Date   

Re: Request to move forward with the first major release of Hyperledger Iroha

Christopher Ferris <chris.ferris@...>
 

Nikolay,

How are you enforcing the DCO now?

As for the diversity point, that too seems problematic. I understand there's a plan to remedy, 
but what I see now seems to be almost all Soramitsu people contributing, with very few others.

Can you please indicate which of these committer emails are Soramitsu and which are independent or 
work for some other company?

Akvinikym anarant12@... 
kamilsa kamilsa16@... 
Nikita Alekseev n.alekseev2104@... 
Kitsu mail@...   
Bogdan Vaneev warchantua@... 
Bulat Saifullin bulat@... 
Artyom Bakhtin a@...  
Russel emkil.russel@...   
Robert Sayakhov roobertdantes@...  
Bogdan Mingela freekilluau@...  
Bulat Nasrulin bulat.nasrulin@...  
Rory bagf@...  
Sergei ssolonets@...  

Thanks

Chris


On Thu, Mar 14, 2019 at 4:01 AM Nikolay Yushkevich <nikolai@...> wrote:
Hi Mic!

According to Hyperledger Charter, part 13. Intellectual Property Policy says that "All contributions shall be accompanied by a Developer Certificate of Origin sign-off (http://developercertificate.org) that is submitted through a Governing Board and LF-approved contribution process.".

Unfortunately for Hyperledger Iroha codebase this rule was not in effect since the very beginning.
As an example, here are some commits from the project that don't have DCO in them:


Then it started to be imposed by a DCO bot sometime in the beginning of 2018, and commit history still contains some commits with DCO that is missing or incorrect. 

In order to move forward with the first major release we need to fix commit history and add sign-offs — after some public discussion, happening in Iroha mailing list: https://lists.hyperledger.org/g/iroha/topic/28267507#63 we've got a plan https://wiki.hyperledger.org/x/gRJi

We would like to get an approval and agreement from HL legal team, as well as TSC as part of FMR request, in order to move forward and put the repo in archive once we are ready, modify commit history and publish this in Hyperledger GitHub.

Hope that explains the issue better.

Nikolai


14 марта 2019 г., в 1:18, Mic Bowman <cmickeyb@...> написал(а):

I'm a little confused about the DCO comment. Could you explain how you're going to conform to the DCO?

On Mon, Mar 11, 2019 at 12:07 PM Nikolay Yushkevich <nikolai@...> wrote:
Dear Members of the Technical Steering Committee,

As Hyperledger Iroha maintainers we would like to request committee's permission to move forward with the first major release (1.0) and present the following achievements as a proof of the project's code maturity.

The latest release of Hyperledger Iroha available is Hyperledger Iroha v1.0 Release Candidate 4 Hotfix 1 version, available at: https://github.com/hyperledger/iroha/releases/tag/1.0.0_rc4_hf1. In this release we delivered a complete set of features that can be used to build DLT-powered enterprise-grade applications with the following features:

• Rich API with command-driven architecture
 for asset and identity management.
• Native support of Linux, MacOS and Windows environments.
• Crash fault-tolerant (CFT) consensus with experimental Byzantine fault-tolerant (BFT) algorithm and decentralized ordering service.
• Role-based access control.
• Client libraries, including example apps for iOS, JS (vue.js), Android (Java 8).
• Universal peer role and easily scripted deployment with Docker, Kubernetes, and Ansible Playbooks.
• Multi-signature transactions.
• Ordered and atomic batches of transactions.

We see Iroha as a universal solution for tokenization of assets or data, and we want it to be a simple and straightforward blockchain platform for enterprise, and blockchain enthusiasts.

The project is in active state and maintains the required level of quality over its lifespan:

• All of our code is licensed under the Apache-2.0 license.
• Sufficient test coverage: https://out1-jtzj0nrcq.now.sh.
• We have a significant amount of documentation available online in several languages: https://iroha.readthedocs.io/en/latest/.
• We have completed the CII certification, which can be viewed here: https://bestpractices.coreinfrastructure.org/en/projects/960.

Here is the list of current issues with the project and suggested solutions:

• Project maintainers' and contributors' diversity. At the moment, the Iroha node codebase is maintained mostly by Soramitsu; contributors are comprised of Soramitsu employees with some non-Soramitsu individual contributions. Internationalization of the documentation is more diverse — language versions of English docs are maintained by many native speakers. We have a diversity plan and it is already in effect: https://wiki.hyperledger.org/display/iroha/Diversity+Plan.
• DCO — at the moment we are still introducing changes to the source code (mostly bug fixes), therefore it makes it hard to do the complete code freeze and modify the commit history so that it conforms to the standards. We would like to ask TSC's permission to ignore the issues until the code is frozen and only after fixing DCO we release first major release. We have a plan to execute once version 1.0 is released here: https://wiki.hyperledger.org/x/gRJi

We have a strong end user support base; this can be seen from the significant activity that we see on our Rocket.Chat channels (755 users), telegram chat (291 member) and Stack Overflow (41 questions). Our docker image was pulled 54'000 times as of 2019-03-11 https://hub.docker.com/v2/repositories/hyperledger/iroha/.

We welcome the TSCs review of this request, and we are happy to follow-up and answer questions via email or by joining the weekly TSC call as required.

Best regards,

HL Iroha Maintainers team


Contact person: Nikolai Iushkevich, nikolai@...






Re: Request to move forward with the first major release of Hyperledger Iroha

Nikolay Yushkevich <nikolai@...>
 

Hi Mic!

According to Hyperledger Charter, part 13. Intellectual Property Policy says that "All contributions shall be accompanied by a Developer Certificate of Origin sign-off (http://developercertificate.org) that is submitted through a Governing Board and LF-approved contribution process.".

Unfortunately for Hyperledger Iroha codebase this rule was not in effect since the very beginning.
As an example, here are some commits from the project that don't have DCO in them:


Then it started to be imposed by a DCO bot sometime in the beginning of 2018, and commit history still contains some commits with DCO that is missing or incorrect. 

