programs
at
a
frienda
and
just
a
quick
note,
the
background
of
Tim
pepper.
That
is
a
beautiful
window
and
just
that
just
when
he,
when
he
jumped
up
on
the
screen,
I
had
him
full
screen,
and
it
was
like
wow
anyway.
D
That
aside,
so
the
the
Kate
sport
began
about
a
year
and
change
ago.
Year
and
a
half
ago
after
a
conversation
and
a
series
of
conversations
with
Sarah
Novotny
and
during
those
conversations
she
and
I
were
discussing
needs
of
the
community
and
she
dis.
She
was
staying
something
I'm,
paraphrasing
obviously,
but
something
along
lines
of
the
community
lacked
a
way
to
track
the
individual
contributions
that
were
being
made
to
the
kubernetes
project
across
multiple
sites
and
sources
by
the
individual
members
and
a
prenda
had
something
in
place
at
the
time.
D
That
did
something
very
similar
to
what
she
was
discussing.
So
we
became-
or
at
least
I
became
very
excited
when
she
was
talking
about
this,
because
I
knew
it
was
an
area
that
would
be
able
to
help
with.
So
it's
based
on
a
platform
in
that
that's
from
a
company
called
influitive
influitive
out
of
toronto,
and
it's
usually
used
for
customer
advocacy
gamification
that
sort
of
thing
and
sanitizing
your
customers
to
you
know,
participate
learning
more
about
your
organization's
share
about
your
organization,
these
sorts
of
things.
D
We
turned
it
in
a
unique
use
case
to
sort
of
gamify
the
kubernetes
community
and
designed
a
number
of
back-end
integrations
that
would
recognize
the
contributions
that
individual
members
were
making
at
github,
for
example
like
if
they
were
doing
code
commits
or
pull
requests
or
logging
issues,
these
sorts
of
things
and
then
automatically
award
them
a
certain
number
of
points
within
the
advocacy
that
we
had
created.
In
addition
to
that,
you
have
because
kubernetes
is
so
technical,
and
you
know
it's
new
when
everybody
wants
to
know
about
it.
D
I
help
curate
acute
weekly,
and
that
gave
us
tremendous
insights
into
as
far
as
you
know,
what
kind
of
new
blogs
content
demos,
these
sorts
of
things
that
are
created
every
week
and
then
we
would
promote
those
within
the
hub
itself,
and
you
have
also
events
we're
a
huge
focus
of
what
we're
doing,
because
kubernetes
again
is
geographically
so
spread
out
it's
on
every
continent.
It's
on
multiple
countries.
Well,
maybe
not
an
article
North
Korea,
but
you
get
the
point.
D
So
the
idea
was
that
we
would
create
challenges
specific
to
each
meetup
event
that
were
going
on
globally.
Some
fall
through
the
cracks
just
because
there
are
so
many,
but
within
the
hub,
if
somebody
were
to
take
their
mobile
device
and
check
in
at
the
specific
meetup
event
in
Bangladesh
or
Vancouver,
Cape,
Town
or
Buenos
Aires
wherever
it
is,
they
would
gain
access
to
a
specific
number
of
challenges.
For
that
specific
event,
things
like
and
challenges
are
the
the
game
thing.
D
The
game
aspect
of
the
things
that
you
would
complete
in
order
to
gain
points,
whether
it's
a
Stack,
Overflow
or
whatever,
and
so
they
back
to
the
meetup
so
I'm,
sorry,
I'm,
rambling
I,
didn't
have
a
prepared
speech,
but
they
would
go
to
these
meet
up.
Events
answer
some
questions
and
then
there
would
be
things
like
you
know,
follow
the
speakers
that
you
just
saw
the
juice.
Did
you
know
what
kind
of
takeaways
did
you
have?
D
Did
you
want
to
share
a
picture,
and
then
we
created
or
I
created
a
social
media
account
specific
to
the
advocacy
of
that
we
created
I.
Think
it's
got
like
a
thousand
summer.
Followers
now
and
then
you
know
we
called
them
out
on
social
media,
be
like
hey.
