The weekly governance call is open to the community members who care about governance issues. The call is held 9-11AM PST on Fridays.
July 30, 2021
- Attending: Fernando, Brian, Sharan, Darian, Steve, M, Rollin Thomas from NESRC/LBL.
- Rollin is working on Jupyter security and came to the call to discuss the Jupyter Security subproject
- Security workshop co-organized by Rick Wagner at PEARC’19.
- Jupyter is more and more used as an entry point for HPC facilities.
- There will be a workshop on interactive HPC at SC’21 where this topic will be relevant.
- Rick and Rollin are organizing a Jupyter Community Workshop on security.
- Plan
- Formally nominate a Security Subproject (was already named in the previous PR).
- Project Jupyter | Security landing page. See e.g. the Apache landing page: ASF Security Team | Apache Software Foundations
- GitHub - jupyter/security repo. Can be used as a generic team compass space to coordinate this.
- That repo will be managed by a Security github team in the org.
- Regular (bi-weekly or monthly) Security meetings announced on the Juptyer community Google Calendar.
- Manage the Security Google Group and email address - https://groups.google.com/g/ipython-security
- Rollin et al have invited developers of OpenOnDemand, as it’s also quite often used as a way to deploy Jupyter in many academic organizations.
- Community/documentation issue: there will likely be a lot of demand on this team for help/support/best practices, esp. from non-experts in security who are facing deployment/usage issues in their organizations.
- Where to do outreach?
- Jupyter itself.
- 2i2c and Syzygy
- OpenOnDemand
- MagicCastle
- Other potential connections
- MIT Lincoln Labs, SDSC have their own proxy.
- WholeTale (Victoria Stodden, Matt Turk, NCSA)
Discourse announcement: Project Jupyter Security Subproject