December 14, 2017

December meeting 2017

The PSC gathered to discuss the following agenda:

Opening the meeting

Attendees:

Via conference call:

Not present:

Security audit results

Sami described the findings on the security audit. We strongly advise everyone to update to the latest version as soon as possible.

Maintainability and community modules

Sami described the problem of merging more and more of new functionalities and how it affects the ability to ensure they actually work with a new release. One solution would be that we keep doing what we have done and release new functionalities with “it works if not proven otherwise” mentality and the other option is to make an effort to truly keep the core as bug free as possible and introduce new functionalities that might or might not work with the latest release as “community modules”.

It was decided that a community modules repository will be added to oskariorg repositories for server as well as frontend. Functionalities such as the download basket, analysis and any application specific code that we currently have in the codebase will be moved to community modules. When a new functionality is introduced it should only be added to the core if we can assure that it will be updated for each release.

Thoughts of future at NLS Finland

NLS Finland has been thinking of doing proof of concepts with Webpack, TypeScript/ES6+ based version of Oskari frontend with React or Vue.js as the view library. This will probably mean backwards compatibility being broken in one way or another, but it was agreed that upgrading to a new technology stack is something we want to do for keeping up with the tech and attract more developers. The first steps are taken in 2018 and great care is needed to ensure that communication of the change is properly done (migration guide should be provided and old version probably maintained side-by-side for some time). RPC will also be reflected mostly by changing request/event names that are easy to find/replace in existing applications. The discussion will be continued when we have more concrete information about this, but initial ok has been given by the PSC.

Removal of SAML-support

The spring SAML-module (https://projects.spring.io/spring-security-saml/) isn’t actively maintained and is currently blocking some of the library updates that would otherwise improve Oskari. Tampere is heavily invested in using the SAML integration, but support for SAML-based login could be lifted from Oskari to Apache/loadbalancer level. It was agreed that SAML-support can be removed from Oskari in order to update the other libraries.

Projects/current development/future plans

Iceland

Helsinki

Tampere

SITO

Tilastokeskus

Dimenteq

NLS Finland

Roadmap issues

Layer selector OIP approved (https://github.com/oskariorg/oskari-docs/issues/61) and tagged as roadmap item so it can be found through roadmap listing as new development. The actual change to current code is that layer groups (themes/data providers can have multiple levels) and layers can belong to multiple groups. The OIP also covers new optional user interface for layer listing and layer administration. Old admin and layer listing bundles will be updated to support layers belonging to multiple groups, but will not support the tree structure for groups.

Meetings/activity