Hi Dev's
I'm wondering how and if we want to organise write access to the main
repository.
IMHO it's not clear enough who is capable of merging code to the master
branch. A "secret" IntelMQ-Contributors group exists on GitHub, nevertheless
the members of this group do only have "read" access.
For the sake of transparency such teams should be public and documented in
the "Development Guidelines".
In addition, I think access to the Issue-Tracker is to limited. More people
should be allowed to tag, assign, close, etc. issues. This would lower the
workload of the "Core-Team". They could focus on things with other
priorities.
I know that in GitHub it is not possible to differentiate between write-access
to the Repo and Moderator-access to the tracker. All tracker-moderators would
have write-access to the repo. Nevertheless, this differentiation could be
achieved by a set of community-guidelines.
We should discuss those on this list.
I think such guidelines are sufficient means of access control, as:
1) It's a distributed VCS, changes can be reverted.
2) Clearly communicate who is allowed to push to the repository and who is not
and how to get Into the "privileged group". One could use GitHub-Teams to do
that.
For example and discussion:
* IntelMQ-Core-Dev: List of beings allowed to push to the master
* IntelMQ-Contributors: List of beings allowed to push to feature and
development branches, if this granularity is required
* IntelMQ-Mods: List of beings allowed to moderate the tracker and
documentation, like the wiki, readmes, etc.
* IntelMQ-Website: List of beings allowed to edit the Website
Those groups must not be secret.
3) There could be rules like: If someone pushes to the repository who is not
allowed to do it, tell him/her it was a misbehaviour and revert the changes.
If it's an intentional misbehaviour and happens multiple times, discuss the
Issue and revoke his/her write access.
Best Regards
Dustin
--
dustin.demuth(a)intevation.de https://intevation.de/ OpenPGP key: B40D2EFF
Intevation GmbH, Neuer Graben 17, 49074 Osnabrück; AG Osnabrück, HR B 18998
Geschäftsführer: Frank Koormann, Bernhard Reiter, Dr. Jan-Oliver Wagner
Hello,
do we have vector sources for logo and letter head?
In particular for
https://github.com/certtools/intelmq/blob/master/docs/images/Logo_Intel_MQ.…
I am thinking about an admin interface for email tickets and contacts
(see https://github.com/certtools/intelmq/issues/708 (Basic technology:
serving web applications) and it would be useful to have a vector logo
version/source to create variations.
It seems to have come from cert.pt originally in 2014?
Best,
Bernhard
--
www.intevation.de/~bernhard +49 541 33 508 3-3
Intevation GmbH, Osnabrück, DE; Amtsgericht Osnabrück, HRB 18998
Geschäftsführer Frank Koormann, Bernhard Reiter, Dr. Jan-Oliver Wagner
Hi Seamus,
Am Dienstag 29 November 2016 15:26:12 schrieb Seamus Tuohy:
> I've always found that trying to negotiate with a designer for source files
> after the fact is a difficult conversation.
I know, but some designers are very cool, so asking a polite question can be
the shortest way.
> I am a pretty quick Inkscape tracer though. So, here you go.
> It's not perfect.
I've taken a quick look: Very good!
Thanks a lot!
My aim is to add this to the public intelmq sources within the next days.
My tendency is to leave the image in, because it is well positioned and useful
to have.
Best Regards,
Bernhard
--
www.intevation.de/~bernhard +49 541 33 508 3-3
Intevation GmbH, Osnabrück, DE; Amtsgericht Osnabrück, HRB 18998
Geschäftsführer Frank Koormann, Bernhard Reiter, Dr. Jan-Oliver Wagner
Hi,
Currently the rfc1918 bot does sanitize much more IPs than those
mentioned in RFC1918 (5 rfcs or even more)
So it probably makes sense to rename the bot. Do you have suggestions?
Or is RFC1918 well known as "the RFC with reserved IPs"?
And do you think it makes sense to make it more configurable? E.g.
en/disable the sanitation for IPs and Domains separately?
Sebastian
--
// Sebastian Wagner <wagner(a)cert.at> - T: +43 1 50564167201
// CERT Austria - https://www.cert.at/
// Eine Initiative der nic.at GmbH - https://www.nic.at/
// Firmenbuchnummer 172568b, LG Salzburg
Dear contributors and users,
In the last year there have been so many changes to intelmq and now we
are well on the way towards a stable release.
