8000 Monthly Chat Agenda September 2022 (2022-09-05 and 2022-09-19) · Issue #2755 · coreruleset/coreruleset · GitHub
[go: up one dir, main page]
More Web Proxy on the site http://driver.im/
Skip to content

Monthly Chat Agenda September 2022 (2022-09-05 and 2022-09-19) #2755

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom
Closed
dune73 opened this issue Aug 22, 2022 · 0 comments
Closed

Monthly Chat Agenda September 2022 (2022-09-05 and 2022-09-19) #2755

dune73 opened this issue Aug 22, 2022 · 0 comments
Labels
🔖 Meeting Agenda

Comments

@dune73
Copy link
Member
dune73 commented Aug 22, 2022
edited
Loading

This is the Agenda for the Monthly CRS Chat.

The general chat is going to happen on https://owasp.slack.com in the channel #coreruleset on Monday, 2022-09-05, at 20:30 CET. That's the 1st Monday of the month. A separate issue chat is happening at the same location, same time on Monday, 2022-09.19. That's the 3rd Monday of the month. Please note that we have a CRS calendar (maintained by @fzipi).

Archived previous meetings and their decision are here.

What happend in the meantime since the chat last month

Outside development

Release Planning

  • We're looking at a security release for some of our bug bounty findings.
  • Developers have access to a private task list. 2-3 PRs are still open.
  • Discuss the investigations of base64 encoded requests (BB 3UWMWA6W)

PRs that have been merged since the last meeting

We merged 30 PRs since the last monthly project chat.

Open PRs

Open PRs marked DRAFT or work in progress or needs action

Sub projects (Formerly: Dev retreat topics)

  • Demo / Sandbox site: We received an informal ModSecurity patch from Trustwave that we installed on the sandbox.
  • Documentation: no news
  • Technical Blog Posts: no news
  • Status page: no news
  • Coraza: Coraza is moving towards v3 and claims to have improved the performance a big deal bringing it on par with ModSec3 on NGINX (which is still way slower than ModSec2 on Apache). Juan Pablo also claims he is closer to solving fundamental problems with NGINX integration of Coraza.
  • GSOC 1: Project Seaweed: We have a robust prototype taking CVE PoCs and running them against the sandbox automatically. See Slack channel #coreruleset-seaweed.
  • GSOC 2: ML integration: We have a PR for a ML plugin.

Other items

Open Issues - Separate Issues Meeting (Monday, 2022-09-19)

  • Anything left to do with the release?
  • Release did not run very smoothly. Lessons learnt (maybe too early, but maybe due)?
  • Dev retreat planning
  • Noteworthy issues: See below

Status of issues covered last month

  • Issue slot 1: #FIXME
  • Issue slot 2: #FIXME
  • Issue slot 3: #FIXME
  • Issue slot 4: #FIXME
  • Issue slot 5: #FIXME
  • Issue slot 6: #FIXME
  • Issue slot 7: #FIXME
  • Issue slot 8: #FIXME
  • Issue slot 9: #FIXME
  • Issue slot 10: #FIXME

Stats

  • Covered in chat: FIXME
  • Closed: FIXME
  • Pending: FIXME

This month's issues

There are FIXME open issues at the beginning of the issue chat.

We generally cover 10 issues per month in a separate issue meeting. Add them as you see fit.

How to get to our slack and join the meeting?

If you are not yet on the OWASP Slack, here is your invite: https://owasp.org/slack/invite .

Everybody is welcome to join our community chat.
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
🔖 Meeting Agenda
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
1 participant
@dune73
0