Master, 3.4 and 3.3 LTS branches updated to fix all known library CVEs. 2.93 LTS still to be done as it is more complicated. Need to investigate if we can fix CVEs without bumping to new major versions of FFmpeg and OpenEXR.
Proposed security policy wiki page can be published now, no need to wait for the 3.3LTS and 3.4 security fix updates.
Python Module
Ownership transferred to Blender Foundation, waiting for file size increase request to be able to upload full Blender builds.
No buildbot deployment automation yet. For 3.4 it will need to be manually downloaded from buildbot and uploaded to pypi servers. This is to be added to the release checklist.
Release Process
Thomas will update the wiki page with points discussed in previous meeting.
Dalai will present this to the meeting based on chat with Francesco and Pablo.
Initial feedback:
The number of releases is distinct from having overlapping release cycles, if 3 is better than 4, so be it.
Not having the overlap cycle also leads to a lot of overhead coordinating branches and external developers.
Short release cycles force developers to make sure what gets into master is closer to completion.
This may be a step back for external contributors.
Decreasing the number of releases to 3 makes it possible to allocate some of those extra weeks per release to bug tracker work and code quality days.
The proposal goes back to the draft board.
Proposal: Monthly module meeting
Sybren proposed to have a moment for other modules to share what they are working on.
Brecht proposes modules to use weekly updates instead to announce big changes or changes that affect the Blender project as a whole, with a one liner note, and have module owners keep up with that. Meeting with many attendees where everyone says what they are doing but that is too big for discussion may not be the best use of time.
Proliferation of different websites used for design and development planning
Makes it hard for developers not part of the particular project to follow and give feedback on things.
In general:
Don’t leave anything permanently only on external servers (google drive, hackmd, penpot, taiga, mural, …). Those can be used for collaboration during meetings, workshops, etc. But final results should be on blender.org domains.