Engineering and Communication - Dana Robinson on Call the Doctor, May 2, 2023

lori.cooper · May 1, 2023, 11:22pm

Engineering and Communication - Dana Robinson on Call the Doctor, May 2, 2023

Dana Robinson (@derobins) will be hosting Call the Doctor on Tuesday, May 2. Dana is the Director of Software Engineering, and will be using this time to talk about some changes he’s making to the way The HDF Group interacts with our community members.

If you would like to communicate directly with Dana, you can email him at derobins -at- hdfgroup.org.

HDF5 WORKING GROUP
There will be a 1-hour weekly meeting on Thursday at 10 am CDT where we will go over more complicated pull requests, new issues, and discuss library development. This meeting is open to the public. For right now, this will require a Teams invite, which I will be happy to hand out to anyone who wants to join.

We should probably emphasize that this is NOT a replacement for the Call the Doctor session. It’s not for people to ask technical questions. It’s only for developers or people who care about a PR or issue.

HDF5 INTERNALS SEMINARS

These will be informal seminars about library internals on the 4th Friday of every month at 10 am CDT. These will be open to the public, but will also require a Teams invite for now. These will be VERY low level and targeted at library engineers.

BETTER GITHUB ENGAGEMENT

We will be dedicating a rotating engineer to keep an eye on GitHub, so issues should be tagged and triaged within a day of being created. This person will also be responsible for helping to get simpler PRs merged (more complicated PRs will have to wait for the working group meeting, above). The tagging system we have adopted in HDF5 will be exported to HDF4, HDFView, and hsds and I’ll demonstrate that. Product-specific project management on GitHub is being investigated, but is still a work in progress.

HDF5 1.10 RELEASE CHANGES

HDF5 1.10.11 will be released in the fall. This will be the last release of the 1.10 line.

HARDENED FILE I/O AND THE CVE REPOSITORY

We’ve made a pass over the library to harden the layer that reads HDF5 metadata from the disk. It’s now more careful about checking for invalid files and cleaning up resources when mis-parsed files are encountered. This was a frequent source of CVE and oss-fuzz issues. We are also putting together a repository that will consolidate CVE proof-of-concept files and a test script that can be run against any version of the library to see which CVE issues are unfixed (and to ensure we don’t regress).

GitHub

GitHub - HDFGroup/cve_hdf5: For testing CVE issues filed against the HDF5...

For testing CVE issues filed against the HDF5 library - GitHub - HDFGroup/cve_hdf5: For testing CVE issues filed against the HDF5 library

CHANGE COMMUNICATION

I’ll introduce our scheme for communicating changes to our products via the forums and other modes of communication.

To join, just jump on the zoom: https://us06web.zoom.us/s/9828688008
May 2, 2023 12:20 p.m. central time US/Canada
’

lori.cooper · May 2, 2023, 2:42pm

lori.cooper · May 2, 2023, 9:25pm

lori.cooper · May 2, 2023, 9:59pm

Here’s the recording from today’s Call the Doctor:

You can also listen to this episode as a podcast episode.

kittisopikulm · May 3, 2023, 5:45am

@derobins I am interested in the Thursday Teams invite.

derobins · May 3, 2023, 8:16pm

Sent!

Let me know if you didn’t get the invite.