At the end of office hours today I mentioned wanting more of the issues and PRs to be labeled (@seph made a note in the notes about it), but it looks like only members with write access to the repository can label issues.

also, I did not like the way the build badges looked on the Readme so I removed them: https://github.com/osquery/osquery/blob/427914bde0a0b228bdfd16c15eeaa86d379d5334/README.md thoughts?

so are we skipping 4.1.0? https://github.com/osquery/osquery/milestone/43

The Linux foundation has said they don't have an ADC account. It's on us to run that riddle trail. And either pay, or get the tax id for LF (@zwass )

Anyone have thumbs for some prior office hours? * https://github.com/osquery/foundation/pull/42 * https://github.com/osquery/foundation/pull/43

I now have PDFs for the official founding docs. I’ve uploaded them into 1password

We have a D&B Number! In 5 days, I can submit it to apple. But this is great

FYI. https://github.blog/2020-04-14-github-is-now-free-for-teams/

Ok new piece of 'moving parts' we need to address within 8 days. The DigiCert TLS cert for *.osquery.io needs to be renewed. We should move over to LetsEncrypt and we'll need to use the cert within AWS CloudFront. Also I think we can move off of CloudFront and onto a free (if available) load balancer that allows us to TLS terminate. We front the homepage and pkg. IIRC.

We’ll need to manage the cert ourselves I think due to the usage of pkg.

Hi folks, I'd like to propose a change in process for osquery's security policy. I think we have all the tools to handle reports, issue CVEs, fix and release without needing FB's CNA capabilities or FB Whitehat involvement. What I propose is we change the SECURITY.md to be more concrete about how to report, either mention in #core or DM one of the TSC on Slack (with a link to the list of usernames). We also include a few sentences about how we proceed with fixing and applying for a CVE if needed through GitHub's security advisory feature. The motivation behind this is to provide us more efficacy over handling the end-to-end and helping reduce the scope of the FB Whitehat. FB's program focuses on security impact to FB projects and configuration. This means best-practice hardening recommendations for osquery, which do not impact FB, can result in a bad experience for researchers. In these instances if FB were to choose to issue a reward we would hold ourselves to an SLA that is difficult to keep, what I mean by this is FB would have to coordinate with the group here to land a fix. I know I bridge this gap and could commit to maintaining the SLA. Please understand that while I'd absolutely love to do this I cannot commit to this right now. By removing osquery from FB Whitehat we remove the ambiguity of whether a best-practice recommendation has security impact to FB and we remove any false expectations around SLA commitment. Those are upsides, the downside is researchers cannot earn bounty for their hard and meaningful work. I do not have an alternative for providing bounty features for osquery security reports but perhaps in the future we can explore HackerOne/etc if we have finances to support this.

We now have an apple developer account. Non-profit. I have not yet dealt with any codesigning things. But phew this is great.

I just learned that both Cisco and Jumpcloud have products that are based around osquery. Which is both validating, and makes me wonder if we should be better at outreach

I’ve started looking into what it would take to transfer

osquery-go

from Kolide to the foundation. Please speak up if you think this is a bad idea… (Else I assume everyone thinks it’s great)

@seph no idea if this can be adjusted on the project end, but minimum donation for "an organization" is 500$ right now. I would put this donation under my personal company name since that is where it makes the most sense (logically and tax wise) - but it means I can't donate 300$ as easily. If you can't change it I will just do it under my name and then "expense" it to myself, no big deal, but I figure there might be others in a similar situation

@zwass I am.

Spoke to someone at the LF about transferring osquery-go into the osquery foundation. Will put notes in an issue. It should be straight forward, but there is a wrinle

I need to get some sleep, if someone is still awake in 30mins, do you mind merging https://github.com/osquery/osquery/pull/6617 to fix the README display

Not sure where this goes, but a fun update from us over here at Apple. Our company has just approved our full participation for high volume code contributions to osquery. We're excited to really join the community. 🙂

we can have a "brought to you by teddy" with his picture at the top

https://github.com/sponsors has anyone considered putting up a sponsor-us badge on the project?

I’d like to invite Sharvil to the osquery-committers group on GitHub, giving him access to approve and merge PRs on osquery/osquery. He’s been contributing for several years, has a good track record of changes and reviews, and is currently part of the committers for our code signing workflows. So this change only slightly increases the trust we confide in him. :) Our process for previous additions to contributors lists has been 3 TSC members giving a vote of approval. We had that in core just now, but I wanted to raise here for visibility and consistency.

Hey folks, some end of the year thoughts on osquery governance: As per the charter section 2.f., the TSC may elect a TSC Chair. I propose we elect @seph to this position as he has essentially been performing the roles "preside over meetings of the TSC" and "serve as the primary communication contact [with Linux Foundation]". Can we consider adding new members to the TSC? @Stefano Bonicatti and @sharvil have both been deeply involved in the osquery efforts over the last years. Should we consider removing inactive members from the TSC? Any of the above can be approved by a majority vote of the TSC.

Update 🎉 @seph has been elected as TSC Chair (https://github.com/osquery/foundation/issues/81) @sharvil has been elected as TSC Member (https://github.com/osquery/foundation/issues/82)

Renewed our apple developer account. Fee is still waived.

I'm told https://cirrus-ci.org/ offers free M1 CI for open source, if that would useful for osquery

Another batch of minutes! https://github.com/osquery/foundation/pull/84

Hrm. Might be some scammer trying to access our twitter account.

@Larry Gryziak has left the channel

@Ronald Cardoso has left the channel