You
know
check
out
this
picture
from
the
bangladesh
kubernetes
meetup
that
such
and
such
shared
and
this
sort
of
thing.
D
So
to
speak,
because
I
think
when
you
look
at
a
large
open-source
project
like
kubernetes,
it's
very
easy
to
lose
sight
of
the
layers
that
make
up
the
onion.
You
know,
so
that
was
one
of
the
things
that
we
set
out
to
do
and
I
think.
To
date,
we've
got
close
to
a
thousand
people
within
the
hub
itself
or
something
like
that.
You
know.
I've
been
I,
didn't
check
the
exact
numbers
but
yeah,
so
that
high-level
overview
is
is
what
the
goal
was
when
we
set
out
creating
the
case
board.
D
F
D
D
Then
I
will,
before
as
I'm,
trying
to
drag
that
up.
I
can
said:
I
can't
say
that
the
that
number
can
be
available.
That
number
can
be
can
be
tracked.
That
particular
slide
that
I
created
several
months
ago,
obviously
didn't
do
it
the
one
thing,
the
one
difficulty
and
unfortunately
there
was
really
no
way
for
me
to
track.
D
It
was
the
total
number
of
questions
that
the
hub
was
able
to
facilitate
the
answering
up
with
in
Stack
Overflow,
just
because
the
challenges
themselves,
when
you
create
them
just
to
save
time
from
a
saving
time
perspective.
You
know
my
own
life
was
just
cloning,
the
specific
challenges
and
then
recreating
them
and
redoing
them.
So
it
would
just
look
like
challenges
were
continually
recreated
but
not
answered.
So
that
was
the
one
thing
that
wasn't
able
to
track.
D
D
F
That's
that's
what
I'm
interested
in
is:
are
people
actually
going
back
to
the
hub
and
using
this
as
a
tool
like?
Is
this
tool
actually
engaging
people?
Is
we
now
at
the
time
that
this
was
set
up?
We
didn't
have
some
of
the
other
tooling
that
we
have
now
what
we
have.
We
have
another
tool
called
dev
stats
that
we
use
to
pull
reports
from
github
API
and
look
in
particular
for
github
interactions,
commits
PRS
issues
and
we
can
dive
down
more
granular
there.
We.
F
Kind
of
reporting
at
that
point
in
time,
I,
don't
believe
so
we
do
have
that
now,
but
I'm
interested
like
the
value
that
I
can
see
here
is
if
people
are
actually
going
back
and
using
the
portal
and
gamifying
their
interactions
with
kubernetes,
then
I
can
see
value
of
like
oh
yeah.
I
specifically
went
back
to
the
portal
to
go
and
check
my
points.
D
That's
a
fair
comment
generally,
what
you
see
with
advocacy
programs
is
that
it
works
in
thirds
right,
so
you'll
get.
Let's
just
say:
the
hard
number
is
100.
You
have
a
hundred
people
coming
sign-up
of
that
you're
gonna,
see
a
third
of
that
roughly
3334,
who
will
come
back
on
a
regular
basis,
contribute
to
the
project
itself
and
know
that
you're
gonna
get
another.
Third
of
that
who
are
going
to
come
back
and
do
everything
all
the
time
participate
heavily,
be
the
biggest
champions
right.
I.
D
D
You
know
one-on-one
time
with
certain
people
within
the
community
could
be
an
interesting
award
based
thing.
Obviously
you
can
do
like
the
cash
thing
or
the
gift
card
thing,
but
you
don't
really
need
to
do
that.
So
I'm,
not
sure
the
specifics
of
the
other
program
that
you
design,
but
really
the
the
advocacy
program
was
specifically
meant
to
one
track
it,
but
also
reward
it.
B
D
No
and
I
think
honestly,
the
the
hesitation
or
the
the
hands
up
so
to
speak
when
it
comes
to
gamification
in
general,
is
not
a
feedback
that
that
I've
been
on
used
to
I.
Do
think
that
this
program
could
offer
a
lot
of
value
and
I
think
I,
but
again
I
understand
the
hesitation
involved
with
it.
