Attendees: Tilmann Zäschke, Tobias Bouschen, Michael Bouschen, Craig Russell
Next meeting: Tuesday February 20 1100 PST 2000 CET Agenda: 1. GitHub security alert digest Notifications will be sent based on settings. -- derby We would have to update our JDK dependency in order to handle this. But the risk is tolerable due to our usage. Need to disable again. Github security alert digest has details. -- spring-beans update has been merged into main -- JDOHelper XML parsers should not be vulnerable to XXE attacks https://github.com/apache/db-jdo/security/code-scanning/1 AI Tilmann look at possible solutions. 2. New JIRA JDO-838 "Clarify doc for query cancel()/cancelAll()" https://issues.apache.org/jira/browse/JDO-838 3. JIRA JDO-835 "TCK: Check ResultClassRequirementsMap when running multithreaded" https://issues.apache.org/jira/browse/JDO-835 4 JIRA JDO-836 "TCK: QueryCancel Test class fails" https://issues.apache.org/jira/browse/JDO-836 Should be linked with JDO-838 so we can clarify what the expected behavior is. 5. JIRA JDO-831: "tck: improve tck tests for performance" https://issues.apache.org/jira/browse/JDO-831 Michael looked at a few test cases which all consist of a single test method that call different test methods. Good to merge to main. If not merged, discuss at next meeting. 6. sonarcloud issues JIRA JDO-819 "Code quality analysis" https://issues.apache.org/jira/browse/JDO-819 JIRA JDO-823 "Fix sonarcloud issues of type Code Smells" https://issues.apache.org/jira/browse/JDO-823 Sonarcloud link: https://sonarcloud.io/summary/overall?id=db-jdo * Cognitive Complexity of methods should not be too high: https://sonarcloud.io/project/issues?resolved=false&rules=java%3AS3776&severities=CRITICAL&types=CODE_SMELL&id=db-jdo * Raw types should not be used: https://sonarcloud.io/project/issues?resolved=false&rules=java%3AS3740&severities=MAJOR&id=db-jdo 7. JIRA JDO-812 "Move to JDK 11 as the lowest supported version" https://issues.apache.org/jira/browse/JDO-812 8. Other issues Action Items from weeks past: [Jan 09 2024] AI everyone: take a look into the ResultClassRequirementsMap issue. [Jan 02 2024] AI everyone: see if anyone can see a problem with the parallel execution of tests Cast.java and SupportedOptionalMethods.java [Jul 13 2023] AI All Open a new JIRA for Android since having JNDI in the API disallows use with Android [Jun 08 2023] AI All make a JIRA: JDO support for Java Records https://openjdk.org/jeps/395 [Dec 09 2021] AI Craig: Try to contact all current/former participants in JDO development and see if and how they want to be recognized on the JDO and DB web sites.https://db.apache.org/whoweare.html [Oct 07 2021] AI Craig send a private message to all JSR-243 Expert Group members asking if they wish to continue. [Mar 25 2021] AI Craig: investigate "merging" papajdo and apache.clr accounts [Oct 17 2014] AI Matthew any updates for "Modify specification to address NoSQL datastores "https://issues.apache.org/jira/browse/JDO-651 Craig L Russell c...@apache.org
