►
From YouTube: ROS 2 Security Working Group (09 May 2023)
Description
No description was provided for this meeting.
If this is YOUR meeting, an easy way to fix this is to add a description to your video, wherever mtngs.io found it (probably YouTube).
A
A
Okay,
so
as
for
the
items
in
the
agenda,
I
added
quick
item,
which
is
I,
wanted
to
gather
any
feedback
that
the
group
may
have
on
the
amend
robbers
that
I
developed
recently,
the
as
a
refresher.
A
This
are
packages
that
active
wrappers
to
use
with
an
almond
projects
and
run
security
and
general
code
quality
scanners.
A
The
amount
report
has
a
few
elements:
lint
repo
has
a
set
of
logs,
including
CBP
check,
and
these
two
add
support
for
Bandit,
which
is
a
well-known
open
source
python
scanner
and
for
some
grip
as
an
engine
to
run.
It's
quite
versatile
and
I've
used
it
before
and
I
thought
it
was
pretty
cool
easy
to
use.
So
I
have
this
on
my
profile
as
of
now
but
I
plan
to
open
pull
requests
for
the
element
repos,
so
everybody
else
can
take
advantage
of
them
and
put
them
in
the
same
place
as
the
existing
ones.
A
There's
a
yeah
CVP
check,
C
language,
a
bunch
of
linters
in
there,
but
not
much
security.
So
this
adds
some
more
tools
that
can
be
easily
integrated
in
cmake
files
at
build
time
and
run
with
a
command
line.
A
So
if
you,
if
anybody,
has
be
used
this
before
and
would
like
to
try
it
out
and
give
me
feedback,
it's
very
welcome.
B
I
saw
some
items.
Marco
has
added
today
agenda
to
be
moved.
B
Yeah,
so
I
I
was
just
attending
the
roast
weekly
developers
meeting
and
they
there's
this
issue
that
was
raised
up
that
I
linked
here.
Maybe
I
can
press
anything
goodness.
B
Yeah,
so
this
is
this
mostly
versioning
Library
version
in
problem
that
affects
the
sros
package,
and
it
seems
that
it's
just
that
the
pkcs7
underscore
the
attached
is
an
attribute
that
is
the
it's
been
removed
at
some
point.
B
B
So
apparently,
I
think
this
is
part
of
this.
This
work
here,
but
I
just
wanted
to
raise
it
up.
So
we're
aware
of
this
and
wait.
B
Yeah,
so
the
problem
is
I,
think
it's
not
affecting
the
Linux
installations
for
now,
because
the
version
is
still
not
as
high
as
the
one
that
was
used
here
in
the
in
the
windows
version,
but
certainly
in
the
future
it
will.
It
will
appear
so
just
wanted
to
erase
the
the
problem.
B
You
can
see
the
change
yeah,
so
this
is
the
actual
change
that
happened
in
the
library,
so
they
removed
these
attributes
because
apparently
they
were
not
used.
They
did
this.
B
Yeah
yeah
just
wanted
to
raise
it
up,
so
we
are
we're
aware
of
it
and
yeah
if,
anyway,
if
anyone
has
some
spare
cycles
and
and
wants
to
get
started
on
it,
that'll
be
great.
A
B
This
is
so
this
I
would
say.
This
is
mostly.
B
This
was
introduced
with
the
new
updates
of
of
opennesses
of
my
open
SSL.
So
it's
a
problem
that
is
not
happening
yet
on
on
on
Linux,
because
the
version
is
not
it's
not
new
enough.
B
So
here,
like
like
the
different
versions,
will
will
raise
the
issue
depending
on
on
whether
they
have
this.
This
comic
that
basically
removes
the
attribute.
B
Now
it
only
happens
on
Windows,
but
that's
the
yeah.
The
issue
is
that
it
us
Ubuntu
catches
up
with
a
with
the
library
version.
Then
it
will
eventually
appear
also
on
on.
So
it's
also
appearing
on
open
SSL
from
conda,
and
it
will
eventually
also
appear
on
on
updated
versions
of
of
the
library
in
Ubuntu.
B
B
Michael
identified
that
this
was
an
initial
work,
I
will
can
be
probably
continue.
B
B
Yes,
so
that's
all
on
my
side
just
wanted
to
mention
this.
A
Okay,
probably
do
you
have
anything.
A
Okay,
on
my
end,
so
since
I'm
going
to
open
this
pull
request,
I
don't
see
how
you
have
done
this
before,
but
I
need
to
add
a
license
to
the
package.
A
B
I
believe,
if
you,
if
you
put
the
license
and
you
have
a
wait.
A
B
I'm
not
I,
don't
know
if
that's
a
requirement
by
itself
but
yeah.
Maybe
it's
good
to
double
check.
A
A
Okay,
that's
that's
it
on
my
side
as
well.
Thank
you
for
that
feedback
and
for
the
contributions.
A
If
you
need
any
help,
I
don't
know
being
a
maintainers
in
the
next
few
days.
If
you
don't
see,
any
results
just
feel
free
to
put
it
on
the
in
the
chat
in
Matrix.