That's
why
I
removed
marketing
from
from
any
aspect
of
it,
because
you
know
yeah.
B
B
D
D
Sometimes
people
would
give
me
the
organization
that
they
worked
for
and
when
they
did,
that
I
would
create
a
badge
specific
to
the
organization
and
just
seeing
the
vast
amount
of
individual
companies
that
are
contributing
to
the
company's
project
was
very
eye-opening
for
me,
and
it
was
it's
pretty
awesome.
I
put
together
a
slot.
I
gave
a
presentation
on
this
action
back
in
December
and
I
put
together
a
slide.
I
was
just
badges
specific
to
the
organization's
they're
part
of,
and
it
was
pretty
awesome
but
I'm,
not
sure.
C
Have
some
feedback?
So
thanks
for
having
this,
because
when
I
joined
it
seemed
like
an
easy
way
to
like
it
started.
You
know,
but
just
stuff
and
I
actually
did
a
bunch
and
did
some
challenges.
I
think
I
was
trying
to
remember.
While
we
were
talking
why
why
I?
Don't
really
do
it
anymore
and
I
kind
of
feel,
like
eventually
I,
just
kind
of
outgrew
it
where
it's
like,
okay,
I
know
what
I'm
doing
now,
I
don't
need
to
do
challenges.
I
could
just
go
right
to
github,
so
you
know
it
might.
C
It
might
be
worth
considering
thinking
about.
Maybe
it's
more
of
an
on-ramp
thing
for
initial
people
than
it
is
I
mean
useful
for
people
who
you
know
by
the
time
they're
on
boarded.
They
have
like
work
to
do
you
know.
I
haven't
even
logged
in
in
a
while,
so
I
mean
that's
just
a
kind
of
feedback
there.
It's
like
a
good
okay,
you're
new
here
here
are
15
things.
You
can
do
that
you
have
to
do
anyway,
but
we'll
make
it
a
little
bit
fun.
C
You're,
a
pop
and
I
did
feel
like
at
the
time
when
I
joined
that
it
was
a
very
stackoverflow
heavy
because
of
all
the
unanswered
questions
and
then
I
thought
like
what
else?
What
else
could
you
possibly
do?
You
know
what
I
mean
so
I
don't
know,
maybe
you
know
being
recognized
and
rewarded
contributions.
Maybe
we
could
do
something
like
use
the
Stack,
Overflow
API
to
kind
of
basically
say
here
that
top
ten
users.
So
we
do
this
on
the
community
meeting,
we
find
the
top
ten
users
for
that
month.
C
D
And
I
think
that's
and
again,
if
you
were
to
continue
to
contribute
to
the
project
when
you
go
back,
you're
still
getting
recognized
for
the
contributions
you're
making
with
the
public
repository.
But
this
the
the
integrations
that
we
designed
with
this
hub
to
be
used
at
github,
aren't,
doesn't
have
to
solely
be
used
within
the
public.
Repository
git
hub
can
really
be
used
for
any
repository
at
github
and
recognized
or
incentivize
therein,
but
some
of
the
nice
things.
D
If,
for
example,
somebody
was
working
at
Red
Hat
on
open
shift
or
something
like
that,
and
there
was
a
question
related
to
kubernetes
in
that
specific
project,
I
can
send
out
a
challenge
notification
of
that
specific
stack
overflow
question
to
everybody
within
the
of
who
is
associated
with
Red
Hat,
for
example,
and
thus
better
ensure
that
that
question
would
become
answer
so
yeah,
I
didn't
even
know.
You
could
do
that.
I
thought
it
was
just
like
an
auto-generated
thing.
D
No,
no,
unfortunately,
the
API
is
at
github
were
elastic
to
the
point
were
allowed
us
to
do
a
lot
of
really
cool
things,
but
if
we
did
the
same
thing
with
Stack
Overflow
say
API
said
we
didn't
get
up
like
when
you
sign
up
with
your
github
account
from
that
point
forward.
You
recognize
your
contributions
there,
but
with
the
Stack
Overflow.
