Dana Robinson, Director of Software Engineering, announced some changes he’s making to the way The HDF Group interacts with our community members.
If you would like to communicate directly with Dana, you can email him at derobins -at- hdfgroup.org.
HDF5 WORKING GROUP
There will be a 1-hour weekly meeting on Thursday at 10 am CDT where we will go over more complicated pull requests, new issues, and discuss library development. This meeting is open to the public. For right now, this will require a Teams invite, which I will be happy to hand out to anyone who wants to join.
We should probably emphasize that this is NOT a replacement for the Call the Doctor session. It’s not for people to ask technical questions. It’s only for developers or people who care about a PR or issue.
HDF5 INTERNALS SEMINARS
These will be informal seminars about library internals on the 4th Friday of every month at 10 am CDT. These will be open to the public, but will also require a Teams invite for now. These will be VERY low level and targeted at library engineers.
BETTER GITHUB ENGAGEMENT
We will be dedicating a rotating engineer to keep an eye on GitHub, so issues should be tagged and triaged within a day of being created. This person will also be responsible for helping to get simpler PRs merged (more complicated PRs will have to wait for the working group meeting, above). The tagging system we have adopted in HDF5 will be exported to HDF4, HDFView, and hsds and I’ll demonstrate that. Product-specific project management on GitHub is being investigated, but is still a work in progress.
HDF5 1.10 RELEASE CHANGES
HDF5 1.10.11 will be released in the fall. This will be the last release of the 1.10 line.
HARDENED FILE I/O AND THE CVE REPOSITORY
We’ve made a pass over the library to harden the layer that reads HDF5 metadata from the disk. It’s now more careful about checking for invalid files and cleaning up resources when mis-parsed files are encountered. This was a frequent source of CVE and oss-fuzz issues. We are also putting together a repository that will consolidate CVE proof-of-concept files and a test script that can be run against any version of the library to see which CVE issues are unfixed (and to ensure we don’t regress).
I’ll introduce our scheme for communicating changes to our products via the forums and other modes of communication.
You can also watch this episode online.
Call the Doctor is a series of weekly, unscripted, live events! The HDF Group’s staff members will answer attendee questions and, for example, go over the previous week’s HDF Forum posts. The HDF Clinics are free sessions intended to help users tackle real-world HDF problems from a common cold to severe headaches and offer relief where that’s possible. As time permits, we will include how-tos, offer advice on tool usage, review your code samples, teach you survival in the documentation jungle, and discuss what’s new or just around the corner in the land of HDF.
Join us every Tuesday at 12:20 p.m. central (US/Canada.) on Zoom!