-
Notifications
You must be signed in to change notification settings - Fork 686
Standup Notes 2020 04 30
Participants (alphabetical): Allie, Conor, Erik, Jen, John, Kevin, Mickael, Nina, Ro
-
SecureDrop 1.3.0 Update
-
OSSEC dependency issue: https://github.com/freedomofpress/securedrop/issues/5213
- Let's modify "upgrade" scenario to use cron-apt for use with QA https://github.com/freedomofpress/securedrop/issues/4659#issuecomment-519147471
-
WIP: https://github.com/freedomofpress/securedrop/tree/4659-upgrade-testing-cron-apt
- Discuss cron-apt repo settings post-release (https://github.com/freedomofpress/securedrop/issues/3376)
-
QA matrix for reference: https://docs.google.com/spreadsheets/d/1SlpNf6rq7gI1Pp-hSSLq2ixbrdKiXFGV8kluVMqpQd4/edit#gid=0
-
-
SecureDrop Client Update
- Time to start working on test plan for 0.2.0? - Erik will start drafting
- tl;dr for recommended procedure for setting up staging nightlies?
- Download packages from apt-test and install in sd-app-buster-template
- Make sure to install client/proxy
-
Tech conversations to schedule
-
Follow-up on style discussion / standardization towards use of
blacketc.? -
Get on the calendar post-1.3.0
-
Bionic / server OS discussion; strategy for updating dependencies
-
Get on the calendar post-1.3.0
-
Others?
-
Eventually: CSS and stylesheets in Qt applications -- maybe style as a retrospective, why do we get crashers?
-
Qubes security settings
-
Provisioning story
-
Yesterday:
- Did not get to doing a fresh hardware install on my NUC7s
- Responded to issue discussion https://github.com/freedomofpress/securedrop-client/issues/815 and we've come up with a plan to file a Qt bug and document
- Created a working branch that cleans up client CSS so that we don't run into the reoccuring stylesheet issue that sometimes crashes the application. Researching and documenting what exactly happened with the following three issues: https://github.com/freedomofpress/securedrop-client/commit/53b123f7512144e205dd072cf4185923d0cd25da https://github.com/freedomofpress/securedrop-client/pull/1059/files#r412409560 https://freedomofpress.slack.com/archives/C123KPJ1X/p1587580540071600?thread_ts=1587580363.070300&cid=C123KPJ1X
Today:
- Pairing with Ro and doing a hardware install for QA (even if what I'm doing is redundant, it'll be good for me to run through this again so I'm ready for the next QA period)
- File a Qt bug and send email about https://github.com/freedomofpress/securedrop-client/issues/815
- Create issues for (1) adding input strings unit tests and updating our dev data script, (2) adding tests for some of our manual tests, (3) Cleaning up our CSS so that we don't run into the reoccuring stylesheet issue that sometimes crashes the application
- Update client Test Plan (https://github.com/freedomofpress/securedrop-client/wiki/Test-plan ) to include missing manual tests that we have documented in various PRs and Issues
- If there's time, poke at https://github.com/freedomofpress/securedrop-client/issues/906
Blockers or Asks: None
Yesterday:
- Pilot progress, hurray
Today:
- Standing by to provide review of upgrade scenario changes for SD core
- Write up some thoughts on the salt error messages ("failed to return clean data")
Blockers or Asks:
- Mickael: open PR for upgrade scenario changes?
- Ro: Will ask for scheduling coordination with pilot participants in Wire
Yesterday:
- Grantwriting
- Good call w/ Tor folks re: HTTPSEverywhere UX
- FYI: Two independent .onion features currently in alphas: support for
Onion-Locationheader ("this site has a corresponding onion service") and HTTPSEverwhere ruleset - Nina/Martin/Erik will provide feedback on current implementation in alphas
- After that, we may do a UX exploration around "discoverability" (how does a user find a .onion) and share those w/ Tor for discussion
- FYI: Two independent .onion features currently in alphas: support for
- Tested last change to https://github.com/freedomofpress/securedrop-workstation/pull/533 (RPC PR), ready for (final?) pass
- UX catch-up w/ Nina on security #29, added agreed upon recommendations to issue
Today:
- Grantwriting
- Follow-up on open PRs as warranted
- Close to final round of pre-deployment testing for Redmine 4 upgrade
- Follow on features spreadsheet
- Backlog grooming
Blockers or Asks: None
Yesterday:
- looked at clipboard clearing change for securedrop-client, looks great to me, and just needs test addition
- resubmitted our application to the xen pre-disclosure list
Today:
- quick look at the patch john prepared, looks great to me, will review formally today
- updating SF instance to RC1 for the purpose of workstation testing
- reviewing clipboard clear when ready
- preparing release branches for client, proxy
Blockers or Asks:
- none
Yesterday:
Today:
- 1.3.0 QA
Blockers or Asks:
- None
Yesterday:
- Updating test plan on journalist API checking, may have questions around timing for John
- Provided feedback to features spreadsheet
Today:
- 1.3.0 QA
Blockers or Asks: None other than noted above
Today:
- Did a full testing at https://github.com/freedomofpress/securedrop/issues/5205#issuecomment-621834589
Tomorrow:
- Will pick up reviews as required
Blockers or Asks: None
Yesterday:
-
QA, filed https://github.com/freedomofpress/securedrop/issues/5213
-
Started work on molecule update scenario: https://github.com/freedomofpress/securedrop/tree/4659-upgrade-testing-cron-apt
- Not ready for review but there's a lot of complexity due to apt/apt-test, will open draft for discussion
-
Reviewed Kev's dependency fixes for upgrade
Today:
- More QA
- Help w/ further review/fixes
- review pass on copy paste salt changes + docs
Blockers or Asks: None
Yesterday:
Today:
- support comms
- report-writing, almost done
- qa
Blockers or Asks:
- John will help with cron-apt scenario later--anything I need to know re cron-apt scenario?