In order to move forward with the first major release we need to fix commit history and add sign-offs — after some public discussion, happening in Iroha mailing list: https://lists.hyperledger.org/g/iroha/topic/28267507#63 we've got a plan https://wiki.hyperledger.org/x/gRJi

We would like to get an approval and agreement from HL legal team, as well as TSC as part of FMR request, in order to move forward and put the repo in archive once we are ready, modify commit history and publish this in Hyperledger GitHub.

Hope that explains the issue better.

Nikolai


14 марта 2019 г., в 1:18, Mic Bowman <cmickeyb@...> написал(а):

I'm a little confused about the DCO comment. Could you explain how you're going to conform to the DCO?

On Mon, Mar 11, 2019 at 12:07 PM Nikolay Yushkevich <nikolai@...> wrote:
Dear Members of the Technical Steering Committee,

As Hyperledger Iroha maintainers we would like to request committee's permission to move forward with the first major release (1.0) and present the following achievements as a proof of the project's code maturity.

The latest release of Hyperledger Iroha available is Hyperledger Iroha v1.0 Release Candidate 4 Hotfix 1 version, available at: https://github.com/hyperledger/iroha/releases/tag/1.0.0_rc4_hf1. In this release we delivered a complete set of features that can be used to build DLT-powered enterprise-grade applications with the following features:

• Rich API with command-driven architecture
 for asset and identity management.
• Native support of Linux, MacOS and Windows environments.
• Crash fault-tolerant (CFT) consensus with experimental Byzantine fault-tolerant (BFT) algorithm and decentralized ordering service.
• Role-based access control.
• Client libraries, including example apps for iOS, JS (vue.js), Android (Java 8).
• Universal peer role and easily scripted deployment with Docker, Kubernetes, and Ansible Playbooks.
• Multi-signature transactions.
• Ordered and atomic batches of transactions.

We see Iroha as a universal solution for tokenization of assets or data, and we want it to be a simple and straightforward blockchain platform for enterprise, and blockchain enthusiasts.

The project is in active state and maintains the required level of quality over its lifespan:

• All of our code is licensed under the Apache-2.0 license.
• Sufficient test coverage: https://out1-jtzj0nrcq.now.sh.
• We have a significant amount of documentation available online in several languages: https://iroha.readthedocs.io/en/latest/.
• We have completed the CII certification, which can be viewed here: https://bestpractices.coreinfrastructure.org/en/projects/960.

Here is the list of current issues with the project and suggested solutions:

• Project maintainers' and contributors' diversity. At the moment, the Iroha node codebase is maintained mostly by Soramitsu; contributors are comprised of Soramitsu employees with some non-Soramitsu individual contributions. Internationalization of the documentation is more diverse — language versions of English docs are maintained by many native speakers. We have a diversity plan and it is already in effect: https://wiki.hyperledger.org/display/iroha/Diversity+Plan.
• DCO — at the moment we are still introducing changes to the source code (mostly bug fixes), therefore it makes it hard to do the complete code freeze and modify the commit history so that it conforms to the standards. We would like to ask TSC's permission to ignore the issues until the code is frozen and only after fixing DCO we release first major release. We have a plan to execute once version 1.0 is released here: https://wiki.hyperledger.org/x/gRJi

We have a strong end user support base; this can be seen from the significant activity that we see on our Rocket.Chat channels (755 users), telegram chat (291 member) and Stack Overflow (41 questions). Our docker image was pulled 54'000 times as of 2019-03-11 https://hub.docker.com/v2/repositories/hyperledger/iroha/.

We welcome the TSCs review of this request, and we are happy to follow-up and answer questions via email or by joining the weekly TSC call as required.

Best regards,

HL Iroha Maintainers team


Contact person: Nikolai Iushkevich, nikolai@...






Re: Request to move forward with the first major release of Hyperledger Iroha

Mic Bowman
 

I'm a little confused about the DCO comment. Could you explain how you're going to conform to the DCO?


On Mon, Mar 11, 2019 at 12:07 PM Nikolay Yushkevich <nikolai@...> wrote:
Dear Members of the Technical Steering Committee,

As Hyperledger Iroha maintainers we would like to request committee's permission to move forward with the first major release (1.0) and present the following achievements as a proof of the project's code maturity.

The latest release of Hyperledger Iroha available is Hyperledger Iroha v1.0 Release Candidate 4 Hotfix 1 version, available at: https://github.com/hyperledger/iroha/releases/tag/1.0.0_rc4_hf1. In this release we delivered a complete set of features that can be used to build DLT-powered enterprise-grade applications with the following features:

• Rich API with command-driven architecture
 for asset and identity management.
• Native support of Linux, MacOS and Windows environments.
• Crash fault-tolerant (CFT) consensus with experimental Byzantine fault-tolerant (BFT) algorithm and decentralized ordering service.
• Role-based access control.
• Client libraries, including example apps for iOS, JS (vue.js), Android (Java 8).
• Universal peer role and easily scripted deployment with Docker, Kubernetes, and Ansible Playbooks.
• Multi-signature transactions.
• Ordered and atomic batches of transactions.

We see Iroha as a universal solution for tokenization of assets or data, and we want it to be a simple and straightforward blockchain platform for enterprise, and blockchain enthusiasts.

The project is in active state and maintains the required level of quality over its lifespan:

• All of our code is licensed under the Apache-2.0 license.
• Sufficient test coverage: https://out1-jtzj0nrcq.now.sh.
• We have a significant amount of documentation available online in several languages: https://iroha.readthedocs.io/en/latest/.
• We have completed the CII certification, which can be viewed here: https://bestpractices.coreinfrastructure.org/en/projects/960.