If
you
guys,
if
you
were
to
connect
the
hub
with
that,
it
would
be
anything
you've
ever
answered
anywhere
at
Stack
Overflow,
whether
it
had
to
do
with
kubernetes
or
not.
D
So
it
was
just
and
I'm
sure
I
think
Stack
Overflow
recently
with
some
of
the
news
that's
coming
on
there,
they
might
be
looking
into
redesigning
some
of
the
backend
stuff,
I'm,
not
really
sure,
but
yeah.
There's
there's
a
lot
of
back-end
things
that
you
can
do
with
the
advocacy
program
and
happen
see
up
in
general.
That
is
is
that
as
unique
use
cases,
especially
especially
when
it
comes
to
an
open
source
community
as
to
my
knowledge,
is
the
only
hub
or
community
that
does
anything
like
this.
It
might
not.
C
A
I'm
just
wondering,
if
there's
a
way
where
we
could
advertise
our
like
health,
London
issues
and
surface
up
tasks
and
things
that
we
think
that
we
really
need
and
also
Stack
Overflow
questions
that
need
the
most
help.
How
does
how
does
Cades
for
identify
challenges
that
actually
have
mean
versus
just
things
that
are
open-ended.
D
D
D
A
C
A
D
C
D
This
is
and
again
I
just
lost
my
train
of
thought.
A
Let's
see
we
can
get
some
more
folks
that
would
be
interested
in
helping
you
maintain
this
now
and
like
I
said,
I
can
prove
some
of
the
ideas
that
I
had
at
you
in
an
email
on
a
separate
team
on
a
separate
thread
and
see
where
kind
of
it
goes
from
there,
but
young
fortunate
I,
don't
know
if
I
have
any
solutions
for
you
on
this
call.
At
this
point,
that's.
D
D
A
B
A
F
Actually,
Ryan
I
also
would
still
be
very
interested
in
those
statistics
as
far
as
like
recurring
people
coming
back
to
the
hub,
because
that
that
to
me
will
at
least
even
if
we
could
see
like
if
it
some
is
some
insight
into
what
George
was
mentioning
of
like
hey
I
like
started
and
I
came
back
a
few
times
and
even
if
it
drops
off.
But
the
contributions
continue
like
those
kind
of
trends
with
be
very
interesting
to
see
and
would
communicate
the
value
of
the
tool.
Yeah.
D
One
way
to
increase
the
numbers
that
you
just
requested
by
the
way
would
the
only
pub
promotion
this
has
ever
received
was
the
initial
blog
announcing
that
it
was
coming
out
that
and
the
lightening
talk
that
I
gave
a
kook
on
a
couple
years
ago.
So
any
kind
of
promotion
that
would
occur
just
from
a
just
from
a
more
public
persona
say,
like
you
know,
the
actual
CN
CF
handle,
for
example,
that
would
dramatically
increase
the
engagement
and
retention
numbers.
D
C
A
B
A
B
B
I've
been
told
that
the
Linux
Foundation
folks,
that
is
the
CNC
F,
are
taken
care
of
gdpr
notices
for
kubernetes,
IO,
etc.
I'm,
a
little
less
clear
on
what
they're
doing
about
the
mailing
lists
and
on
the
agenda
are
a
couple
of
sites
that,
as
far
as
I
know,
nobody
in
the
sea,
no,
no,
the
CNCs
staff
or
anything
to
it.
All
so,
for
anybody
who
who
hasn't
had
to
follow
along
with
GDP
as
part
of
their
job
GPR,
is
the
new
European
privacy
regulation
by
this
Friday
May
25th
I.
B
B
The
privacy
statement
needs
to
have
certain
things
in
it,
such
as
what
data
the
website
collects
about
users
and
if
you
do
collect
any
data
about
users,
how
who
users
are
to
contact
about
seeing
their
data
or
deleting
it
the
to
the
sites
that
I
was
actually
looking
at
for
us,
where
I
kind
of
feel
like
it's.
It's
where
it's
up
to
us
to
take
some
action
to
make
that
happen.
