| Time | Item | Who | Notes |
|---|
| 5m | Agenda and action item review |
|
|
| Stock management extension point issue https://forum.openlmis.org/t/extension-point-configuration/5683 | Klaudia Pałkowska Adrian Świszcz (Deactivated)(from last time) | - see forum thread
- see https://openlmis.atlassian.net/jira/software/c/projects/OLMIS/issues/OLMIS-6911
- has upgraded Spring Boot from 1.3.3 to 2.2.2 in openlmis-example repo - to see effect on bean extension. The extension worked in the example repo and so there is not certainty on why it doesn't work in Stock Management.
- Examined if the classes make it into the output jar, and they are - both in stock mgmt and example repo. Doesn't appear to be a build issue, but it doesn't appear to be. Appears to be runtime.
|
| Security Vulnerabilities | Chongsun Ahn (Unlicensed) | - JS Libraries
- Outdated
- August Angular 1.8 is now EOL 2021
- JS Libraries
- Outdated?
(from last time) - this is bad
- We haven't made any in-roads on upgrading / switching this out (e.g. angular2react)
- 2 parts:
- various repos with JS there are security vulnerabilities
- some of these we think are reported as critical, however we likely haven't analyzed them for our priority
- Do we have a plan for how to address the security vulnerabilities?
- idea: we could create issues for them and enter them into the tech-debt backlog (Jira sprint), we'd still need a grooming process for it.
- examples: https://github.com/OpenLMIS/dev-ui, https://github.com/OpenLMIS/openlmis-ui-layout
- JS build tools appear to be quite out of date - appear to be blocked by RAMLTester
- would we re-write our integration tests and/or move away from RAML
- The overall picture is around our plan for tech-debt:
- With less capacity we no longer have the 20% for tech debt clean-up.
- Could plan it at the beginning of every release is to schedule in a clean-up of a specific aspect
|
| AOB |
|
|