...
- We need CI to be running a performance test to check for obvious regressions
TODO - finish this formatting
9.0.x - change default to true for discardfacades
Test removal of recycling - collect GC stats
processorCache == 0 => bad for performance
Document 0 == no cache & performance implications
Secure by default
...
- . Need to extract results over time. How?
- Ensure discardFacades is true for all versions
- processorCache (Http11Processor) == 0 is very bad for performance (approx factor of 2) but very good for security. Document this.
- Could investigate what we could do about the above.
- Do we need to clear if we don't need to recycle?
- Are there some recycled objects we could just recreate?
- Shutdown port can have unexpected behaviour if there are two instances on same machine with same settings
- Start A, Start B, Stop B actually stops A!
- Switch default shutdown password to ${catalina.base}
- Review TLS settings
- Vary by JVM
- Document
- Do we enable anything that all JVMs disable (TLS 1.1?)
- Are we using the right default cipher list (check with SSLLabs)?
- Disabled more web applications by default
- Package was WAR and then name AAA.war.disabled
- SecurityListener - schultz already started these threads on dev@
- Check for writeable files that should not
...
- be
- Anything from the Tomcat security guide
...
- Remove SSI
...
- /
...
- CGI - schultz already started these threads on dev@
Next event
The majority of committers seem to be EU based. Next event likely to be most effective if EU based.
If there is a CoC next year, add on a day again. If not CoC , fosdem?Small group code review
Actions
Today
, before Fosdem is a likely candidate. Need to keep an eye on CoC EU plans.
Next event likely to have a different focus. More code review based. Want to look at:
- HTTP header parsing
- Other areas TBD
Assuming similar costs, we have sufficient funding to run two more events like this.HTTP header parsing review
Accounting
Date | Description | CC Income ($) | CC Expenses ($) | CC Balance ($) | Cash Income | Cash Expenses | Cash Balance | Total Balance |
---|---|---|---|---|---|---|---|---|
Initial funding from Google | 5,000.00 | 5,000.00 | ||||||
28 Feb 2024 | Meeting room for June 6th 2024 - EUR380 | 425.37 | 4,574.63 | |||||
03 Jun 2024 | markt accommodation - EUR 563.86 | 632.12 | 3,942.51 | 474.09 | 474.09 | 4,416.60 | ||
04 Jun 2024 | remm accommodation - EUR 145.83 | 163.83 | 3,778.68 | 474.09 | 4,252.77 | |||
05 Jun 2024 | engelen accommodation - EUR 154.22 | 173.43 | 3,605.25 | 474.09 | 4,079.34 | |||
06 Jun 2024 | Lunch - EUR 270 | 3,605.25 | 303.63 | 170.46 | 3,775.71 | |||
06 Jun 2024 | Dinner - EUR 214.10 | 240.24 | 3,365.01 | 170.46 | 3,535.72 |
...