Our
dev
stats
and
discuss
that
kubernetes
that
I,
oh
there
may
be
other
things
as
well.
B
B
B
The
I
mean
to
give
you
an
example
from
dev
stats.
It
would
obviously
mess
with
the
stats
to
delete
somebody's
information.
To
the
point
where
you
know,
we
would
say
that
we're
not
going
to
do
that.
The
question
beyond
that
is:
are
we
gonna
promise
to
anonymize
people
on
request
which
we
can
do,
or
are
we
not
going
to
do
that
in
the
case
of
discussed
kubernetes
that
io?
The
same
thing
again,
we
have
to
decide
is
if
somebody
puts
in
a
delete
my
stuff
requests.
B
Well,
the
first
question
is
whether
or
not
somebody
can
actually
already
go
in
there
and
delete
all
of
their
own
stuff,
the
interface?
If,
if
that's
the
case,
then
we
don't
really
need
to
make
a
decision,
because
they're
capable
of
doing
that.
If
it's
not
the
case,
then
the
question
is:
are
we
going
to
say
hey,
we'll
delete
all
of
somebody,
something
even
if
that
might
include
posts
that
many
other
people
had
commented
on.
C
C
Let
me
just
knock
out
the
ones
that
are
better
really
easy,
so
the
first
one
is
users
do
have
an
option
if
they
go
to
the
their
little
profile
where
they
can
delete
all
the
data
they've
ever
input
to
the
system,
so
every
posts
and
stuff
like
that,
that's
one
of
the
requirements
so
check
on
that
one.
As
far
as
deleting
a
user,
we
can
do
that.
C
There
is
an
anonymized
button
that
allows
us
to
take
a
person,
let's
say
Paris,
and
it
would
change
all
of
her
posts
to
like
an
on
one
three,
three
seven
or
something
like
that
and
I
feel
from
from
reading
the
GPD.
Our
thread
from
other
discourse
hosting
people
I
get
the
idea
that
that
is.
Okay,
I'm,
not
a
lawyer,
and
a
lot
of
this
stuff
is
like
a
bunch
of
Linux
nerds
trying
to
interpret
legal
documents.
So
I
don't
know,
and
then
the
last
bit
is
the
privacy
policy.
C
So
I
had
a
look
at
the
Linux
Foundation,
one
which
does
take
it
says,
takes
into
effect
the
25th.
That's
all
I
knew
that
it
was
probably
gonna
be
right.
We
have
the
option
of
linking
to
that,
which
is
what
I'm
currently
doing
now.
So,
if
you
say
hey,
what's
the
privacy
policy
on
discourse,
it
will
take
them
to
there
and
as
I
read
it
because
they
kind
of
wrote
it
generically
where
it's
like,
basically,
all
of
our
mailing
lists
and
a
bunch
of
other
stuff
that
we
run
is
covered
under
this.
C
So
if
we
decide
that
that's
okay,
that
we're
good
there,
the
only
bit
that
we
actually
have
to
take
care
of
is
when
someone
signs
up
now,
there's
a
checkbox
that
basically
says
you
know
I
explicitly
accept
this,
and
then
it
sends
them
to
that
privacy
policy
users
have
the
option
and
they
have
to
have
the
option
to
turn
that
off
anytime.
They
want
so.
C
The
only
thing
this
would
affect
us
as
far
as
I
can
tell
what
the
features
of
the
software
that
available
today
is
Josh
the
whole
thing
weekend:
sequel
query
through
a
whole
bunch
of
stuff.
We
will
have
to
take
into
account
people
who
have
opted
out
and
make
sure
that
we
are
about
querying
that
information,
but
as
far
as
everything
I
can
tell
the
flags
and
everything
that
I
turned
on
yesterday.
C
What
is
it
that
they're
opting
out
of
the
data
collection
bit
right?
So
the
bit
that
says
you
know
you
have
other
so
as
far
as
I
can
understand
the
stuff
that's
required
to
like
run
the
service
like
their
email,
addresses
and
stuff
like
that,
we
can
use
but
like
if
someone
says
no
I,
don't
want
to
use
my
content
and
they
select
no
and
I'm
posting
about
something.
