Meeting notes - 10th December 2020 virtual meeting
Date: 10th December 2020
Participants: Adrian, pepe2k, richb, aparcar, chunkeey, lynxis, nbd, wigyori, stintel, Hauke, jow, Daniel, thess, Rafał, kaloz, blogic, ynezz
Next major release 20.12
Improve release process
- In Hamburg we decided to make releases more often (every 6 months), but nothing changed.
- currently blocked by DSA integration, kernel updates, https, ...
- have snapshot releases in addition?
- Just cut master at a time
- Kernel: Use the testing kernel feature to use the next LTS kernel
- Keep master in usable state, including user space and Luci
- DSA was a problem
- rampis was the first big target which got it with kernel 5.4
- add feature flags?
- add global flag to activate all testing flags
- Needs coordination
- like the experimental flag in the kernel
- two branches will probably not work because we do not have enough manpower
- Daniel will implement this feature flag
Establish ucert key delegation to release image builders
- signed sysupgrade images was added some years ago
- secure master key and delegate keys to the builds
- key revocation is implemented
- not activating by default for now, but sign it and allow to check if.
- this would make it easier for vendors to use strong crypto in their system
- For automatic update this would be needed
- we could also sign a file with the hashes of the images
- do better security review of ucert, when we use it by default people will look closely at it
- canonical format is needed
DSA status
- Missing in LuCI, eta 2-3 weeks
- Missing default network configuration
hostapd: Disable 802.11b data rates by default
- https://github.com/openwrt/openwrt/pull/3654 (3 ACKs, 1 NACK)
- https://github.com/openwrt/luci/pull/4637/ (merged already)
- turn it off
- disabling this would violate the 802.11 standard on some targets where the drivers/firmware fail to adjust the rates that management and control frames are transmitted at to the minimum basic rate that is advertised in the beacon and probe response frames
- works normally
- should be added to the release notes and people can turn it on again.
- enable ieee80211w by default after branching
- John will push ieee80211ax changes after branching
- ieee80211w could cause problems with very broken and/or old devices
- we plan to ignore this
- it should be very easy to disable these features to make old devices work
rtl838x (now 'realtek') status, should be included?
- shouldn't be in the release, experimental
- see also: https://biot.com/switches/
HTTPS in LuCI by "default"
- landing page still on :80 with opt-in (single button enable) for HTTPS?
- no https in release
When to branch?
- proposal to branch of beginning of Jan and get the features which are in and nothing more.
- do not update the wifi driver for now keep them based on kernel 5.8 and do a minor update in March or so with an update to 5.10 based
Releases EOL
18.06 EOL
- is EOL now
19.07 EOL
- 19.07 EOL date extension, currently set to January 2021
- lets figure this out in the next few days and put it on the mailing list
- increase to August 2021 for now
New guideline rules for members?
- Motivation for new rules...
- keep voting on the list
- based on timezone it is hard for some people to join meeting
- having a binding road map will probably not work
- OpenWrt is a hobby project for most of us and we would not commit to this
- For the next meeting people should prepare how we can improve the meeting
- put onto next meeting
Commit Revert policy
- if it breaks just revert it, but inform the person before
- it is not about the person, but about the code
- It is much more important to keep master working
GitLab instance
- possible migration {git,gitlab}.openwrt.org
- CI testing?
- an other part of infrastructure we have to maintain
- Is there an open source gitlab hoster
- The systemd team could host it?
- An overview over the current infrastructure would be nice next meeting
Device metadata policy
- Keep devices/schema in main repo or have them separate (e.g. “devices.git”)?
- does not have to be manually copied to wiki when we have it in git and mandatory for adding a new device
- possible to combine this with board.d files later
- keep it in the main repo makes it easy to check if it is added in a commit which adds a new device
New design/logo status
- Create public “press” repo with logos etc?
- A 2. version was posted in the forum
- a conversion to over a longer time would be ok
- SVG for the (new) OpenWrt logos: https://gist.github.com/jow-/503002651aa3ee3e8803b5ad29abf7ca
Twitter and other (official) social accounts?
- the only official one: https://twitter.com/lede_project (still “LEDE”, time for rebrand?), but:
- Is this handled by someone from the team? https://twitter.com/openwrtdevices
- AFAIK access by lynxis, Adrian, at least one other non-committer
- The twitter owner does not answer we should involve SFC
- For docker it could also work this way
- John takes care of twitter
Move to the next meeting
- Non-public communication, e.g. talking about not published security problems
- continue using contact@openwrt.org for this
- hackers@openwrt.org did not went so well
- use a closed forum category
- think about this topic and discuss about it in the next meeting
- projected EOL for 19.07 currently January, extend to August for now ok?
Next meeting
In about one month, Paul takes care.