From owner-svn-doc-head@freebsd.org Mon Feb 19 18:15:15 2018 Return-Path: Delivered-To: svn-doc-head@mailman.ysv.freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2610:1c1:1:606c::19:1]) by mailman.ysv.freebsd.org (Postfix) with ESMTP id C27A9F175E2; Mon, 19 Feb 2018 18:15:14 +0000 (UTC) (envelope-from bjk@FreeBSD.org) Received: from mxrelay.nyi.freebsd.org (mxrelay.nyi.freebsd.org [IPv6:2610:1c1:1:606c::19:3]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (Client CN "mxrelay.nyi.freebsd.org", Issuer "Let's Encrypt Authority X3" (verified OK)) by mx1.freebsd.org (Postfix) with ESMTPS id 711EA83D84; Mon, 19 Feb 2018 18:15:14 +0000 (UTC) (envelope-from bjk@FreeBSD.org) Received: from repo.freebsd.org (repo.freebsd.org [IPv6:2610:1c1:1:6068::e6a:0]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (Client did not present a certificate) by mxrelay.nyi.freebsd.org (Postfix) with ESMTPS id 6B8671E0B9; Mon, 19 Feb 2018 18:15:14 +0000 (UTC) (envelope-from bjk@FreeBSD.org) Received: from repo.freebsd.org ([127.0.1.37]) by repo.freebsd.org (8.15.2/8.15.2) with ESMTP id w1JIFEWc057254; Mon, 19 Feb 2018 18:15:14 GMT (envelope-from bjk@FreeBSD.org) Received: (from bjk@localhost) by repo.freebsd.org (8.15.2/8.15.2/Submit) id w1JIFEq2057253; Mon, 19 Feb 2018 18:15:14 GMT (envelope-from bjk@FreeBSD.org) Message-Id: <201802191815.w1JIFEq2057253@repo.freebsd.org> X-Authentication-Warning: repo.freebsd.org: bjk set sender to bjk@FreeBSD.org using -f From: Benjamin Kaduk Date: Mon, 19 Feb 2018 18:15:14 +0000 (UTC) To: doc-committers@freebsd.org, svn-doc-all@freebsd.org, svn-doc-head@freebsd.org Subject: svn commit: r51432 - head/en_US.ISO8859-1/htdocs/news/status X-SVN-Group: doc-head X-SVN-Commit-Author: bjk X-SVN-Commit-Paths: head/en_US.ISO8859-1/htdocs/news/status X-SVN-Commit-Revision: 51432 X-SVN-Commit-Repository: doc MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit X-BeenThere: svn-doc-head@freebsd.org X-Mailman-Version: 2.1.25 Precedence: list List-Id: SVN commit messages for the doc tree for head List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Mon, 19 Feb 2018 18:15:15 -0000 Author: bjk Date: Mon Feb 19 18:15:14 2018 New Revision: 51432 URL: https://svnweb.freebsd.org/changeset/doc/51432 Log: Add 2017Q4 core@ entry from matthew Modified: head/en_US.ISO8859-1/htdocs/news/status/report-2017-10-2017-12.xml Modified: head/en_US.ISO8859-1/htdocs/news/status/report-2017-10-2017-12.xml ============================================================================== --- head/en_US.ISO8859-1/htdocs/news/status/report-2017-10-2017-12.xml Mon Feb 19 17:00:06 2018 (r51431) +++ head/en_US.ISO8859-1/htdocs/news/status/report-2017-10-2017-12.xml Mon Feb 19 18:15:14 2018 (r51432) @@ -451,4 +451,119 @@ Limelight Networks (Kevin Bowling) + + + The &os; Core Team + + + + &os; Core Team + core@FreeBSD.org + + + + +

The most significant action by Core during the final quarter of + 2017 was the approval of the new Code of Conduct after a long + period of development and review. Core added a preamble to the + text emphasizing the principles behind the Code of Conduct over + detailed interpretation of the rules. The new code delegates + the handling of complaints to a Code of Conduct review board; we + are currently finalizing practical arrangements around setting + up the review board before announcing the adoption of the new + code.

