2015-02-26 Developers Forum

How to Join

Agenda

• Quickly review previous meeting minutes (5 min)

• Review next meeting agenda

Minutes

View at notes.openmrs.org

OpenMRS Developers Forum 2015-02-26

Recording: http://goo.gl/vXRKbx (audio) https://connect.iu.edu/p5ctz2i9eyl/ (Adobe Flash)

Attendees:

• Michael Downey

• Suranga Kasthurirathne

• Daniel Kayiwa

• Sherif Koussa

• Aniketha ____

• Bhavana ____

• Sashrika ____

• Ryan Yates

• Ada Yeung

• Tharunya ____

• Sandeep Raparthi

• Manika Maheshwari

• Maurya _____

• Sara Armson

• Willa

• Paul Biondich

• Jennifer Masters

• Rafal Korytkowski

• Kaweesi Joseph

• Darius Jazayeri

• Saptarshi Purkayastha

Agenda & Notes

• Review last week's TODOs

• TODO: Burke to define the explicit Upstream coordinator role and look for someone(s) to fill it (follow up)

• TODO: Suranga to follow up on someone to See if we could make a script to Create a database/table/document to  track libraries (someone?). Joseph Kaweesi was working on a module to  show dependencies.

• TODO: give someone the authority to run with Spring – i.e., Burke will reply to existing dev thread and see if someone (Lluis, Kirs, others) who wants to dig into Spring. 

• (Work continues with Kris Schmidt et al)

• Does non-backward compatible Platform 1.x changes mean we bump to Platform 2.0 per http://semver.org/ ?

• TODO: Jeff Rafter looking at Adapting GitHub-Discourse badge code https://github.com/discourse/github_badges/blob/master/plugin.rb to our needs

• No updates ... any other volunteers?

• TODO: Saptarshi spec out a Moodle server based on our usage plans (test server is up, starting to develop question content)

• TODO: Saptarshi figure out how to get data out of Moodle (see above)

• Introduce newcomers (Suranga)

• OpenMRS Dev Basics quiz content review (Saptarshi)

• Action items for security issues (Sherif)

• Following up on the 3 December presentation

• https://openmrs.atlassian.net/wiki/display/docs/Top+Vulnerabilities+in+Java+Web+Applications

• https://openmrs.atlassian.net/wiki/display/docs/Simple+Secure+Coding+Checklist

• http://findbugs.sourceforge.net/ - Has a set of rules that can be used to evaluate security

• SonarQube is already running this. https://ci.openmrs.org/sonar/

• Anyone who is interested in helping on this evaluation, please let us know here:

•  https://talk.openmrs.org/t/using-findbugs-to-look-for-vulnerabilities/1238?u=michael

• How to make upgrades more successful (?)

• After Action Review

• What did you expect to happen?

• What actually happened?

• What can we do better?

• Acton items

• Create an action team on talk (done) 

•  https://talk.openmrs.org/t/using-findbugs-to-look-for-vulnerabilities/1238?u=michael

• Evaluate wether we can use sonar findbugs, and add the additional security rules

• Asssit Sherif with setting up openmrs with a commercial security tool

• Preview next week

TODOs

Transcripts