C
If
you're
doing
a
sequel
query,
because
you
want
to
generate
public
graphs
about
stuff
and
I've
unchecked,
you
don't
get
to
use
my
data
right
and
then
I
found
the
instructions
that
say
these.
This
is
the
field
that
you
need
to
check
in
your
sequel:
query:
to
ensure
whether
the
user
has
allowed
you
to
reuse
this
data
in
that.
B
Okay,
so
if
we're
treating
there's
of
gdpr
field,
then
it
has
to
be
opt
out
by
default.
It
is
opt
out
by
default.
It's
it's
okay,
which
means
been
a
lot
of
people
are
not
gonna
check
that
just
because
they
don't
bother
and
read
it,
it
doesn't
mean
effectively.
Getting
stats.
Out
of
this
course
is
going
to
be
pretty
much
useless.
E
C
I
didn't
write
the
law,
man,
no
I
mean
I
yeah,
I
I
did
notice.
I
did
notice
when
I
look
for
a
lot
of
this
stuff.
It's
like
stuff
has
to
be
off
by
default.
So
right,
you
know
if
you're
providing
an
option,
it
has
to
be
off
by
default
right,
but
we
have
to
provide
an
option
right
because
the
glut,
the
previous
one
was.
We
would
just.
B
C
B
Do
not
have
to
have
the
box
is
what
I'm
saying
Oh.
In
other
words,
we
can
have
a
statement
that
says
we
will
be
running
an
aggregated
reports
on
user
activity
on
this
forum.
Ok
will
not
contain
any
personally
identifying
information
if
this
is
unacceptable
to
you.
Please
delete
your
account
here.
Okay,
that
is
acceptable
under
the
gdpr.
Now,
whether
or
not
that's
acceptable
to
us
is
another
question
entirely.
B
C
B
B
We
should
just
say
agree
to
this
or
don't
sign
up
well
being
I
was
just
going
over.
You
know
doing
gdb
here,
compliance
for
another
site,
yeah,
that's
how
it
worked
is.
If
you
don't
agree
to
those
things
it
says
you
know
sorry
not
to
be
able
to
accommodate
you
by
ok,
I'm
doing
it
for
Red
Hat
right
supplying
statistics
on
it
is
not
optional.
Ok,
so
I
can
I
could
just
get
rid
of
that
box
of
that
and
then
say
you
have
to
we're
going.
What
would
happen?
B
It's
that,
if
their
account
gets
created,
normally
and
updated
normally
and
keep
in
mind.
This
is
going
to
be
true
for
all
existing
users
as
well,
while
existing
users
would
have
to
send
them
a
reminder
and
ask
them
to
log
in
and
check
the
box,
and
it
has
to
be
off
by
default.
What
we're
going
to
end
up
with
is
a
situation
where
only
30%
of
users
have
the
Box
checked,
which
means
that
any
aggregate
statistics
we
produce
off
of
disk
off
of
off
of
discourse
will
be
completely
misleading.
A
C
C
B
Would
just
I
mean
that's
fine
that
doesn't
have
any
consequences
for
us
and-
and
the
other
thing
is
that
does
inspire
action
from
the
user,
because
if
they
wanted
the
newsletters,
then
they're
gonna
go
in
and
check
them.
Yeah
kick
box.
That
applies
to
something
that's
mainly
useful
for
us
yeah,
it's
really
useful
to
the
user
is
going
to
remain
an
unchecked
yeah.
C
A
All
right,
so
we
can,
let's
take
this
offline
too,
and
talk
to
Dan
about
Linux
Foundation
language
to
make
sure
that
they
don't
want
us
to
use
something
that
we're
not
seeing
right
now.
I
would
feel
much
more
comfortable
having
a
lawyer
dictate
to
us
what
needs
to
happen
and
and
the
exact
copy
of
the
absentia
boxes.
I
mean,
let's
like
make
a
list
like
Josh,
started
in
the
agenda
and
send
that
list
to
the
Boyar
cats,
yay
lawyer,
cats,
yeah.
