JupyterHub and BinderHub Team Meeting

• Date: Tuesday 17th January 2023

• Time: 6PM Europe/London

  • Your timezone: https://arewemeetingyet.com/London/2023-01-17/18:00/Hubs-Team-Meeting

• GitHub issue: jupyterhub/team-compass#582

• Calendar for future meetings: https://jupyterhub-team-compass.readthedocs.io/en/latest/meetings/index.html#meeting-calendar

By participating in this meeting, you are agreeing to abide by and uphold the Code of Conduct. Please take a second to read through it! :pray:

Welcome to the Team Meeting

Hello!

If you are joining the team video meeting, sign in below so we know who was here. Roll call:

• Min / Simula / @minrk (will be late)

• Blessing / Outreachy / @bl-aire

• Sarah / 2i2c / @sgibson91

• Erik / 2i2c / @consideRatio

• Simon / University of Dundee / @manics

• Eskild / Quansight / @iameskild

• Wayne / Upstate Medical University / @fomightez

• Yuvi / 2i2c / @yuvipanda

• Sheila / Outreachy / @Sheila-nk

Introductions

If this is your first time attending the meeting, add your name below and we will ask you to introduce yourself on the call :)

• Morgan Radic

• Sheila Kahwai

Quick updates

60 second updates on things you have been up to, questions you have, or developments you think people should know about. Please add yourself, and if you do not have an update to share, you can pass.

• Min: move away from problematic referer checks to xsrf tokens ready for review: jupyterhub/jupyterhub#4032 (thanks for Oksana for selenium tests that help ensure actual pages work, not just test requests)

Reports and celebrations

This is a place to make announcements (without a need for discussion). This is also a great place to give shout-outs to contributors! We’ll read through these at the beginning of the meeting.

• Erik: @dolfinus has made a lot of thorough PRs to KubeSpawner - such as adding tests! (List of PRs)

• Erik: @bollwyvl for work in jupyterhub/jupyter-server-proxy regarding tests!

Agenda items

Let’s collect all potential agenda items here before the start of the meeting. We will then attempt to create a coherent agenda that fits in the 60m meeting slot. If there are similar items try and group them together.

• Min (5m): Outreachy for Spring. Do we do it, or wait for Fall? We need project ideas, mentors and especially volunteers for the application period. First deadline is already Feb 10, which is before our next meeting! jupyterhub/team-compass#612

  • Money from Outreachy for two interns

  • We need mentors to help detail projects for the interns

• Sarah (probably following on from Min’s topic): What does the JupyterHub community want the Strategic Lead to focus on? What outside Outreachy is important to prioritise? Is Outreachy a top priority or not?

  • Sarah acting the community coordinator

  • Sarah concerned about the additional work that Outreachy would involve, would there be other community things that you would prefer Sarah work on?

  • Sarah has been working on Outreachy guide.

  • Simon: what are other things Sarah could spend time on?

    • Restructure this meeting. Can be challenging for new attendees. Proposal, two meetings

      • Collaboration cafe:

        • Sarah’s hackmd: https://hackmd.io/@sgibson91/SyD50E2qo

        • emergent topics

        • always run a onboarding breakout session each meeting

        • use breakout rooms / pomodoros to break things down so attendees can work on what they’re interested in.

      • Steering meeting:

        • still open

  • Yuvi: Outreachy is still important for community health long term. Look for someone else to be the Outreachy coordinator.

    • Participate in the way we want, but let’s not forego it altogether.

    • Make an annoucement on Discourse.

    • Keep in mind which Outreachy round (sping or fall) we participate in so that we don’t always exclude those from the southern hemisphere.

  • Min: annual Outreachy participation?

    • How do we integrate Outreachy into our “daily” process so that we can handle participating twice a year?

  • Sarah: her action items

    • Make Discourse post calling to action for mentors and a new community coordinator

    • Continue to update the JupyterHub Outreachy guide.

• Min (5m): Interest in / resources for a Jupyter roadmap/strategic planning event/workshop/asynchronous period, etc.?

  • It might be time to get together to “plan” as a team be this in-person or virtual.

  • CZI grant might be able to used for this.

• Erik (3 min): BinderHub 1.0.0

  • Declare intent to go for SemVer versioned releases with changelog going onwards, software package and Helm chart still bundled

  • We are currently at version 1.0.0-0.dev.git.3002.h5f189ce

  • It’s time for regular releases.

    • Can we confirm that there won’t be any breaking changes for the foreseeable future?

      • Min: don’t set the bar too high

    • Create an issue and start listing all the things that need to be wrapped before the release.

• Erik (5 min): Overview of major releases to be made

  • z2jh, jupyterhub, kubespawner, oauthenticator all includes breaking changes, so we have z2jh 3, jupyterhub 4, kubespawner 5, and oauthenticator 16 coming up.

  • Call to action: help get any breaking change reviewed and merged so we can get many of these releases to go hand in hand for z2jh.

    • Min’s jupyterhub PR about XSRF tokens: jupyterhub/jupyterhub#4032

    • Yuvi’s kubespawner PR about merging dictionaries instead of overriding them jupyterhub/kubespawner#650

      • Yuvi would love for someone else to pick it up and finish it if possible

    • A unreleased regression relevant fixing before releases of oauthenticator: jupyterhub/oauthenticator#564

    • These releases don’t need to be made around the same time but if they are, it would reduce the number of communications.

    • Min: don’t wait on JupyterHub

    • z2jh is a distribution collecting many packages, does it make sense to explore calver? https://jacobtomlinson.dev/posts/2023/sometimes-i-regret-using-calver/

• Erik (3 min): Lower Dependabot’s frequency to update GitHub actions

  • Currently weekly updates are made

  • Do we have agreement to go for monthly updates going onwards? (Min +1!)

  • If quick update is needed, one can trigger updates via a “Last checked ” link available at <jupyterhub/jupyterhub to maintainers>

  • Switch from weekly to monthly updates; manual updates are still possible (workflow_dispatch)

    • Agreed to switch to monthly dependabots updates

• Erik (after meeting ?): Discussion about an untested security vulnerability patch

  • I’d like us to find a way forward

  • Related discussion for JupyterHub team members: orgs/jupyterhub

  • Test the untested security vulnerability patch in a production environment.

  • Email Greg Werner

  • Or potentially remove LTE 1.3 (keep 1.1)

  • Can we just release the patch regardless? If this breaks the LTE that’s better than the lingering security vulnerability.

  • Deadline: decide one way or another by Wed January 25

    • Otherwise Erik to remove LTE 1.3.

• Simon: Readthedocs for Z2JH are not versioned.

  • Build the docs based on ref and/or tag

  • Adding a dropdown to the rtd theme to access older tagged docs