Here is the list of current issues with the project and suggested solutions:

• Project maintainers' and contributors' diversity. At the moment, the Iroha node codebase is maintained mostly by Soramitsu; contributors are comprised of Soramitsu employees with some non-Soramitsu individual contributions. Internationalization of the documentation is more diverse — language versions of English docs are maintained by many native speakers. We have a diversity plan and it is already in effect: https://wiki.hyperledger.org/display/iroha/Diversity+Plan.
• DCO — at the moment we are still introducing changes to the source code (mostly bug fixes), therefore it makes it hard to do the complete code freeze and modify the commit history so that it conforms to the standards. We would like to ask TSC's permission to ignore the issues until the code is frozen and only after fixing DCO we release first major release. We have a plan to execute once version 1.0 is released here: https://wiki.hyperledger.org/x/gRJi

We have a strong end user support base; this can be seen from the significant activity that we see on our Rocket.Chat channels (755 users), telegram chat (291 member) and Stack Overflow (41 questions). Our docker image was pulled 54'000 times as of 2019-03-11 https://hub.docker.com/v2/repositories/hyperledger/iroha/.

We welcome the TSCs review of this request, and we are happy to follow-up and answer questions via email or by joining the weekly TSC call as required.

Best regards,

HL Iroha Maintainers team


Contact person: Nikolai Iushkevich, nikolai@...



Re: Request to move forward with the first major release of Hyperledger Iroha

Sara Garifullina <garifullina@...>
 

Hello! I am Sara from Iroha team. 
Thank you for your feedback. 

I would like to comment on the diversity issues. The team is aware of them and we are currently working on diversification of the community. 
At the moment we have several individual contributors working on different parts of Iroha — we are always ready to answer their questions and we keep everyone updated. 
However, we understand that individual contributors might not provide the robustness required. That is why, following the plan, we also work in another direction — we present Iroha in different educational institutions and to businesses, receiving good feedback. I believe that following the plan we would be able to achieve that. We have noticed a positive pattern — the closer Iroha is to the production version, the more people are getting interested in it. I believe that this happens because corporate maintainers would most likely come from corporate users and production-ready version could really help us with that. 
 
Sara Garifullina,
Community manager at Soramitsu


On Wed, Mar 13, 2019 at 12:24 AM Iushkevich Nikolai <nikolai@...> wrote:
Hello Hart,

As for today, all the vulnerabilities discovered during the security audit of Iroha were fixed in previous releases. I am not sure if the report has been published, need to check this with David (HL security maven) and Sara (our community manager). 

We also used fuzzing of all endpoints and soak stands and observed whether Iroha can reach expected grade of fault tolerance. While this is still in progress and we are preparing the reports, as well as setting up configuration of more physically distributed and wide node network for soak/longevity tests — the team is confident that we can start the process of requesting TSC to approve the first major release now, as there are signs of stable performance and resource utilization at the moment. 

We also used sanitizers to find any unsafe behavior: all critical issues discovered are under control and are going to be fixed or were already fixed before the release (I can give a bit more details on that in the thread later). 
We will also request trial access to some of the static analysis tools available for C++. At this moment we use SonarQube which gave us a lot of false positives and we would like to try something else, e.g. Coverity scan.

Vulnerability and bug reporting processes are described in contributing guidelines (contributing.md file & readthedocs section).


Best regards,
Nikolay Yushkevich

12 марта 2019 г., в 23:49, Montgomery, Hart <hmontgomery@...> написал(а):

Hi Nikolai,

 

Would it be possible for you (or others) to comment a little further on the security audits that Iroha has undergone and the current security status?  I’m not suggesting that you all are doing anything wrong—I just think that this is an important issue in general to bring up in a 1.0 discussion.

 

While I’m not sure everyone agrees with me, I think security is something important to consider for a 1.0, and I think enough people will agree with this that it is worth commenting on in an email.

 

Thanks a lot for your time, and have a great day.

 

Thanks,

Hart

 

From: tsc@... [mailto:tsc@...] On Behalf Of Nikolay Yushkevich
Sent: Monday, March 11, 2019 12:07 PM
To: Hyperledger List <tsc@...>
Cc: Ales Zivkovic <zivkovic@...>; Makoto 1337 <takemiya@...>; ryu okada <okada@...>; Sara Garifullina <garifullina@...>; Fyodor Muratov <fyodor@...>; Andrei Lebedev <andrei@...>; boldrev@...; igor@...; Munichev Konstantin <konstantin@...>
Subject: [Hyperledger TSC] Request to move forward with the first major release of Hyperledger Iroha

 

Dear Members of the Technical Steering Committee,

As Hyperledger Iroha maintainers we would like to request committee's permission to move forward with the first major release (1.0) and present the following achievements as a proof of the project's code maturity.

The latest release of Hyperledger Iroha available is Hyperledger Iroha v1.0 Release Candidate 4 Hotfix 1 version, available at: https://github.com/hyperledger/iroha/releases/tag/1.0.0_rc4_hf1. In this release we delivered a complete set of features that can be used to build DLT-powered enterprise-grade applications with the following features:

 

            • Rich API with command-driven architecture
 for asset and identity management.

            • Native support of Linux, MacOS and Windows environments.

            • Crash fault-tolerant (CFT) consensus with experimental Byzantine fault-tolerant (BFT) algorithm and decentralized ordering service.

            • Role-based access control.

            • Client libraries, including example apps for iOS, JS (vue.js), Android (Java 8).

            • Universal peer role and easily scripted deployment with Docker, Kubernetes, and Ansible Playbooks.

            • Multi-signature transactions.

            • Ordered and atomic batches of transactions.

We see Iroha as a universal solution for tokenization of assets or data, and we want it to be a simple and straightforward blockchain platform for enterprise, and blockchain enthusiasts.

The project is in active state and maintains the required level of quality over its lifespan:

            • All of our code is licensed under the Apache-2.0 license.

            • Sufficient test coverage: https://out1-jtzj0nrcq.now.sh.

            • We have a significant amount of documentation available online in several languages: https://iroha.readthedocs.io/en/latest/.