B
Okay,
all
right,
so
the
one
decision
can
make
about
dev
stats
is:
do
we
want
to
promise
to
anonymize
somebody's
data
if
they
request
it?
We
have
the
technical
capability
of
doing
so
there.
It
is
because
we
can
easily
make
a
case
under
the
GDP
are
for
significant
business
interest
in
not
doing
so
and
I
know
of
their
open
source
projects
have
gone.
That
route
will
have
github
stats.
What.
B
They
have
it
in
the
privacy
statement
and
they
say
in
order
to
preserve
I
mean
part
of
this.
Is
it's
a
little
bit
different,
because
dev
stats
has
aggregated
statistics
only
the
other
projects
that
I
know
that
are
doing
this
they're
dealing
with
not
just
aggregated
statistics
but
actual
repo
history
and
for
repo
industry?
You
obviously
have
a
business
interest
in
not
obfuscating
somebody's
contributions,
because
you
know,
legally
speaking,
you
need
to
know
who
contributed
what
the
we
have
less
of
a
persuasive
case
in
dev
stats.
B
C
B
Well,
there's
more
there's
more
right!
It's
like
the
cookie
thing.
Only
it's
like
the
cookie
thing,
four
or
five
times
yeah
right,
what's
really
painful
under
the
GDP
are
honestly
is
mailing
lists,
which
is
why
I'm
really
hoping
that
that
the
CN
CF
will
come
through
on
the
Google
Groups
mailing?
Yes,
because
you
can't
undelete
a
mail
right.
B
B
I
don't
know
since
I'm,
not
an
admin
of
any
of
our
whoo-hoo
groups
like
above
I,
don't
know
what
Google
has
said
to
us
in
a
sort
of
parallel
thing:
I
run
a
mail
chip,
mailing
list
and
milchem
specifically
delegated,
and
they
said
we're
going
to
give
you
the
admin
powers
over
all
of
these
things.
But
that
means
that
you're
completely
responsible
for
handling
requests
as
well
yeah,
so
they
just
passed
the
buck.
That's
what
you're
saying
yes
is
it.
C
B
In
terms
of
millions
in
general
for
sort
of
marketing
lists,
it's
pretty
clear
that
you
need
to
opt
people
out
by
default.
In
other
words,
that's
why
you
get
all
those
notices
of
if
you
don't
respond
to
this
you'll
be
kicked
off
our
list.
It's
wonderfully
off
of
all
these
marketing
lists
that
I
never
wanted
to
be
on
in
the
first
place,
so
you
wind
on
that
one,
but
it's
a
lot
less
clear
how
public
mailing
lists
where
the
user
has
the
direct
ability
to
unsubscribe
are
supposed
to
be
treated
well.
B
F
B
B
F
That's
kind
of
my
same
thought
process
as
far
as
the
the
dev
stats
thing
is
like
anything
that
we're
pulling
out
of
github
you're
consenting
to
give
to
github,
and
it's
a
public
API
and
all
that
kind
of
stuff.
So,
like
your
data
is
already
out
there,
anyways
we're
just
pulling
it
in
that's.
The
only
question
that
comes
up
for
me
is
like
how
the
affiliation
bets,
because
I
know
some
of
those
are
like
we're
pulling
I.
F
He's
like
a
manual
associate
as
opposed
to
like
I,
know
at
one
point,
it
was
just
like
associating
reg
X
based
on
email
addresses
and
that's
how
you're
kind
of
dumped
in
dumped
in
the
group
initially.
But
if
that's
all
manually
maintained
that
affiliation
bits.
That
may
be
a
thing
that
is
of
concern.
Oh
good.
B
Point
I
forgot
about
the
affiliation
list
and
yeah
there's
actually
a
way
that
you
can
request
being
removed
from
that
there's
been
before
the
gdpr,
but
most
people
don't
know
know
about
it
by
the
way.
If
anybody's
looking
at
this
company
affiliation
stats,
that
is
manually
maintained
in
its
super
lossy,
so
you
have
to
fix
your
own
stuff,
always
regard
those
with
caution,
the
so
yeah.
