►
Description
wasmCloud is a platform for writing portable business logic that can run anywhere from the edge to the cloud, that boasts a secure-by-default, boilerplate-free developer experience with rapid feedback loop.
A
Welcome
to
awesome
cloud
wednesday
for
january
the
26th
2022.
we've
got
a
fun
meeting
today
and
we'd
like
to
start
with
a
demo.
Today
we're
going
to
have
a
quick
discussion
about
the
cve
that
we
announced
this
week
around
wasn't
cloud
brooks.
B
Yeah,
so
I
wanted
to
talk
a
little
bit
about
the
cv
that
we
found
last
friday
and
remediated
and
wasn't
cloud
version
52.2
and
onward.
Hey
liam.
If
you
give
me
screen
sharing
permission,
I
will
be
able
to
show
off
some
of
that.
I
can
drop
a
link
in
chat
for
anybody
who's
in
the
the
call
for
now,
but
okay,
that's
it
so,
just
a
general
overview.
Last
week
we
we
found
a
vulnerability,
something
in
our
security
model
that
we
needed
to
address.
B
B
So
the
the
title
of
the
the
security-
I
guess
what
it's
called
on
github
is
a
security
advisory,
as
wasn't
cloud
actors
without
signed
capabilities
can
receive
unauthorized
invocations.
So
this
sounds
like
it
affects
a
really
broad
use
case,
but
I
want
to
narrow
in
on
what
the
where
the
vulnerability
actually
was.
So
you
can
read
a
little
bit
about
the
impact
here.
General
suggestion
is
just
to
upgrade
to
0.52.2.
B
Whenever
you
can,
just
a
patch
bump
didn't
have
any
braking
changes
or
anything,
so
you
won't
notice
a
difference,
but
where
this
actually
comes
into
play
specifically
is
when
an
actor
has
been
designed
to
handle
requests
for
a
specific
capability
and
deployed
into
a
watson
cloud
host,
but
not
signed
with
that
particular
capability
and
before
0.52.2.
B
If
it's
been
designed
to
receive
requests
from
capability
providers,
even
if
it
wasn't
signed
with
the
the
capability
and
they
could
still
receive
and
handle
those
requests.
So
to
give
you
a
like
a
concrete
example,
if
we
look
at
our
examples,
repo,
something
that
you
all
have
seen
many
many
times
our
echo
actor,
this
implements
the
http
server
trait
for
an
actor
which
is
just
a
single
handler
single
function
that
handles
an
http
request.
B
Now,
if
you
ran
this
echo
actor
and
it
was
not
signed
with
the
http
server
capability,
it
could
still
receive
requests.
So
that's
what
the
vulnerability
was.
That's
what
we
remediated,
but
I
do
want
to
point
out
that
you
know
the
the
actor
2
capability
provider
side
of
our
security
model
has
been
rigorous
and
unaffected.
So
in
the
scenario
like
a
kb
counteractor
that
attempts
to
access
a
redis
database,
if
it's
not
signed
with
that
capability,
cannot
access
that
that
database.
So
you
know
after
0.52.2
lots
of
twos.
B
Now
both
sides
of
the
actor
to
capability
provider
capability
provider
to
actor
are
the
full,
rigorous
security
that
we
had
previously.
One
way
so
really
important.
To
note
that
you
can't
use
this
to
make
an
actor
execute
arbitrary
code,
you
can't
use
this
to
remote
call
an
actor
that
was
never
designed
to
handle
http
requests.
You
can't
use
this
to
make
that
actor
handle
an
http
request,
or
something
like
that.
B
So
that's
why
the
the
scope
of
this
vulnerability
is
somewhat
limited,
because
you
really
have
to
design
the
actor
to
handle
this
in
order
to
for,
for
this
to
actually
apply
so
yeah
that
that
is
a
pretty
much
the
the
cbe
at
a
bird's
eye
view.
B
You
know,
of
course,
we'll
be
publishing
anything
else
if
we
go
through
this
process
again,
but
for
now,
thanks
for
listening
and
and
for
taking
a
look
at
this,
anybody
have
any
questions
or
or
or
comments
about
about
this
feel
free
to
throw
them
out.
