12 January 2026 - GitProxy Meeting Minutes

[kriswest]

Date

20260112 - 4pm GMT / 11am EST

Meeting info

• Meeting link

• Register for future meetings

Meeting notices

• FINOS Project leads are responsible for observing the FINOS guidelines for running project meetings. Project maintainers can find additional resources in the FINOS Maintainers Cheatsheet.

• All participants in FINOS project meetings are subject to the LF Antitrust Policy, the FINOS Community Code of Conduct and all other FINOS policies.

• FINOS meetings involve participation by industry competitors, and it is the intention of FINOS and the Linux Foundation to conduct all of its activities in accordance with applicable antitrust and competition laws. It is therefore extremely important that attendees adhere to meeting agendas, and be aware of, and not participate in, any activities that are prohibited under applicable US state, federal or foreign antitrust and competition laws. Please contact legal@finos.org with any questions.

• FINOS project meetings may be recorded for use solely by the FINOS team for administration purposes. In very limited instances, and with explicit approval, recordings may be made more widely available.

Agenda

• Convene & roll call (5mins)
• Review Meeting Notices (see above) and FINOS Antitrust Policy summary slide
• Approve past meeting minutes
  • 15th December 2025 - GitProxy Meeting Minutes #1300
• v2 release documentation PRs (docs: add v2 upgrade doc #1333, docs: architecture guide #1335)
• SSH implementation PR (feat(ssh): Add SSH agent forwarding #1332)
• Publish on release error (Failure to publish to NPM on pre-release #1334)
• Gauge interest on Docker Hub auto-publish
• Remove dependence on jsdelivr.net and possible unneeded dependency on chartist.js #1344
• Error messages displayed in admin UI when not logged in and broken login link #1345
• AOB, Q&A & Adjourn (5mins)

Meeting Minutes

• New participant introduction: Maahir Chauhan joined for the first time, introduced themselves as a full-stack developer from India with experience in CNCF projects. Assistance was offered for joining the community Slack.

• Approve past meeting minutes and previous actions review:

  • Completed action items were confirmed and checked off.
  • Uncompleted items were agreed to roll over, or clarified for next steps.
  • Some actions (e.g. homepage PR coordination) were closed or merged with others.

• v2 Release Documentation PRs:

  • @jescalada has drafted and opened two major docs PRs:
    • PR docs: add v2 upgrade doc #1333: v2 Upgrade/Migration guide, user-focused and curated beyond autogenerated release notes.
    • PR docs: architecture guide #1335: Architecture guide, with diagrams and clearer roles (admin, user). Both PRs are open for review and contributions from all.
  • Feedback was given on the need to clarify target audiences in documentation (admins vs users vs developers). @andypols will raise an issue to reorganise docs around these roles.

• SSH Implementation PR:

  • @fabiovincenzi reported PR feat(ssh): Add SSH agent forwarding #1332 for SSH agent forwarding is open, with additional tests added.
  • Coverage numbers discussed; some discrepancies between CI and codecov reporting noted.
  • Review requested from all, especially those deploying SSH features.
  • @jescalada to raise an issue to investigate coverage reporting accuracy.

• Publish on Release Error (NPM pre-release fail, Failure to publish to NPM on pre-release #1334):

  • Pre-release to NPM failed due to expired/revoked classic tokens; session-based tokens now needed, with 90-day expiry and 2FA.
  • @jescalada to escalate to FINOS admin/help@finos.org and TOC for guidance and solution, noting other projects may be impacted.

• Gauge Interest on Docker Hub Auto-publish:

  • Discussed pros and cons; agreed auto-publishing would help adoption and mirror established FINOS project practices.
  • @jescalada to enquire with FINOS about recommended registry (Docker Hub vs GitHub Container Registry) and process.

• Remove dependence on jsdelivr.net and chartist.js Remove dependence on jsdelivr.net and possible unneeded dependency on chartist.js #1344:

  • @kriswest will PR to eliminate jsdelivr CDN usage for dependencies (security/governance), and remove unused chartist.js if possible. No objections raised.

• Error messages in Admin UI when not logged in, broken login link Error messages displayed in admin UI when not logged in and broken login link #1345:

  • @jescalada has a quick fix for the issue and will open a PR; further review by @kriswest flagged for correct conditional handling.

• AOB:

  • @andypols shared successful deployment of GitProxy behind their load balancer after resolving authentication/load balancer edge cases.
  • No further urgent topics raised due to time constraints.

Agenda Items NOT Discussed

• Milestone/issues list review and update (planned for next meeting due to lack of time)
• GPG/SSH commit signature verification (deferred)
• Proposed discussion on GitProxy’s role in ingress/monitoring, and dependency scanning features (deferred)

Action Items

• All: Review PR docs: add v2 upgrade doc #1333 (v2 upgrade doc) and PR docs: architecture guide #1335 (architecture guide) and provide feedback.
• @andypols: Raise an issue to reorganise docs around admin/user/developer roles: Tailor usage docs/workflows for Administrators, Users, and Developers #1346
• @jescalada: Raise an issue to investigate CI/codecov coverage reporting discrepancies.
• @jescalada: Escalate NPM token/release problem to FINOS admin/help@finos.org and request long-term solution; clarify impact on other projects: Failure to publish to NPM on pre-release #1334
• @jescalada: Enquire with FINOS about recommended container registry and publication pattern for Docker images.
• @kriswest: PR to remove jsdelivr.net dependence and unused chartist.js; ensure all dependencies are local: Remove dependence on jsdelivr.net and possible unneeded dependency on chartist.js #1344
• @jescalada: Open PR for admin UI login error fix: Error messages displayed in admin UI when not logged in and broken login link #1345
• @06kellyjac: Address notification system design or schedule session if unavailable: Email notifications for reviews #1121
• @jescalada (with team): Continue diagnosing and fixing failing proxy tests : Failing proxy tests (test cleanup issues) #1294 Fix failing tests on Windows #1318
• @tabathad: Submit homepage quick fixes PR Update website homepage content #1277
• All: Provide LinkedIn testimonials/stories for homepage; notify @tabathad for inclusion: Update website homepage content #1277
• @kriswest: Raise Docusaurus docs versioning issue and snapshot 1.x docs: Add versioning and version selection to Git Proxy documentation #1347
• @andypols: Split error message UI improvements/reject reason features PR (feat: Add reject reason #1295) into smaller PRs.
• @kriswest and @jescalada: Review/update the V2 milestone/issues list.
• @coopernetes: Selectively backport critical fixes to 1.x and raise PRs.
• @sam-holmes2/@06kellyjac: Resolve conflicts and finalise Apache-2.0 licence headers PR (fix: Add Apache-2.0 license headers to source files (2) #1253).
• Team: Review and test dynamic frontend base URL handling in Docker Compose/end-to-end testing PR.
• @andypols: Investigate/refactor UI JS/TS code (upgrade MUI version?), consider options for transition from Material UI to Tailwind or sticking with (upgraded) MUI.

[kriswest]

Minutes posted - please check your action items (which I've tried to do a better job of linking to issues).

@grovesy would you be up for taking a look at #1332 from an architectural perspective. Also see the architecture overview @jescalada has put together in #1335

[grovesy]

@kriswest - of course, will replying on the two issues