VOTE: hardware 2FA for project sensitive access
by Marc Jeanmougin
Dear leadership committee,
Your attention is required to vote on the following matters:
Background:
Some contributors have, or need to have, access to social media accounts
to post on the behalf of the project, or to infrastructure accounts,
most importantly gitlab. For computer security, we would like to protect
those accesses with a safe 2FA method, and the safest method to avoid
impersonation and phishing attacks is a 2FA hardware token with FIDO2 or
U2F. Then we would be able to set a policy to enforce 2fa when
contributors need access to passwords that would be shared on nextcloud,
or to contributors with "owner" access to gitlab projects.
The most common such token is the Yubikey (45€/$ a piece+10
tax+5shipping) but there are equivalents with open hardware component
and open source software (e.g. solokeys at 35€/$ incl. tax +5€ shipping,
or nitrokey ). As for the amount of people, the vectors team has around
10-15 people with some level of access to passwords of the project, 4
people do not have 2FA and have "owner" access to the whole gitlab
project, + 2 "maintainer" access to inkscape/inkscape (and more in other
sub-projects). We also have the possibility to offer it to all regular
contributors for whom it would be useful.
It is yet to be seen whether we could have a discount by asking, or if
there is a way to pay for the whole order and get a single reimbursement
instead of reimbursing individual contributors
Ballot:
a. Reimburse up to 2000 USD for password and project protection, and
also offering it to contributors who have been in the project for more
than a year and ask for it (implies support for option b)
b. Reimburse up to 1000 USD to protect the project's passwords on
nextcloud and gitlab project access (only contributors who have access
to nextcloud, and gitlab maintainer or owner access)
c. Do not do it
d. Other (please specify)
Thanks!
--
Marc
1 year, 2 months
PLC Meeting conflict
by Ted Gould
Hello Folks,
For the scout campout that I'm helping drive to next weekend they've decided to leave early to try and avoid traffic in Dallas. That'll mean leaving before the PLC meeting. While pulling over with a car full of 12 year olds and having a board meeting sounds like fun, I think I'm not going to make it.
If someone else wants to lead the meeting we can do that. Or I'm happy to reschedule for a week later (June 10th) and just do it then.
Sorry for the conflict.
Ted
1 year, 3 months
Inkscape 1.2 released !
by Marc Jeanmougin
================
= Inkscape 1.2 =
================
Thanks to all the work from our community, we are proud to announce that Inkscape version 1.2 is now released.
----------------
You can find out about the new features, and watch our showcase at: https://inkscape.org/news/2022/05/16/inkscape-12/
and download it for your platform on:
https://inkscape.org/release/inkscape-1.2/
then, if you want to support Inkscape, donate to the project at
https://inkscape.org/support-us/
----------------
Inkscape 1.2 is the latest major release of Inkscape, following one year
of development after the 1.1 major release.
The highlights of this release are:
* Inkscape documents can now hold multiple pages, which are managed by the new Page tool
* Editable markers and dash patterns
* Layers and objects dialog merged
* On-canvas alignment snapping and Snap settings redesign
* New 'Tiling' Live Path Effect
* Redesigned Export dialog with preview and ability to select objects/layers/pages and even multiple file formats to export to
* Import SVG images from Open Clipart, Wikimedia Commons and other online sources
* Selectable object origin for numerical scaling and moving
* All alignment options in a single dialog
* Gradient editing in the Fill and Stroke dialog
* Gradient dithering
* SVG Font Editor updated
* Flowing text around shapes and text padding
* Convenience Boolean operation for splitting paths
* Configurable Tool bar, continuous icon scaling and many more new customization options
* Performance gains for many parts of the interface and many different functions
* Lots of improvements to the user interface
* Numerous crash & bug fixes in the main Inkscape program and in in the stock extensions
We also introduced a long list of new features outlined in detail and
illustrated at
https://media.inkscape.org/media/doc/release_notes/1.2/Inkscape_1.2.html .
-----------------------------
Join an Inkscape project team
-----------------------------
Inkscape is always happy to welcome new contributors in various areas:
code[1], translation[2], UX[3], bug triaging[4], or even outreach[5]!
The main ways to get involved are listed onhttps://inkscape.org/contribute/
The preferred points of contact are:
[1]
https://lists.inkscape.org/postorius/lists/inkscape-devel.lists.inkscape....
+https://chat.inkscape.org/channel/team_devel (or libera.chat/#inkscape-devel)
[2]https://chat.inkscape.org/channel/team_translation
[3]https://chat.inkscape.org/channel/team_ux
[4]https://chat.inkscape.org/channel/bug_migration
[5]https://chat.inkscape.org/channel/team_vectors
A warm thanks to everyone involved in making this release possible!
-- The Inkscape team
1 year, 4 months
VOTE: Reimburse Martin for video music fee
by C R
Hey folks. This is just a quickie ask to reimburse Martin for footing the
music license fee for our current release video. This is a one-time cost,
and not setting any precedent for future video costs, or otherwise.
Those in the video discussion on GitLab wanted a more permissive license
for the new video music which would allow us to upload it with the video
assets, so they can be used freely under CC-BY-SA. The decision was made in
haste because the author of the music is going on holiday and needs the
money now, and our release is only days away.
There are lots of things we can do to prevent this in the future, but
that's quite beside the point imho. This is an accidental cost that was
covered by Martin, and I think it's not too much of a one-off ask to pay
him back for it.
Please vote:
A. Reimburse 91 Euros to Martin for paying for a FOSS-friendly license for
the current video music track for the project's benefit.
B. Don't reimburse.
Note: In the future we will be using exclusively CC-BY-SA or better from
the beginning since we discovered that CC-BY-ND doesn't work for remixing
or uploading to gitlab.
Thanks!
1 year, 4 months
VOTE: budget for mentors
by Marc Jeanmougin
Dear leadership committee,
Your attention is required to vote on the following matters:
Background:
Every year, we participate in GSoC, sometimes Outreachy, with a few
community members mentoring new contributors. This mentoring task takes
time and efforts, and offering support for potential mentors may help
them dedicate more time to it, and may help in the long run to have a
more diverse pool of mentors. In addition, the project gets a "project
stipend" from Google of 500$, so I'm suggesting to take from this amount
with 20% still for the project general funds.
Ballot:
a. Offer people who mentor students the possibility to ask for a stipend
of up to 400$ for the 2022 mentoring season
b. Do not do it
c. Other (please specify)
Thanks!
--
Marc
1 year, 4 months