            • We have completed the CII certification, which can be viewed here: https://bestpractices.coreinfrastructure.org/en/projects/960.

 

Here is the list of current issues with the project and suggested solutions:

            • Project maintainers' and contributors' diversity. At the moment, the Iroha node codebase is maintained mostly by Soramitsu; contributors are comprised of Soramitsu employees with some non-Soramitsu individual contributions. Internationalization of the documentation is more diverse — language versions of English docs are maintained by many native speakers. We have a diversity plan and it is already in effect: https://wiki.hyperledger.org/display/iroha/Diversity+Plan.

            • DCO — at the moment we are still introducing changes to the source code (mostly bug fixes), therefore it makes it hard to do the complete code freeze and modify the commit history so that it conforms to the standards. We would like to ask TSC's permission to ignore the issues until the code is frozen and only after fixing DCO we release first major release. We have a plan to execute once version 1.0 is released here: https://wiki.hyperledger.org/x/gRJi

 

We have a strong end user support base; this can be seen from the significant activity that we see on our Rocket.Chat channels (755 users), telegram chat (291 member) and Stack Overflow (41 questions). Our docker image was pulled 54'000 times as of 2019-03-11 https://hub.docker.com/v2/repositories/hyperledger/iroha/.


We welcome the TSCs review of this request, and we are happy to follow-up and answer questions via email or by joining the weekly TSC call as required.

Best regards,

HL Iroha Maintainers team


Contact person: Nikolai Iushkevich, nikolai@...


Re: Request to move forward with the first major release of Hyperledger Iroha

Nikolay Yushkevich <nikolai@...>
 

Hello Hart,

As for today, all the vulnerabilities discovered during the security audit of Iroha were fixed in previous releases. I am not sure if the report has been published, need to check this with David (HL security maven) and Sara (our community manager). 

We also used fuzzing of all endpoints and soak stands and observed whether Iroha can reach expected grade of fault tolerance. While this is still in progress and we are preparing the reports, as well as setting up configuration of more physically distributed and wide node network for soak/longevity tests — the team is confident that we can start the process of requesting TSC to approve the first major release now, as there are signs of stable performance and resource utilization at the moment. 

We also used sanitizers to find any unsafe behavior: all critical issues discovered are under control and are going to be fixed or were already fixed before the release (I can give a bit more details on that in the thread later). 
We will also request trial access to some of the static analysis tools available for C++. At this moment we use SonarQube which gave us a lot of false positives and we would like to try something else, e.g. Coverity scan.

Vulnerability and bug reporting processes are described in contributing guidelines (contributing.md file & readthedocs section).


Best regards,
Nikolay Yushkevich

12 марта 2019 г., в 23:49, Montgomery, Hart <hmontgomery@...> написал(а):

Hi Nikolai,

 

Would it be possible for you (or others) to comment a little further on the security audits that Iroha has undergone and the current security status?  I’m not suggesting that you all are doing anything wrong—I just think that this is an important issue in general to bring up in a 1.0 discussion.

 

While I’m not sure everyone agrees with me, I think security is something important to consider for a 1.0, and I think enough people will agree with this that it is worth commenting on in an email.

 

Thanks a lot for your time, and have a great day.

 

Thanks,

Hart

 

From: tsc@... [mailto:tsc@...] On Behalf Of Nikolay Yushkevich
Sent: Monday, March 11, 2019 12:07 PM
To: Hyperledger List <tsc@...>
Cc: Ales Zivkovic <zivkovic@...>; Makoto 1337 <takemiya@...>; ryu okada <okada@...>; Sara Garifullina <garifullina@...>; Fyodor Muratov <fyodor@...>; Andrei Lebedev <andrei@...>; boldrev@...; igor@...; Munichev Konstantin <konstantin@...>
Subject: [Hyperledger TSC] Request to move forward with the first major release of Hyperledger Iroha

 

Dear Members of the Technical Steering Committee,

As Hyperledger Iroha maintainers we would like to request committee's permission to move forward with the first major release (1.0) and present the following achievements as a proof of the project's code maturity.

The latest release of Hyperledger Iroha available is Hyperledger Iroha v1.0 Release Candidate 4 Hotfix 1 version, available at: https://github.com/hyperledger/iroha/releases/tag/1.0.0_rc4_hf1. In this release we delivered a complete set of features that can be used to build DLT-powered enterprise-grade applications with the following features:

 

            • Rich API with command-driven architecture
 for asset and identity management.

            • Native support of Linux, MacOS and Windows environments.

            • Crash fault-tolerant (CFT) consensus with experimental Byzantine fault-tolerant (BFT) algorithm and decentralized ordering service.

            • Role-based access control.

            • Client libraries, including example apps for iOS, JS (vue.js), Android (Java 8).

            • Universal peer role and easily scripted deployment with Docker, Kubernetes, and Ansible Playbooks.

            • Multi-signature transactions.

            • Ordered and atomic batches of transactions.

We see Iroha as a universal solution for tokenization of assets or data, and we want it to be a simple and straightforward blockchain platform for enterprise, and blockchain enthusiasts.

The project is in active state and maintains the required level of quality over its lifespan:

            • All of our code is licensed under the Apache-2.0 license.

            • Sufficient test coverage: https://out1-jtzj0nrcq.now.sh.

            • We have a significant amount of documentation available online in several languages: https://iroha.readthedocs.io/en/latest/.

            • We have completed the CII certification, which can be viewed here: https://bestpractices.coreinfrastructure.org/en/projects/960.

 

Here is the list of current issues with the project and suggested solutions:

            • Project maintainers' and contributors' diversity. At the moment, the Iroha node codebase is maintained mostly by Soramitsu; contributors are comprised of Soramitsu employees with some non-Soramitsu individual contributions. Internationalization of the documentation is more diverse — language versions of English docs are maintained by many native speakers. We have a diversity plan and it is already in effect: https://wiki.hyperledger.org/display/iroha/Diversity+Plan.