We
can
talk
about
this
more,
but
that
is
all
I
had.
I
just
wanted
to
get
kind
of
a
bird's-eye
view.
A
Brooks
taylor,
everybody
thank
you
for
the
fast
response
on
this
and
getting
this
out,
and
you
know
I
saw
generally
folks,
like
butcher,
were
praising
that,
even
though
we're
not
1.0
yet
that
we
were
really
leaning
in
on
doing
the
right
thing
and
we
you
know
with
so
many
people
in
various
stages
of
experimentation
with
wasmcloud
and
people
in
production.
You
know
we
just
want
to
make
sure
that
we
are
respectful
of
the
cncf
community
and
you
know
try
to
lead
by
example.
A
Here
if
there
are
no
more
questions,
I'm
just
going
to
do
a
quick
call
out
on
the
we're
still
accepting
submissions
for
a
cloud
native
webassembly
day
in
valencia,
spain
and
as
a
quick
reminder,
if
you
have
a
general
admission
ticket,
it
includes
access
to
all
of
the
content.
This
year
we
were
one
of
the
higher
performing
days.
A
We
had
around
300
people
attending
webassembly
day,
most
of
which
were
remote
for
kubecon
us
and
our
intention
ralph
squatchy,
and
I
our
co-chairs
is
to
make
this
one
the
biggest
and
best
one.
Yet
so
we
are
going
to
try
to
get
people
registered
and
continue
to
build
the
kind
of
cloud
native
webassembly
community
that
we're
proud
to
be
a
part
of
we
are.
We
did
receive
the
gold
dni
award
last
year
and
we're
gonna
try
to
make
it
two
for
two
for
two
on
the
with
the
next
one.
A
So
if
you
have
any
questions
or
you're,
considering
speaking,
please
do
not
hesitate
to
reach
out
to
me,
I'm
happy
to
give
a
guidance
and
advice
or
suggestions
on
content
or
format
or
submissions
and
we're
just
so
excited
to
bring
and
display
some
of
the
community's
work
out
here.
So
you
still
have
a
couple
weeks
left
cfp
closes
mid-february.
A
B
I
have
two
two
issues
for
the
community
call
out
this
week.
The
first
one
has
been
partially
addressed,
auto
key
generation
reads:
keys
to
disk
is
world
readable.
This
is
a
permissions
thing
on
from
wash
when
you
generate
keys,
you
can
write
them
to
or
when
you
sign
a
module
or
use
the
makefile,
it
auto-generates
keys
for
you
and
writes
them
to
disk.
B
We've
already
resolved
this
for
unix
systems,
but
we're
really
looking
for
a
little
bit
of
help.
Anybody
who
has
a
windows,
machine
or
experience
developing
on
windows
with
rust,
we're
looking
for.
You
know
a
simpler
way
to
do
this,
to
change
the
permissions
of
keys
that
are
written
to
disk
on
windows,
so
the
api
is
a
little
bit
different.
B
It
looks
like
there's
a
crate
that
dan
found
called
win
api
that
may
be
able
to
augment
this,
but
if
anybody
has
a
windows,
machine
or
a
testing
environment
and
rust
experience
with
windows,
it's
a
great
one
to
pick
up
taylor.
A
Yeah,
I
just
wanted
to
add
a
little
bit
of
commentary
to
this,
so
I
tried
to
figure
this
out
for
another
rest
project
bindle
and
got
nowhere
using
win
api
and
all
that.
Basically,
because
I
am,
I
do
not
know
windows
foo.
So
what
we're
looking
for
here
is
someone
who
knows
windows
foo,
even
if
you
did
it
in
the
past
and
knows
the
windows
apis,
because
I
couldn't
make
heads
or
tails
of
digging
through
all
the
docks
on
the
windows,
apis
of
which
thing
would
set
the
proper
permission
without
screwing
something
majorly
up.
A
So
this
is
where,
like
really,
if
you,
even
if
you're
not
familiar
with
with
rust
or
whatever-
and
you
know
like
you're-
going
to
be
probably
calling
the
windows
apis.
