On Wed, Sep 10, 2025 at 01:59:19AM +0200, Mark Wielaard wrote:
> Sourceware Together.
> Cyber Security, Community, Servers and Forge Experiments.
>
> Friday Sep 12, 16:00 UTC
> At #overseers on irc.libera.chat
For those who couldn't make it this Friday here is a summary of some
of the things discussed:
- The U-Boot project is looking at becoming an SFC member project. And
find a new home for mailing lists and a git forge (looking at
migrating from gitlab to forgejo).
- We can offer mailman mailinglists (on a subdomain) with patchwork
and public-inbox.
- Our forge is still experimental, is fairly specificly setup for
current projects (e.g. no issues, but bugzilla) and CI is still
somewhat experimental. Their gitlab usage atm makes heavy use of
CI, but still heavily email based for reviews like us. Recommended
to first look at codeberg for forgejo hosting since our forge is
so experimental.
- Cyber Security
https://sourceware.org/cyber-security-faq.html has been updated.
- Executive order to rewrite NIST SP 800-218 (SSDF)
Which shouldn't really impact current projects although there were
some suggestions to follow some of those recommendations that now
might change.
- The EU CRA presentation by the FSFE is now linked.
https://bbb.sfconservancy.org/playback/presentation/2.3/babe1c4c9dd3c9a100ec39cd9ce41cba18133d2d-1752767944363
Might be interesting if you want more background info on the CRA
- Sample CRA request reply template
If you have to reply to those companies asking about the CRA and
you like them to contribute back.
https://sourceware.org/cyber-security-faq.html#eu-cra-reply
- Migration to the bigger server we got last month
https://sourceware.org/sourceware-wiki/Migration2025/
- Sadly it got installed in the wrong rack in the new datacenter, it
has to be moved first before we get (network) access. So we
haven't been able to prepare for the migration yet. Once we get
access to the new machine (next week?), we can start prototyping
things along the migration ideas. If they are workable, then
transition will be possible this year. The current two servers
still in the old datacenter will move after the transition, either
late this year (November) or early next year (Q1).
- If people have input on the new setup that would certainly be
appreciated. Please feel free to edit the (somewhat stub) wiki
https://sourceware.org/sourceware-wiki/Migration2025/
- The forge is a separate VM/Machine that isn't moving till 2026.
- Lots of exciting developments on forge.sourceware.org
- Richard made a good list of proposed labels
https://inbox.sourceware.org/600b7dda-e760-4606-9c2d-c57333941...@arm.com/
Having a good/consistent set of labels makes all kind of auto
assignment/tasks/actions/etc easier to design.
- Claudio is rewriting the part of batrachomyomachia that deals with
the scratch git repositories to make sure all messages are
reliably picked up.
- Christophe got check_GNU_style.py and git_check_commit.py working
as an action on merge requests.
- Linaro Jenkins polls the forge for open PRs and checks if it has
already executed the tests. If no, it triggers builds in Linaro
Jenkins, using Linaro machines and reports the results in the PR.
- We should look at other things we could turn into Actions.
Pietro just submitted a make tags checks for gdb. The various
autoregen builder checks. Maybe Arsen's gcc doc generation script
so that if you submit a doc patch it runs all the formats (it
already caught an issue with the pdf generation which normally
only gets caught/run at release time). gdb's python formatter
check
- Cauldron (in two weeks!) schedule has been published
https://conf.gnu-tools-cauldron.org/opo25/schedule/
There are various interesting sessions on patch review, bug,
databases, testsuites, onboarding new developers, workflows,
CI and the forge where Sourceware infrastructure can help
automate.
