2015-02-26 Developers Forum

Owned by Former user (Deleted)

Last updated: Mar 04, 2015 by Burke MamlinVersion comment

3 min read

How to Join

Click here to expand...

By Browser

https://www.uberconference.com/openmrs

By telephone

US telephone number: +1 201.479.2627

Agenda

Quickly review previous meeting minutes (5 min)
Review next meeting agenda

Minutes

View at notes.openmrs.org

OpenMRS Developers Forum 2015-02-26

Recording: http://goo.gl/vXRKbx (audio) https://connect.iu.edu/p5ctz2i9eyl/ (Adobe Flash)

Attendees:

Michael Downey

Suranga Kasthurirathne

Daniel Kayiwa

Sherif Koussa

Aniketha ____

Bhavana ____

Sashrika ____

Ryan Yates

Ada Yeung

Tharunya ____

Sandeep Raparthi

Manika Maheshwari

Maurya _____

Sara Armson

Willa

Paul Biondich

Jennifer Masters

Rafal Korytkowski

Kaweesi Joseph

Darius Jazayeri

Saptarshi Purkayastha

Agenda & Notes

Review last week's TODOs

TODO: Burke to define the explicit Upstream coordinator role and look for someone(s) to fill it (follow up)

TODO: Suranga to follow up on someone to See if we could make a script to Create a database/table/document to track libraries (someone?). Joseph Kaweesi was working on a module to show dependencies.

TODO: give someone the authority to run with Spring – i.e., Burke will reply to existing dev thread and see if someone (Lluis, Kirs, others) who wants to dig into Spring.

(Work continues with Kris Schmidt et al)

Does non-backward compatible Platform 1.x changes mean we bump to Platform 2.0 per http://semver.org/ ?

TODO: Jeff Rafter looking at Adapting GitHub-Discourse badge code https://github.com/discourse/github_badges/blob/master/plugin.rb to our needs

No updates ... any other volunteers?

TODO: Saptarshi spec out a Moodle server based on our usage plans (test server is up, starting to develop question content)

TODO: Saptarshi figure out how to get data out of Moodle (see above)

Introduce newcomers (Suranga)

OpenMRS Dev Basics quiz content review (Saptarshi)

Action items for security issues (Sherif)

Following up on the 3 December presentation

https://openmrs.atlassian.net/wiki/display/docs/Top+Vulnerabilities+in+Java+Web+Applications

https://openmrs.atlassian.net/wiki/display/docs/Simple+Secure+Coding+Checklist

http://findbugs.sourceforge.net/ - Has a set of rules that can be used to evaluate security

SonarQube is already running this. https://ci.openmrs.org/sonar/

Anyone who is interested in helping on this evaluation, please let us know here:

https://talk.openmrs.org/t/using-findbugs-to-look-for-vulnerabilities/1238?u=michael

How to make upgrades more successful (?)

After Action Review

What did you expect to happen?

What actually happened?

What can we do better?

Acton items

Create an action team on talk (done)

https://talk.openmrs.org/t/using-findbugs-to-look-for-vulnerabilities/1238?u=michael

Evaluate wether we can use sonar findbugs, and add the additional security rules

Asssit Sherif with setting up openmrs with a commercial security tool

Preview next week

TODOs

Transcripts

Audio recording of the call: Listen online or download (available after the meeting)