            • DCO — at the moment we are still introducing changes to the source code (mostly bug fixes), therefore it makes it hard to do the complete code freeze and modify the commit history so that it conforms to the standards. We would like to ask TSC's permission to ignore the issues until the code is frozen and only after fixing DCO we release first major release. We have a plan to execute once version 1.0 is released here: https://wiki.hyperledger.org/x/gRJi

 

We have a strong end user support base; this can be seen from the significant activity that we see on our Rocket.Chat channels (755 users), telegram chat (291 member) and Stack Overflow (41 questions). Our docker image was pulled 54'000 times as of 2019-03-11 https://hub.docker.com/v2/repositories/hyperledger/iroha/.


We welcome the TSCs review of this request, and we are happy to follow-up and answer questions via email or by joining the weekly TSC call as required.

Best regards,

HL Iroha Maintainers team


Contact person: Nikolai Iushkevich, nikolai@...


Re: Request to move forward with the first major release of Hyperledger Iroha

hmontgomery@us.fujitsu.com <hmontgomery@...>
 

Hi Nikolai,

 

Would it be possible for you (or others) to comment a little further on the security audits that Iroha has undergone and the current security status?  I’m not suggesting that you all are doing anything wrong—I just think that this is an important issue in general to bring up in a 1.0 discussion.

 

While I’m not sure everyone agrees with me, I think security is something important to consider for a 1.0, and I think enough people will agree with this that it is worth commenting on in an email.

 

Thanks a lot for your time, and have a great day.

 

Thanks,

Hart

 

From: tsc@... [mailto:tsc@...] On Behalf Of Nikolay Yushkevich
Sent: Monday, March 11, 2019 12:07 PM
To: Hyperledger List <tsc@...>
Cc: Ales Zivkovic <zivkovic@...>; Makoto 1337 <takemiya@...>; ryu okada <okada@...>; Sara Garifullina <garifullina@...>; Fyodor Muratov <fyodor@...>; Andrei Lebedev <andrei@...>; boldrev@...; igor@...; Munichev Konstantin <konstantin@...>
Subject: [Hyperledger TSC] Request to move forward with the first major release of Hyperledger Iroha

 

Dear Members of the Technical Steering Committee,

As Hyperledger Iroha maintainers we would like to request committee's permission to move forward with the first major release (1.0) and present the following achievements as a proof of the project's code maturity.

The latest release of Hyperledger Iroha available is Hyperledger Iroha v1.0 Release Candidate 4 Hotfix 1 version, available at: https://github.com/hyperledger/iroha/releases/tag/1.0.0_rc4_hf1. In this release we delivered a complete set of features that can be used to build DLT-powered enterprise-grade applications with the following features:

 

            • Rich API with command-driven architecture
 for asset and identity management.

            • Native support of Linux, MacOS and Windows environments.

            • Crash fault-tolerant (CFT) consensus with experimental Byzantine fault-tolerant (BFT) algorithm and decentralized ordering service.

            • Role-based access control.

            • Client libraries, including example apps for iOS, JS (vue.js), Android (Java 8).

            • Universal peer role and easily scripted deployment with Docker, Kubernetes, and Ansible Playbooks.

            • Multi-signature transactions.

            • Ordered and atomic batches of transactions.

We see Iroha as a universal solution for tokenization of assets or data, and we want it to be a simple and straightforward blockchain platform for enterprise, and blockchain enthusiasts.

The project is in active state and maintains the required level of quality over its lifespan:

            • All of our code is licensed under the Apache-2.0 license.

            • Sufficient test coverage: https://out1-jtzj0nrcq.now.sh.

            • We have a significant amount of documentation available online in several languages: https://iroha.readthedocs.io/en/latest/.

            • We have completed the CII certification, which can be viewed here: https://bestpractices.coreinfrastructure.org/en/projects/960.

 

Here is the list of current issues with the project and suggested solutions:

            • Project maintainers' and contributors' diversity. At the moment, the Iroha node codebase is maintained mostly by Soramitsu; contributors are comprised of Soramitsu employees with some non-Soramitsu individual contributions. Internationalization of the documentation is more diverse — language versions of English docs are maintained by many native speakers. We have a diversity plan and it is already in effect: https://wiki.hyperledger.org/display/iroha/Diversity+Plan.

            • DCO — at the moment we are still introducing changes to the source code (mostly bug fixes), therefore it makes it hard to do the complete code freeze and modify the commit history so that it conforms to the standards. We would like to ask TSC's permission to ignore the issues until the code is frozen and only after fixing DCO we release first major release. We have a plan to execute once version 1.0 is released here: https://wiki.hyperledger.org/x/gRJi

 

We have a strong end user support base; this can be seen from the significant activity that we see on our Rocket.Chat channels (755 users), telegram chat (291 member) and Stack Overflow (41 questions). Our docker image was pulled 54'000 times as of 2019-03-11 https://hub.docker.com/v2/repositories/hyperledger/iroha/.


We welcome the TSCs review of this request, and we are happy to follow-up and answer questions via email or by joining the weekly TSC call as required.

Best regards,

HL Iroha Maintainers team


Contact person: Nikolai Iushkevich, nikolai@...


Re: Request to move forward with the first major release of Hyperledger Iroha

mark wagner <mwagner@...>
 

I want to make sure that we are clear on the term diversity as it is used with multiple meanings within Hyperledger.

In this particular email thread, I am interpreting it to mean that we have contributors and maintainers from multiple sources, not just a single organization ( Soramitsu ). Is there a specific ratio that we are looking to meet or exceed ?

I do feel that we want to make sure that a project can be sustained if a company decides to change direction and pulls its resources.

-mark



On Tue, Mar 12, 2019 at 12:37 PM Dan Hyperledger <dan.hyperledger@...> wrote:
I think we should have some robust discussion on this topic. It all looks good to me with the exception of the diversity metric. In general we want to see that any project announcing a production release has not just technical robustness viz. CII etc. but also community robustness. In my mind, this issue is a bit mitigated for Iroha given its diversity plan and its longevity under Hyperledger governance. I'm not sure that it is fully mitigated however, and I would like to hear some thoughts from others.

Regards,
Dan Middleton


On Mon, Mar 11, 2019 at 1:07 PM Nikolay Yushkevich <nikolai@...> wrote:
Dear Members of the Technical Steering Committee,

As Hyperledger Iroha maintainers we would like to request committee's permission to move forward with the first major release (1.0) and present the following achievements as a proof of the project's code maturity.

The latest release of Hyperledger Iroha available is Hyperledger Iroha v1.0 Release Candidate 4 Hotfix 1 version, available at: https://github.com/hyperledger/iroha/releases/tag/1.0.0_rc4_hf1. In this release we delivered a complete set of features that can be used to build DLT-powered enterprise-grade applications with the following features:

• Rich API with command-driven architecture
 for asset and identity management.
• Native support of Linux, MacOS and Windows environments.
• Crash fault-tolerant (CFT) consensus with experimental Byzantine fault-tolerant (BFT) algorithm and decentralized ordering service.
• Role-based access control.
• Client libraries, including example apps for iOS, JS (vue.js), Android (Java 8).
• Universal peer role and easily scripted deployment with Docker, Kubernetes, and Ansible Playbooks.
• Multi-signature transactions.
• Ordered and atomic batches of transactions.

We see Iroha as a universal solution for tokenization of assets or data, and we want it to be a simple and straightforward blockchain platform for enterprise, and blockchain enthusiasts.

The project is in active state and maintains the required level of quality over its lifespan:

• All of our code is licensed under the Apache-2.0 license.
• Sufficient test coverage: https://out1-jtzj0nrcq.now.sh.
• We have a significant amount of documentation available online in several languages: https://iroha.readthedocs.io/en/latest/.
• We have completed the CII certification, which can be viewed here: https://bestpractices.coreinfrastructure.org/en/projects/960.

Here is the list of current issues with the project and suggested solutions:

• Project maintainers' and contributors' diversity. At the moment, the Iroha node codebase is maintained mostly by Soramitsu; contributors are comprised of Soramitsu employees with some non-Soramitsu individual contributions. Internationalization of the documentation is more diverse — language versions of English docs are maintained by many native speakers. We have a diversity plan and it is already in effect: https://wiki.hyperledger.org/display/iroha/Diversity+Plan.
• DCO — at the moment we are still introducing changes to the source code (mostly bug fixes), therefore it makes it hard to do the complete code freeze and modify the commit history so that it conforms to the standards. We would like to ask TSC's permission to ignore the issues until the code is frozen and only after fixing DCO we release first major release. We have a plan to execute once version 1.0 is released here: https://wiki.hyperledger.org/x/gRJi

We have a strong end user support base; this can be seen from the significant activity that we see on our Rocket.Chat channels (755 users), telegram chat (291 member) and Stack Overflow (41 questions). Our docker image was pulled 54'000 times as of 2019-03-11 https://hub.docker.com/v2/repositories/hyperledger/iroha/.

We welcome the TSCs review of this request, and we are happy to follow-up and answer questions via email or by joining the weekly TSC call as required.

Best regards,

HL Iroha Maintainers team


Contact person: Nikolai Iushkevich, nikolai@...




--
Mark Wagner
Senior Principal Software Engineer
Performance and Scalability
Red Hat, Inc


Re: Request to move forward with the first major release of Hyperledger Iroha

Dan Hyperledger
 

I think we should have some robust discussion on this topic. It all looks good to me with the exception of the diversity metric. In general we want to see that any project announcing a production release has not just technical robustness viz. CII etc. but also community robustness. In my mind, this issue is a bit mitigated for Iroha given its diversity plan and its longevity under Hyperledger governance. I'm not sure that it is fully mitigated however, and I would like to hear some thoughts from others.

Regards,
Dan Middleton


On Mon, Mar 11, 2019 at 1:07 PM Nikolay Yushkevich <nikolai@...> wrote:
Dear Members of the Technical Steering Committee,

As Hyperledger Iroha maintainers we would like to request committee's permission to move forward with the first major release (1.0) and present the following achievements as a proof of the project's code maturity.

The latest release of Hyperledger Iroha available is Hyperledger Iroha v1.0 Release Candidate 4 Hotfix 1 version, available at: https://github.com/hyperledger/iroha/releases/tag/1.0.0_rc4_hf1. In this release we delivered a complete set of features that can be used to build DLT-powered enterprise-grade applications with the following features:

• Rich API with command-driven architecture
 for asset and identity management.
• Native support of Linux, MacOS and Windows environments.
• Crash fault-tolerant (CFT) consensus with experimental Byzantine fault-tolerant (BFT) algorithm and decentralized ordering service.
• Role-based access control.
• Client libraries, including example apps for iOS, JS (vue.js), Android (Java 8).
• Universal peer role and easily scripted deployment with Docker, Kubernetes, and Ansible Playbooks.
• Multi-signature transactions.
• Ordered and atomic batches of transactions.

We see Iroha as a universal solution for tokenization of assets or data, and we want it to be a simple and straightforward blockchain platform for enterprise, and blockchain enthusiasts.

The project is in active state and maintains the required level of quality over its lifespan:

• All of our code is licensed under the Apache-2.0 license.
• Sufficient test coverage: https://out1-jtzj0nrcq.now.sh.
• We have a significant amount of documentation available online in several languages: https://iroha.readthedocs.io/en/latest/.
• We have completed the CII certification, which can be viewed here: https://bestpractices.coreinfrastructure.org/en/projects/960.

Here is the list of current issues with the project and suggested solutions:

• Project maintainers' and contributors' diversity. At the moment, the Iroha node codebase is maintained mostly by Soramitsu; contributors are comprised of Soramitsu employees with some non-Soramitsu individual contributions. Internationalization of the documentation is more diverse — language versions of English docs are maintained by many native speakers. We have a diversity plan and it is already in effect: https://wiki.hyperledger.org/display/iroha/Diversity+Plan.
• DCO — at the moment we are still introducing changes to the source code (mostly bug fixes), therefore it makes it hard to do the complete code freeze and modify the commit history so that it conforms to the standards. We would like to ask TSC's permission to ignore the issues until the code is frozen and only after fixing DCO we release first major release. We have a plan to execute once version 1.0 is released here: https://wiki.hyperledger.org/x/gRJi

We have a strong end user support base; this can be seen from the significant activity that we see on our Rocket.Chat channels (755 users), telegram chat (291 member) and Stack Overflow (41 questions). Our docker image was pulled 54'000 times as of 2019-03-11 https://hub.docker.com/v2/repositories/hyperledger/iroha/.

We welcome the TSCs review of this request, and we are happy to follow-up and answer questions via email or by joining the weekly TSC call as required.

Best regards,

HL Iroha Maintainers team


Contact person: Nikolai Iushkevich, nikolai@...



Hyperledger Learning Materials Development WG Quarterly Update Due #tsc-wg-update - Thu, 03/14/2019 #tsc-wg-update #cal-reminder

tsc@lists.hyperledger.org Calendar <tsc@...>
 

Reminder:
Hyperledger Learning Materials Development WG Quarterly Update Due #tsc-wg-update

When:
Thursday, 14 March 2019

Organizer:
tkuhrt@...

Description:
The Hyperledger Learning Materials Development WG update to the TSC was due March 11, 2019, and it will be presented to the TSC on March 14, 2019. Please review the update at TSC Working Group Updates prior to the meeting and add your questions to the update.

View Event


Hyperledger Quilt Quarterly Update Due #tsc-project-update - Thu, 03/14/2019 #tsc-project-update #cal-reminder

tsc@lists.hyperledger.org Calendar <tsc@...>
 

Reminder:
Hyperledger Quilt Quarterly Update Due #tsc-project-update

When:
Thursday, 14 March 2019

Organizer:
tkuhrt@...

Description:
The Hyperledger Quilt update to the TSC was due March 11, 2019, and it will be presented to the TSC on March 14, 2019. Please review the update at TSC Project Updates prior to the meeting and add your questions to the update.

View Event


Request to move forward with the first major release of Hyperledger Iroha

Nikolay Yushkevich <nikolai@...>
 

Dear Members of the Technical Steering Committee,

As Hyperledger Iroha maintainers we would like to request committee's permission to move forward with the first major release (1.0) and present the following achievements as a proof of the project's code maturity.

The latest release of Hyperledger Iroha available is Hyperledger Iroha v1.0 Release Candidate 4 Hotfix 1 version, available at: https://github.com/hyperledger/iroha/releases/tag/1.0.0_rc4_hf1. In this release we delivered a complete set of features that can be used to build DLT-powered enterprise-grade applications with the following features:

• Rich API with command-driven architecture
 for asset and identity management.
• Native support of Linux, MacOS and Windows environments.
• Crash fault-tolerant (CFT) consensus with experimental Byzantine fault-tolerant (BFT) algorithm and decentralized ordering service.
• Role-based access control.
• Client libraries, including example apps for iOS, JS (vue.js), Android (Java 8).
• Universal peer role and easily scripted deployment with Docker, Kubernetes, and Ansible Playbooks.
• Multi-signature transactions.
• Ordered and atomic batches of transactions.

We see Iroha as a universal solution for tokenization of assets or data, and we want it to be a simple and straightforward blockchain platform for enterprise, and blockchain enthusiasts.

The project is in active state and maintains the required level of quality over its lifespan:

• All of our code is licensed under the Apache-2.0 license.
• Sufficient test coverage: https://out1-jtzj0nrcq.now.sh.
• We have a significant amount of documentation available online in several languages: https://iroha.readthedocs.io/en/latest/.
• We have completed the CII certification, which can be viewed here: https://bestpractices.coreinfrastructure.org/en/projects/960.

Here is the list of current issues with the project and suggested solutions:

• Project maintainers' and contributors' diversity. At the moment, the Iroha node codebase is maintained mostly by Soramitsu; contributors are comprised of Soramitsu employees with some non-Soramitsu individual contributions. Internationalization of the documentation is more diverse — language versions of English docs are maintained by many native speakers. We have a diversity plan and it is already in effect: https://wiki.hyperledger.org/display/iroha/Diversity+Plan.
• DCO — at the moment we are still introducing changes to the source code (mostly bug fixes), therefore it makes it hard to do the complete code freeze and modify the commit history so that it conforms to the standards. We would like to ask TSC's permission to ignore the issues until the code is frozen and only after fixing DCO we release first major release. We have a plan to execute once version 1.0 is released here: https://wiki.hyperledger.org/x/gRJi

We have a strong end user support base; this can be seen from the significant activity that we see on our Rocket.Chat channels (755 users), telegram chat (291 member) and Stack Overflow (41 questions). Our docker image was pulled 54'000 times as of 2019-03-11 https://hub.docker.com/v2/repositories/hyperledger/iroha/.

We welcome the TSCs review of this request, and we are happy to follow-up and answer questions via email or by joining the weekly TSC call as required.

Best regards,

HL Iroha Maintainers team


Contact person: Nikolai Iushkevich, nikolai@...



TSC meeting 14 March 2019 proposed agenda

Ry Jones
 

All,
The proposed agenda for the meeting next week is available:

For TSC members to review:

As a reminder, you don't need to be a TSC member to propose an item for discussion.
Ry
--
Ry Jones
Community Architect, Hyperledger


The TSC call for 07-MAR-2019 is cancelled

Ry Jones
 

TSC members: please review the Explorer update:


--
Ry Jones
Community Architect, Hyperledger


Hyperledger Internship Mentor and Project Proposal Deadline this Friday, March 8th

Min Yu
 

Hyperledger Community -

Please remember to submit your internship project proposal by this Friday, March 8th

Here you will find the list of projects that have been proposed and are pending TSC review and approval.