So
that
is
something
that
we'd
have
to
add
in
a
dispute
proviso.
So
what
I
would
see
doing
for
dev
stats?
B
Is
you
know
specifically
outlining
whatever
responses
we
will
take
to
the
right
to
removal?
I,
don't
think
the
right
to
data
is
important
because
they
can
already
get
all
of
their
own
data
by
clicking
around
the.
So
it's
only
the
right
of
removal,
so
whatever
specific
action
we're
taking
the
right
or
removal
and
then
we're
further
to
the
LF
privacy
policy
for
everything
else,
yeah.
B
A
A
We
do
we
have
one
more
last
agenda,
item
and
I.
Think
it's
a
quick
one.
I
know
T
pepper
had
to
run,
but
he
did
put
the
security
contacts.
Information
file
in
charter
words
on
the
agenda.
There
is
a
kubernetes
tab
discussion.
You
know
we're
going
about
it.
Christoph
I
know
you
might
know
a
little
bit
about
this
to
do
you
just
want
to
give
us
a
really
quick
high-level
for
folks
when
the
caller
don't
know.
What's
going
on
with
us,
yeah.
F
The
the
product
security
team
was
originally
looking
to
extend
the
owners
file
definition
to
have
a
listing
of
the
security
contacts
for
a
piece
of
the
code,
the
key
being.
If
there
is
a
problem,
the
PST
wants
to
scope
who
they
pull
in
as
part
of
their
mandate.
They
want
to
scope
who
they
pull
in
to
developing
the
patch
to
as
tight
a
group
as
possible
because
they
want
to
limit
the
scope
of
who
who
can
potentially
violate
the
embargo,
so
they
were
originally
looking
at
extending
the
owner
style
definition.
F
There
was
some
little
bit
of
pushback
on
that.
We
actually
decided
that
a
better
route
was
to
have
a
new
file
that
is
just
scoped
to
the
head
of
a
repo
called
security
contacts.
The
only
information
in
there
like
there's
a
example
format.
The
only
key
information
is
a
github
user.
There's
needs
to
be
at
least
to
github
contact
for
a
repo.
F
So
it's
pretty
straightforward.
There
was
a
merged
pro2
community
and
there
was
a
merged
PR
to
the
template
project
for
new
projects
and
now
Jesse
from
the
the
productivity
team
is
just
kind
of
pushing
and
everyone
in
a
direction
to
make
sure
that
all
the
repos
in
in
the
Cabrini's
org
have
a
security
contact
file
and.
F
I
think
we
can
choose
that,
but
I
there
isn't
a
lot
of
code
in
community.
It's
basically
the
docs
generator
I
can
volunteer
as
a
contact
there.
I
I
don't
know
if
anybody
else
wants
to
be
a
contact,
but
it's
basically
that
Docs
generators,
the
only
actually
code
we
have
in
community
and
I
think
would
be.
That
would
have
an
issue
and
that's
not
even
part
of
core
I-
think
that
the
most
important
parts
that
they're
looking
for
things
that
are
distributed
as
part
of
the
release
yeah.
G
F
F
G
F
What
I
can
do
is
I
can
point
you
to
the
information
around
the
security
contacts
file.
I.
Think
it's
I
think
it's
also
in
the
meeting
notes,
but
then
the
other
key
thing
would
be
contacting
the
product
security
team
directly
and
asking
them
like
hey.
Is
there
anything
else
that
we
should
do
because
we're
not
part
of
the
core
bundle?
A
Right
we
are
officially
out
of
time
folks
and
if
anybody
else
has
anything
to
add
about
security
context
or
as
a
k-dubb
discussion
thread,
please
feel
free
to
add
all
comments
to
that
thread,
because
that
Matt,
that
was
a
very
good
question.
So,
let's
start
that
conversation
publicly,
some
short
other
sinks
will
probably
have
the
same
issues.
Slash
concern
so
Matt
my
honor
come
in
to
you
would
be
to
take
that
ticket
out
too
just
so
that
others
can
see
it.