We propose to make *Feature Freeze* *and* a *first release candidate in
October* so we can focus on heavy testing and bug fixing.
This is also the starting point for a better branching strategy:
https://github.com/certtools/intelmq/issues/650
Then, when all issues are fixed, we can do the release of version 1.0.
Also, we plan to publish packages for some distributions, .deb as well
as rpm. Currently there are still some open questions. But the
installation via pip will be no longer the recommended for production
environments.
To help, you can look at the open issues for 1.0:
https://github.com/certtools/intelmq/issues?q=is%3Aopen+is%3Aissue+mileston…
Tough I am assigned to most of them, you are encouraged to comment,
review or fix some of the tasks listed there!
The intelmq-manager needs some work to get partially compatible and
*much work* to get it "release-ready", basically a complete rewrite. See
https://github.com/certtools/intelmq-manager/issues/80
Sebastian
--
// Sebastian Wagner <wagner(a)cert.at> - T: +43 1 50564167201
// CERT Austria - http://www.cert.at/
// Eine Initiative der nic.at GmbH - http://www.nic.at/
// Firmenbuchnummer 172568b, LG Salzburg
Dear IntelMQ-Devs,
whilst analysing our current setup and possible requirements, we discovered
that an aggregation of events within IntelMQ might be a reasonable thing to
do.
In [1] I sketched how this might work. I'd be glad if you could find the time
to comment on this approach and participate in the discussion.
[1] https://github.com/certtools/intelmq/issues/751
Best regards
Dustin
--
dustin.demuth(a)intevation.de https://intevation.de/ OpenPGP key: B40D2EFF
Intevation GmbH, Neuer Graben 17, 49074 Osnabrück; AG Osnabrück, HR B 18998
Geschäftsführer: Frank Koormann, Bernhard Reiter, Dr. Jan-Oliver Wagner
Hi IntelMQ-Devs,
when writing tests what is your development suggestion for
writing similiar tests?
My problem:
intelmq/lib/test.py test_bot_name()
checks that "Test class name must be Test{botclassname}."
But sometimes it would make sense to have a second test class
within one test file. For example in
intelmq/tests/bots/experts/modify/test_expert.py
I am reusing some of the data of this tile.
On this occasion I have used a different class name and
explicitely disabled the test_bot_name().
You can reach the code via this search:
https://github.com/certtools/intelmq/search?utf8=%E2%9C%93&q=test_bot_name
I can see some merit checking for a consistent naming.
However making it easier to write more tests is also a good aim
and it looks like a good pattern to write more than one test class
within one file.
What is your idea of solving this in the future?
(I meanwhile add another test using the same trick.)
Best Regards,
Bernhard
--
www.intevation.de/~bernhard +49 541 33 508 3-3
Intevation GmbH, Osnabrück, DE; Amtsgericht Osnabrück, HRB 18998
Geschäftsführer Frank Koormann, Bernhard Reiter, Dr. Jan-Oliver Wagner
Hi,
Sebastian and me recently had a meeting at CERT.at - discussing the minimal feature set that we still want to have (from our perspective) for putting a "1.0" label on it.
We came up with a list. I am now prioritising this list.
I took a trick which I learned from another software project and assign priorities to the issues I create in github in the form of Fibonacci sequence numbers: 1,2,3,5,8,13. The benefit of this is that an intuitive value of 13 is really as valuable/high prio as the sum of the previous two priorities.
It's rather a bit geeky, but it seems to work.
Example: https://github.com/certtools/intelmq/issues/722
Anyway. Just letting you know (so that you don't wonder what this is). This is merely to be read as hint as what I see as high prio.
Feel free to adapt the prios or discuss here.
Best,
a.
Hi *,
as of the discussion in https://github.com/certtools/intelmq/issues/657, I renamed the classification.identifier of the shadowserver snmp to "opensnmp".
This might have consequences in your eventDB if you store these events and group them by "classification.identifier".
Please (SQL-) UPDATE your previous entries in the eventDB in that case.
Thanks,
a.