-
Notifications
You must be signed in to change notification settings - Fork 687
Standup Notes 2021 04 01
Erik Moeller edited this page Apr 2, 2021
·
1 revision
Participants (alphabetical): Allie, Conor, Erik, John, Kevin, Kushal, Ro
- Finalize and land key deliverables for SecureDrop 1.8.1 release
- Restore reproducibility for SecureDrop Workstation build artifacts; update docs
- Finalize design for SecureDrop Client Safe Deletion and begin implementation
- Kev solved git-lfs issue; this surfaced a new Python version mismatch w/ CI. Solved by building a new cython wheel.
- Kushal is requesting another round of review of https://github.com/freedomofpress/securedrop-debian-packaging/pull/238 to verify that results match his testing
- If this PR is merged, wheels need to be rebuilt and sha256sums updated
- Conor will do more testing/review on #238 today
Expected benefits of #238
we can ensure that the localwheels/*.whl files are built reproducibly, even when pip upgrades introduce breaking changes
we can potentially build the packages offline and without code execution
we can make CI faster, by installing the build deps from wheels, rather than building from source
we avoid repetition of costly build times for packages with complex dependencies (e.g., cryptography)
we avoid a dependency on third party wheels, mitigating risk of supply-chain attacks
- Walkthrough of Nina's Qubes app menu work
Yesterday:
- Finished reviewing John's PR
- Started debugging double export issue: https://github.com/freedomofpress/securedrop-export/issues/66
Today:
- UX meeeting on new Qubes designs
- Continue https://github.com/freedomofpress/securedrop-export/issues/66
- Review https://github.com/freedomofpress/securedrop/pull/5885
Blockers or Asks:
- None
Yesterday:
- upgrade boxes for focal spike, no working setup yet. disk problems in libvirt, possibly efi-related
Today:
- review reproducible wheels PR
- file follow-up issues related to reproducible wheels
Blockers or Asks:
Yesterday:
- Safe Deletion Client kick-off
- Still no repro on updater hangs
Today:
- Will poke at making updater & xfce script more resilient, even in the absence of a clean repro
- Phone screen for Internews fellowship
- Docs/support work
Blockers or Asks: None
Yesterday:
- finishing #5881
- meeting
Today:
- reviewing #5696 (JI delete user confirmation modal)
- trying to sort out the CI apparmor failures for #5878
- Upgrade scenario investigation
Blockers or Asks:
-
qubes focal staging users: are you having consistent problems installing local copy of securedrop-grsec?
- Conor may have an existing workaround and will poke around
Yesterday:
- logo backup PR
- reproducible wheels PR
Today:
- support issues
- cont'd work on disable-SSH-in-backups ; refreshing config on Tails as well
Blockers or Asks:
Today:
- Updates to the reproducible wheels PR
- Trying to figure out a way to do everything on Debian Buster, so that we can verify new wheels in CI. Tomorrow:
- HOLIDAY !!!!! Blockers or Asks:
- None
Time off
Yesterday:
Today:
Blockers or Asks: