We had a comprehensive security audit of Cactus v1.0.0 codes performed by a third-party company. The next release to fix the points from the review will be released soon in the next quarter.
The merge of pull-requests on the main branch had been stopped due to some unstable behavior of CI script since June, but we will make a counter measure to this problem soon.
Hyperledger-labs Weaver maintainers are welcomed to Cactus maintainers, and we are working on merge/collaboration with them.
- Have you switched from master to main in all your repos? Yes
- Have you implemented the Common Repository Structure in all your repos? Yes
- Has your project implemented these inclusive language changes listed below to your repo? You can optionally use the DCI Lint tool to make this a recurring action on your repo. Yes, we use DCI-Lint as part of our CI
- master → main
- slave → replicas
- blacklist → denylist
- whitelist → allowlist
- Have you added an Inclusive Language Statement to your project's documentation and/or Wiki pages? Yes
Questions/Issues for the TSC
None at the moment.
Overall Activity in the Past Quarter
- We were hard at work to make our Weaver merge/collaboration and made a branch for this collaboration work. On this branch, we welcomed two Weaver maintainers as the maintainers of this branch. After the merge, they will officially become maintainers on Cactus.
- We aim to bring as much Hyperledger interoperability work efforts together as possible to make the total output greater than the individual sums (code reuse enablement, shared testing infrastructure expertise, benchmarks, release management, etc.)
- The plan is to leverage our mono-repo project structure in order to make the above plans as painless/as low overhead as possible since we want to actively prevent bogging down everybody involved with administrative changes/refactorings/breaking changes required in the name of collaboration
- We continue to put effort into academic research (namely a research group within Hyperledger; several Hyperledger Summer Internships with a research component have been proposed and accepted).
Currently there are some unstable behaviors of our CI scripts and our pull-requests are stopped to be merged, but we already made a counter measure and the problem will be fixed soon. => https://github.com/hyperledger/cactus/pull/2096
After the above problem are fixed, we plan to finish the security audit of the 1.0.0 release and issue patch releases as necessary based on the findings (1.0.1, 1.0.2 etc.)
As is required, you can find our current maintainer list here: https://github.com/hyperledger/cactus/blob/main/MAINTAINERS.md.
Our existing maintainers are:
- Jonathan Hamilton (Accenture)
- Jagpreet Singh Sasan (Accenture)
- Peter Somogyvari (Accenture)
- Izuru Sato (Fujitsu)
- Takuma Takeuchi (Fujitsu)
- Sandeep Nishad (IBM) * NEW LAST QUARTER
- Venkatraman Ramakrishna (IBM) * NEW LAST QUARTER
Note that Sandeep and Venkatraman from Weaver project are currently working as the maintainers only on the branch to merge with Weaver. After the merge, we plan on adding them as Cactus maintainers.
Our contributor strength has increased in this quarter compared to the previous quarter, which is great news!