So
if
someone
knows
if
someone
knows
how
to
to
do
this
with
windows
and
can
help
out-
or
even
just
like
say-
oh
hey,
here's
the
windows
apis.
I
don't
know
I'm
not
going
to
try
to
do
and
rust.
A
Any
of
those
kind
of
things
would
help
for
this
issue
because
it
would
solve
it
for
multiple
repos,
because
we'd
do
it
here
and
then
I'd
go.
Do
it
in
bindle
and
anywhere
else,
we
start
doing
things
on
multiple
operating
systems
with
rest.
So
I
just
wanted
to
clarify
that
there
that
it
really
like
it's,
it's
probably
going
to
require
someone
who
knows
windows
foo
or
is
good
at
reading
the
windows
api
documentation,
which
apparently
I
am
not.
B
Yeah
and
you
know
making
any
progress
there,
if
you
have
anything
to
share
about
the
windows,
api
just
feel
free
to
leave
any
comments
on
this
issue,
all
right.
Moving
on
to
the
and
then
second
and
last
community
call-out
for
this
week
is
another
feature
for
wash.
We
added
the
scale
actor
command
to
the
control
interface
client.
This
is
a
declarative
on
this
host.
Make
sure
that
there
are
this
many
instances
of
an
actor
which
is
a
really
useful
way
to
develop.
B
Instead
of
starting
three
actors
starting
three
more
actors,
starting
three
more,
you
can
just
start
it
with
nine
or
you
can
you
can
scale
directly
to
nine,
I
mean
so
we'd
love
to
have
this
support
in
wash
as
well
since
it's
on
the
control
interface,
and
so
a
lot
of
this
should
be
using
the
existing
scaffolding
for
commands
and
the
existing
control
interface
client
to
add
another
command
to
wash
so,
if
you're
interested
in
getting
in
a
good
another
good
first
issue
or
something
that's
gonna,
be
really
high
impact
for
us.
B
This
is
another
great
one
to
start
out
on,
so
that
is
our
community
callout.
For
this
week,
as
usual,
I
will
post
it
in
slack
and
on
twitter,
but
if
anybody
has
any
questions
now
feel
free
to
ask
because
well
you
have
us
all
right
here.
A
That's
super
brooks,
jordan,
are
you
on
today,
jordan
has
been.
We
are
yes,
oh
you
are
on
waldo.
I
didn't.
I
couldn't
find
it.
Where
is
waldo
the
do
you.
I
know
you've
been
working
a
bit
on
the
the
training
and
the
tutorials.
Did
you
have
anything
you
wanted
to
share
or
demo
or
get
early
feedback
on,
or
are
you
still
kind
of
researching
platforms
and
options?
There.
C
But
I'll
plan
on
sharing
that
next
week
and
I
think
we've
got.
B
Some
pretty
good
sorry
about.
C
The
dog
pretty
good
headway
that
I'm
excited
to
move
soon.
A
All
right,
that's
great!
Well,
I
look
forward
to
that
next
week.
I
guess
we'll
go
ahead
and
take
a
step
back
and
maybe
maybe
one
other
minor
update
for
the
machine
learning
work
stream.
We
have
moved
and
committed
to
meetings
every
other
week
on
thursdays
right
now.
I
think
we're
at
three
o'clock
eastern.
So
if
anybody
wants
to
be
added
to
those,
let
us
know
we
are
still
recording
those
and
putting
those
up
on
on
the
youtube
channel,
so
you
can
get
caught
up
offline.
A
We
are
just
racing
towards
a
quick
demonstration
of
the
capabilities
with
some
huge
input
by
andrew.
Thank
you
so
much
and
christoph
who
is
in
the
eu-
and
this
is
not
a
great
touch
base
time
for
him.
There's
also
still
the
channel
on
our
slack
if
you'd
like
to
join
and
follow
there
and
there's
a
machine
learning
repo
available
up
on
the
wasm
cloud
github
to
follow
along.
A
A
A
All
right,
I
think
that
may
wrap
us
up
for
this
week.
Thank
you
so
much
for
attending
I'm
gonna
go
and
stop
recording
and,
as
usual,
we
can
hang
out
and
just
chit
chat
a
bit
along
the
way
have
a
great
week.
Everybody.