Applications for those interested in applying to be an intern will open up the week of March 18th.


Kind regards,
Min
--
Min Yu
Operations Manager
The Linux Foundation
+1(530) 902-6464 (m)



On Mon, Feb 25, 2019 at 8:39 AM Min Yu <myu@...> wrote:
Dear Hyperledger Community Members,

Thanks you to those who are interested in mentoring and have already submitted the internship project proposals.

We have decided to give the community some additional time - the new deadline to submit a project proposal has been extended to March 8. You can submit the project proposal directly on the wiki using the pre-set template.

For students who are interested in applying, the applications will open up in mid-March and the detailed application instructions will be coming soon.

We would appreciate it if you share the information with others in your network. 

Kind regards,
Min

--
Min Yu
Operations Manager
The Linux Foundation
+1(530) 902-6464 (m)



On Mon, Feb 18, 2019 at 8:54 AM Min Yu <myu@...> wrote:
Dear Hyperledger Community Members,

Hyperledger is expanding the internship program to fund 15 internship projects this year. The internship program is aimed at creating a structured hands-on learning opportunity for new developers who may otherwise lack the opportunity to gain exposure to Hyperledger open source development and entry into the technical community. Additional program information, including the program timeline, is available on the wiki.

This is a great contribution opportunity for community members like you to get involved. Whether you're looking for fresh ideas or perspectives, or mentoring opportunities, or additional contributors for your project, the internship program provides a pathway for you to work with aspiring student developers. 

Please submit a project proposal and volunteer yourself as a mentor; the deadline for submission is this Friday, February 22nd.     

Thank you,
Min
--
Min Yu
Operations Manager
The Linux Foundation
+1(530) 902-6464 (m)





[Smart Contracts WG] Law Experts

Sofia Terzi
 

Dear all,

 

Please note that the Smart Contracts Working Group deals with Law concepts regarding smart contracts design, development and deployment in an effort to create a taxonomy

 

If there are any law experts among you or it happens you know someone who would be interested to participate and contribute to our work let them know

 

I am including the WG Wiki link for your convenience https://wiki.hyperledger.org/display/SCWG/Smart+Contracts+Working+Group and the Mailing List subscription link https://lists.hyperledger.org/g/smart-contracts-wg

 

Thank you all for your precious time and looking forward to hearing from you

 

Best,

Sofia

---------------------------------------------------------------------

Sofia Terzi | Blockchain Solutions Architect MSc.

[Email] <sterzi@...>

[CERTH-ITI] <https://www.iti.gr/iti/index.html>

 

 


TSC call for 28 FEB 2019 is cancelled

Ry Jones
 

The agenda items will be moved to the following week.

Ry
--
Ry Jones
Community Architect, Hyperledger


Re: Hyperledger Explorer Quarterly Update Due #tsc-project-update - Thu, 02/28/2019 #tsc-project-update #cal-reminder

Dorothy Cheng <dcheng@...>
 

Dear sender

Thanks for your email.

I am currently on business travel with limited access to email. I will response to you as soon as I can. Thanks for your patience.

Regards
Dorothy Cheng
Marketing and PR Manager, Asia Pacific - Hyperledger
The Linux Foundation APAC


Hyperledger Explorer Quarterly Update Due #tsc-project-update - Thu, 02/28/2019 #tsc-project-update #cal-reminder

tsc@lists.hyperledger.org Calendar <tsc@...>
 

Reminder:
Hyperledger Explorer Quarterly Update Due #tsc-project-update

When:
Thursday, 28 February 2019

Organizer:
tkuhrt@...

Description:
The Hyperledger Explorer update to the TSC was due February 25, 2019, and it will be presented to the TSC on February 28, 2019. Please review the update at TSC Project Updates prior to the meeting and add your questions to the update.

View Event


Deadline Extended to Friday, March 8: Call for 2019 Hyperledger Internship Projects and Mentors

Min Yu
 

Dear Hyperledger Community Members,

Thanks you to those who are interested in mentoring and have already submitted the internship project proposals.

We have decided to give the community some additional time - the new deadline to submit a project proposal has been extended to March 8. You can submit the project proposal directly on the wiki using the pre-set template.

For students who are interested in applying, the applications will open up in mid-March and the detailed application instructions will be coming soon.

We would appreciate it if you share the information with others in your network. 

Kind regards,
Min

--
Min Yu
Operations Manager
The Linux Foundation
+1(530) 902-6464 (m)



On Mon, Feb 18, 2019 at 8:54 AM Min Yu <myu@...> wrote:
Dear Hyperledger Community Members,

Hyperledger is expanding the internship program to fund 15 internship projects this year. The internship program is aimed at creating a structured hands-on learning opportunity for new developers who may otherwise lack the opportunity to gain exposure to Hyperledger open source development and entry into the technical community. Additional program information, including the program timeline, is available on the wiki.

This is a great contribution opportunity for community members like you to get involved. Whether you're looking for fresh ideas or perspectives, or mentoring opportunities, or additional contributors for your project, the internship program provides a pathway for you to work with aspiring student developers. 

Please submit a project proposal and volunteer yourself as a mentor; the deadline for submission is this Friday, February 22nd.     

Thank you,
Min
--
Min Yu
Operations Manager
The Linux Foundation
+1(530) 902-6464 (m)





TSC Meeting Minutes for 21 February 2019

Dave Huseby <dhuseby@...>
 

Hi TSC,

The meeting minutes, including video and audio recordings can be found on the Hyperledger wiki here: https://wiki.hyperledger.org/display/HYP/2019+02+21+TSC+Minutes

Thank you all for your contributions to making the TSC meetings so productive.

Cheers!
Dave
---
David Huseby
Security Maven, Hyperledger
The Linux Foundation
+1-206-234-2392
dhuseby@...