Google Git
Sign in
gerrit / homepage / a1ab58fd8e803d3bc31322abb1d1a90b9a6ea6ba^! / .
commita1ab58fd8e803d3bc31322abb1d1a90b9a6ea6ba[log] [tgz]
authorPatrick Hiesel <hiesel@google.com>Wed Dec 02 14:26:52 2020 +0100
committerPatrick Hiesel <hiesel@google.com>Thu Dec 03 12:27:16 2020 +0000
treeb78f09a06ebf55c6f7bc179db2409dbc1acb1bb9
parent2f0b2fe3507d18dbdbc116f0179bcbafaf4893bf [diff]
Publish ESC meeting notes for November 3

Change-Id: I8f7b063affe39cad0abfe37d366dd676871eeb68

diff --git a/_posts/2020-11-03-esc-minutes.md b/_posts/2020-11-03-esc-minutes.md
new file mode 100644
index 0000000..5052fe4
--- /dev/null
+++ b/_posts/2020-11-03-esc-minutes.md

@@ -0,0 +1,68 @@
+---
+title: "Gerrit ESC Meeting Minutes"
+tags: esc
+keywords: esc minutes
+permalink: 2020-11-03-esc-minutes.html
+summary: "Minutes from the ESC meeting held on November 3rd"
+hide_sidebar: true
+hide_navtoggle: true
+toc: true
+---
+
+## Engineering Steering Committee Meeting, November 3, 2020
+
+### Attendees
+
+Ben Rohlfs, Patrick Hiesel, Luca Milanesio, Saša Zivkov, Edwin Kempin (CM, guest)
+
+### Place/Date/Duration
+
+Online, November 3, 11:00 - 12:30 CET
+
+### Next meeting
+
+The next meeting will be held on December 1, 11:00 CEST.
+
+### Organizational
+
+The meeting minutes for this meeting were under embargo until
+the security issue that was discussed was fixed. The issue was made
+public in December 2020.
+
+## Minutes
+
+### Security
+
+Patrick discussed the plan to fix the security issue that makes
+NoteDb content and tags accessible both in the Gerrit branch API
+and in code browsers like Gitiles.
+
+Edwin talked about the analysis of affected version that he
+performed and suggested to fix 2.15-3.3.
+
+Luca stated that many users are still on 2.14 and they could have
+impacted also by the problem.
+
+The consensus is to also try and fix 2.14.
+
+The ESC discussed how the work can be split up. Google volunteered
+to do the backports and Luca and Marco to do the releases.
+
+The ESC had consensus that it will inform contributors and admins of
+known larger installations shortly before the public announcement to
+give them a chance to act before the issue becomes public.
+
+With the public announcement, the ESC will also publish patched
+binaries.
+
+There is consesus that these meeting notes will be kept under an
+embargo until we have published a fix for the issue.
+
+### Testing at scale
+
+Patrick started a discussion around testing at scale. Ben wanted to
+know if Luca offers hosted solutions to clients. Luca said that most
+clients require on-prem installations.
+
+Load testing at scale is something we desire but there was no concrete
+AI for anyone to take here.