TSC Meeting Notes 2019-07-11

Owned by Cary Phillips
Nov 04, 2022

Agenda:

  • Azure progress
  • SonarCloud progress
  • CMake refactor:
    • Does it addresses the open “CMake” Issues? OK to close?
    • Ready to document?
  • CVE/bug progress
  • Google OSS-Fuzz integration?
  • Release prognosis, how close are we?
  • Review issues needing attention

Discussion:

  • Azure/Sonar Cloud

    • Underway, Christine is setting up account for her own github for testing.
    • Need to create accounts for openexr/awsf ultimately
    • ASWF has accounts to use

  • CMake progress

    • Kimball’s got a rewrite up for review
    • Simpler, removed some options, consolidated into a single file
    • IlmBase and OpenEXR are their own projects, using find_package as appropriate
    • Added a root “super project”, it overrides find_package using the current cmake idiom
    • Added config.cmake files for install automation
    • We will give it a spin, and Cary will write instructions

  • Issue backlog

    • Cary’s polling open issues where it’s unclear if an problem still exists. If the issue author doesn’t respond in a week or so, closing with an invitation to re-open
    • Out of memory bugs could be addressed by pre-emptively checking too-large image open requests, and capping the maximum image size.
    • Table allocations could be made on demand, rather than on object construction. See issue 245

  • Release gate factors

    • CMake rewrite
    • Someone needs to vet the autoconf set up to make sure it’s all still functional
    • Security vulnerabilities are the top priority for the next release
    • We can announce an upcoming release at Siggraph, rather than rushing to get a release done

  • Google Autofuzz

    • Clang tidy - consensus: thumbs up
    • CMake option, OFF by default
    • Sonar - consensus: thumbs up
    • Autofuzz - consensus: decline on the grounds that we take security seriously and have invested in a fuzz test that we’d prefer to keep investing in.