+ +

John Hixson of iXsystems was proposed, and accepted, as the + first new Project Member under the new rules adopted earlier + this year. Core feels that John is an excellent choice as the + first member, and looks forwards to adding many other project + members in the future.

+ +

There have been some significant changes around the Security + Officer and secteam. Gordon Tetlow has formally taken over the + role of Security Officer from Xin Li. Xin remains an active + member of secteam, and Ed Maste has now joined secteam as well. +

+ +

Gordon joined Secteam at a point where they were struggling + with handling the widely publicised WPA2 vulnerability + (&os;-SA-17:07.wpa), and had an immediate impact simply by + making a public response, even though the technical fixes were + not entirely ready. Gordon's remit from Core is to examine how + Secteam operates and work out how to manage their case-load while + avoiding the problems of burn-out and overload that have impeded + Secteam's effectiveness in the past.

+ +

One of the key problems is that security problems are handled + in a completely separate bug handling system to general PRs. + This is unusual compared to most similar OS projects, and leads + to difficulties in bringing in available talent from amongst the + entire body of &os; developers in order to be able to share + the load and react quickly. Secteam is working with Bugmeister + to enable suitable access controls within our main Bugzilla + instance, so that we can both conform to bug embargoes and other + confidentiality requirements but also make it easy to solicit + fixes from a wider range of developers and to transition + security bugs to open handling like any other bug once there is + no more need for secrecy.

+ +

This quarter also saw the creation of a 10.4-RELEASE branch, + and the extension of the lifetime of 11.0-RELEASE by one month. + The former was in response to requests from a number of + prominent &os; consumers, who needed access to new + functionality but could not immediately upgrade to 11.0-RELEASE. + Releasing 10.4 permitted this without making a significant + extension to the lifetime of the 10.x release series.

+ +

The extension to 11.0-RELEASE EoL was a consequence of failing + to communicate the impending switch to 11.1-RELEASE in good + time. Since this was the first minor version transition under + the new release schedule, in discussion with Secteam and Release + Engineering, we concluded that a delay was necessary to allow + the userbase sufficient warning to upgrade before 11.0-RELEASE + went out of support. This was not a cost-free decision: as + Portmgr reminded us, this affected package building and delayed + implementation of some important updates.

+ +

&os; will be participating in Google Summer of Code again in + 2018. This has become one of our most important routes for + recruiting the new, young developers vital for ensuring the + longevity of the project.

+ +

Pedro Giffuni proposed adopting the SPDX license tagging system + as used by many other projects, including the Linux kernel, in + order to facilitate programatic license management by downstream + consumers. Core agreed enthusiasticly.

+ +

Core has agreed to promote the MIPS architecture to Tier-2 + status.

+ +

A proposal to enhance security by discontinuing HTTP or other + unencrypted channels for all &os; services was not something + Core could approve for the immediate future. While switching to + HTTPS has obvious security benefits, we would need to distribute + appropriate CA certificates as part of the base system and make + certain other changes before this could be achieved relatively + seamlessly. All &os; services are already available over + secure channels, but our documentation did not necessarily + present secure access methods as the preferred routes. Action + is being taken to address the documentation, and this question + will be revisited once the necessary groundwork is in place.

+ +

The fortune(6) program has long been a focus for controversy, + and previous Cores have needed to impose a lock on updates to + the fortune data files. The argument blew up again over the + re-deletion of a number of apparently pro-Nazi quotations. Core + decided that enough was enough and removed all of the fortune + data files except for FreeBSD-tips.dat from the base system. + The tacit approval of many questionable or controversial + opinions by shipping them as a part of the base system is a + liability the project simply cannot afford.

+ +

No new commit bits were issued during this quarter, but we did + see two former committers: Sean Eric Fagan and Wolfram + Schneider, reactivate their commit bits. One committer, Ngie + Cooper, has handed back their bit.

+ +