Please find below the Minutes of Meetings and recording for the SECCOM meeting that was held on 5th of July 2022.
| Jira No | Summary | Description | Status | Solution |
|---|---|---|---|---|
Waiver Analysis | Waiver analysis was reviewed.
| Pawel to check formatting for versions_xfail.txt and Jakarta - checked it is ok. Specific tickets to be opened for projects. | ||
| Next LFN events | ONE Summit NARegistration Open
LFN Developer & Testing Forum NARegistration Open
| Proppsals to be submitted. David to be contacted and invited by Maggie to SECCOM meeting. | ||
Update on Jakarta release | TSC approved the sign off of the Jakarta release on June 30th Security tests results at 60%: https://logs.onap.org/onap-integration/daily/onap-daily-dt-oom-jakarta/2022-06/30_04-01/ https://wiki.onap.org/display/DW/Jakarta%3A++Lessons+Learned | |||
| SBOM status update | Muddasar contacted with several PTLs and waiting for their feedback. | We need LF IT support, GB was informed by Amy. We ned to run SBOM in the pipeline. Amy to talk to Kenny, Muddasar and Ranny. | ||
| Technical debt | Muddasar reviewed Jira tickets recently. Some PTLs are using TechnicalDebt tagging and some not at all. Grooming the tickets would be helpful. Updating packages is technical debt for us. | |||
| OSA branch | WE have not had any vulnerability raised within the process, so nothing to be added in OSA for Jakarta release. | Thomas to be contacted during unmaintained meeting on Monday. | ||
| Last SECCOM meeting link | 2022-06-28 Security Subcommittee Meeting Notes | |||
| DevOPS Pipelines IRS presentation | ||||
SECCOM MEETING CALL WILL BE HELD ON 12th OF July'22. | Potentially session with David Wheeler on SBOM. Overview of Tata Communications DTF presentation on their production logging implementation |
Recording:
SECCOM presentation: