Hi Community, Following our most recent bi-weekly meeting, please find below a comprehensive summary of discussions and resolutions. For those who were unable to attend, this summary serves to keep you informed of the latest developments within our community. Additionally, the original meeting invitation can be viewed here[1].
### Security and Compliance: - **Vulnerabilities:** The Seata main project currently has 18 identified security vulnerabilities, while the Seata sample has an additional 59 vulnerabilities as well as 2 external link issues. Furthermore, 3 vulnerabilities were identified on the official website. - **Logo Update:** The Seata logo has been updated to incorporate Apache elements. - **Seata-Go Package Name Change:** The package name for Seata-Go has been changed from `github.com/seata/seata-go` to ` seata.apache.org/seata/seata-go`. This modification is documented in the [pull request here](https://github.com/apache/incubator-seata-go/pull/678). ### Activity Sync: - **Open Source Summer with Chinese Academy of Sciences:** We have submitted a total of 4 topics, including OpenAPI+Authentication, End-to-End gRPC, enhancements to seata-ctl for cluster operations, and adding a raft cluster mode based on rockDB for the configuration center. - **Community Over Code:** Updates on Seata’s cloud-native construction and DevOps practices were shared. ### Release Progress: - **Bottlenecks:** The only remaining bottleneck issue lies within the config module; all other aspects are ready. Resolution to the kryo serialization issue will be deferred to version 2.2. ### Quality Development: - **Unit Testing:** Tasks have been divided on a per-module basis. - **Cluster:** A Proof of Concept (POC) demonstration has been completed and a corresponding PR is under review. - **Compatibility Testing:** Currently, there is no progress to report. - **Performance Testing:** Overall progress stands at 50%. Performance testing is being conducted by module, with a focus on the main project and user transaction interaction pathways. Current issues revolve around compatibility module dependencies. Scenarios for serialization performance testing have been added. ### Technical Solution Discussion: - **Multi-thread Branch Registration Issue:** It was determined that documentation should provide scenarios cues; no technical implementation will be pursued currently. - **Undolog Exceeding 64M Issue:** A split scheme approach will be adopted, with considerations for backward compatibility with unreadable version variables. - **Jackson Security Version Issue:** Discussed, but no detailed conclusion was provided. For those interested in a Chinese version of the meeting documentation, you are welcome to review the notes here[2]. [1]. https://lists.apache.org/thread/s1fp463bps3qs6srgmz2k31jr19h51mq [2]. https://github.com/apache/incubator-seata/wiki/20240427 Warm regards, Ji Min
