-
Notifications
You must be signed in to change notification settings - Fork 685
Sprint Planning Meeting 2021 03 24
#Sprint Planning Meeting, SecureDrop, 2021-03-24
https://github.com/freedomofpress/securedrop/wiki/Development-Roadmap
2021-03-25: Audit blog post publication (tentative) / potentially SecureDrop Export release
2021-04-01: Python safety database update
After sprint:
2021-04-13: SecureDrop 1.8.1 (tentative)
2021-04-20: Tails 4.18 release
2021-04-30: 💀 Ubuntu 16.04 end-of-life 💀
🐞 Security triage responsibility: Kev
🌴 PTO check-in:
2021-04-01/02 Mickael (tentative)
(After sprint)
2021-04-09: Erik
📖 Learning time:
- See "other sprint commitments" column on project board
Next SecureDrop Core release:
Option 1: Hold a SecureDrop 1.8.1 point release window for improvements that will ease migrations to Ubuntu 20.04, with 1 week QA period. Plausible release date: 2021-04-13 (starting QA after this sprint).
- Arguments in favor:
- We already have identified some improvements and more may come from first migrations.
- We want to get off Xenial ASAP; keeping 1.8.x the last Xenial release series would help accomplish that.
Option 2: Release SecureDrop 1.8.1/1.9.0 only if necessary, otherwise go straight for 2.0.0.
Option 3: Release SecureDrop 1.9.0 on Tails release schedule (2021-04-20) with misc. fixes and improvements.
ACTION: After discussion, we've settled on Option 1 for now -- a point release. We can decide not to release if we don't have a sufficient number of fixes landed, but we've tentatively scheduled 1.8.1 for April 13, 2021.
- Finalize and land key deliverables for potential SecureDrop 1.8.1 release:
- Exclude SSH tor config from server restores: https://github.com/freedomofpress/securedrop/issues/5833
- Check for SecureBoot setting during install process: https://github.com/freedomofpress/securedrop/issues/5871
- Backup script fix for logos: https://github.com/freedomofpress/securedrop/issues/5868
- Focal-upgrade molecule scenario: https://github.com/freedomofpress/securedrop/issues/5512
- fwupd error in syslog, ossec alert for Focal: https://github.com/freedomofpress/securedrop/issues/5835 (scary error)
-
Restore reproducibility for SecureDrop Workstation build artifacts and update documentation
-
Finalize design for SecureDrop Client Safe Deletion and begin implementation
https://docs.google.com/spreadsheets/d/1nttAOZ2kZGArVCEnJ8hxPu_p5gcdPqXw-R_DnMvK1lc/edit#gid=0