April advisory board minutes

Author: SethTisue

minutes/_posts/2023-01-16-january-16-2023.md

@@ -10,7 +10,7 @@ Scala Center website.
 ## Summary
 
 The following agenda was distributed to attendees:
-[agenda](https://github.com/scalacenter/advisoryboard/blob/master/agendas/027-2022-q4.md).
+[agenda](https://github.com/scalacenter/advisoryboard/blob/main/agendas/027-2022-q4.md).
 
 Center activities for the past quarter focused on in-person events
 (conferences, summits, sprees, meetups, and workshops), online events,

minutes/_posts/2023-04-27-april-27-2023.md

@@ -0,0 +1,122 @@
+---
+layout: contact
+---
+
+# Minutes of the 28th meeting of the Scala Center, Q1 2023
+
+Minutes are [archived](https://scala.epfl.ch/records.html) on the
+Scala Center website.
+
+## Summary
+
+The following agenda was distributed to attendees:
+[agenda](https://github.com/scalacenter/advisoryboard/blob/main/agendas/028-2023-q1.md).
+
+Center activities for the past quarter focused on TODO
+
+Details are below and in the Center's activity report:
+
+* [report](https://scala.epfl.ch/records/2023-Q1-activity-report.html)
+
+Two new proposals were received this quarter:
+
+* [SCP-029](https://github.com/scalacenter/advisoryboard/blob/main/proposals/029-sbt-community-repository.md): Sbt community repository
+* [SCP-030](https://github.com/scalacenter/advisoryboard/blob/main/proposals/030-governance-page.md): Governance page
+
+Both proposals were voted on and accepted by the board.
+
+Other business discussed included TODO
+and company overviews for Morgan Stanley and Spotify.
+
+## Date, Time and Location
+
+The meeting took place virtually on Thursday, April 27, 2023 at
+15:00pm (UTC).
+
+Minutes were taken by Seth Tisue (secretary).
+
+## Attendees
+
+Officers:
+
+* Chris Kipp (chairperson)
+  * also board member, representing Lunatech
+* Darja Jovanovic (executive director), EPFL
+* Julien Richard-Foy (technical director), EPFL
+* Seth Tisue (secretary), Lightbend
+
+Apologies:
+
+* Martin Odersky (technical advisor), EPFL
+
+Board members:
+
+* Diego Alonso, 47 Degrees
+* Maureen Elsberry, Xebia Functional
+* Claire McGinty & Kellen Dye, Spotify
+* Krzysztof Romanowski, VirtusLab
+* Lukas Rytz, Lightbend
+* Daniela Sfregola, Morgan Stanley
+* Eugene Yokota, community representative
+
+## Technical report
+
+Julien summarized Scala Center activities since the last meeting.
+
+His remarks were based on the Center's Q1 quarterly activity report:
+
+* [report](https://scala.epfl.ch/records/2023-Q1-activity-report.html)
+
+And the Center's Q2 roadmap:
+
+* [roadmap](https://scala.epfl.ch/records/2023-Q2-roadmap.html)
+
+The following notes do not repeat the content of the report and
+roadmap, but only supplement them.
+
+TODO
+
+## Management report
+
+Darja also summarized Scala Center activities since the last meeting.
+
+TODO
+
+## Scala 2 report
+
+This was presented by Lukas.
+
+TODO
+
+## Community report
+
+TODO
+
+## Proposals
+
+### SCP-029: Sbt community repository
+
+TODO
+
+**Voting**: The proposal was accepted by unanimous vote of members
+present.
+
+### SCP-030: Governance page for Scala
+
+TODO
+
+**Voting**: The proposal was accepted by unanimous vote of members
+present.
+
+### Company overviews
+
+Daniela gave an overview of Scala usage at Morgan Stanley.
+
+Claire gave an overview of Scala usage at Spotify.
+
+(TODO: slides?)
+
+## Conclusion
+
+As was usual through 2019, we hope to hold an in-person board meeting
+later this year in conjunction with Scala Days.

records/2022-Q1-activity-report.md

@@ -49,18 +49,18 @@ the following:
 - We have reworked the structure of the Scaladex project by reorganizing the modules folder and simplifying the startup process. We have updated the local projects being indexed to get recent projects and releases. The goal was to simplify the process to develop locally new features and attract new contributors. Finally we have updated the contributing guide of Scaladex. ([link](https://github.com/scalacenter/scaladex/pull/878))
 - We have implemented a first admin task: the goal is to automate operations that would improve the maintenance of Scaladex like deleting old releases, or update github information for a particular project. The first one implemented will check for a particular project if any release is missing and then will index it ([link](https://github.com/scalacenter/scaladex/pull/948))
 
-### Github security alerts in sbt projects
+### GitHub security alerts in sbt projects
 
 for Scala 2 and Scala 3.
 
 *Keeping the software secure is critically important.
 Some major threats like [Log4Shell](https://en.wikipedia.org/wiki/Log4Shell) can happen at any time and impact a large number of organizations and companies.
-In June 2020 Github released Dependendabot to help developers keep their dependencies updated and secure.
+In June 2020 GitHub released Dependendabot to help developers keep their dependencies updated and secure.
 It does not yet support scanning sbt dependencies.*
 
-We collaborated with the Dependabot team at Github to create [sbt-github-dependency-graph](https://github.com/scalacenter/sbt-github-dependency-graph): an sbt plugin that can submit a report of all the dependencies to Github through the experimental Graph Dependency API.
-This plugin will be released along with its associated Github action as soon as Github makes the API public.
-Thanks to this tool, you will be able to view the [dependency graph](https://docs.github.com/en/code-security/supply-chain-security/understanding-your-software-supply-chain/about-the-dependency-graph) of your sbt projects in the Github UI and you will receive Dependabot alerts on vulnerable dependencies.
+We collaborated with the Dependabot team at GitHub to create [sbt-github-dependency-graph](https://github.com/scalacenter/sbt-github-dependency-graph): an sbt plugin that can submit a report of all the dependencies to GitHub through the experimental Graph Dependency API.
+This plugin will be released along with its associated GitHub action as soon as GitHub makes the API public.
+Thanks to this tool, you will be able to view the [dependency graph](https://docs.github.com/en/code-security/supply-chain-security/understanding-your-software-supply-chain/about-the-dependency-graph) of your sbt projects in the GitHub UI and you will receive Dependabot alerts on vulnerable dependencies.
 
 ### Getting started with coursier ([SCP-026](https://github.com/scalacenter/advisoryboard/blob/main/proposals/026-solidify-getting-started-with-coursier.md))
 

records/2022-Q2-activity-report.md

@@ -23,10 +23,10 @@ governance expert.
 
 For Scala 2 and Scala 3.
 
-We are collaborating with the Dependabot team at Github to build support for their security alerts in sbt projects.
-The main goal of this project is to harden the security of sbt projects hosted on Github by scanning their dependencies.
+We are collaborating with the Dependabot team at GitHub to build support for their security alerts in sbt projects.
+The main goal of this project is to harden the security of sbt projects hosted on GitHub by scanning their dependencies.
 
-We built [scalacenter/sbt-github-dependency-graph](https://github.com/scalacenter/sbt-github-dependency-graph), an sbt plugin that can submit all the dependencies to Github, and [scalacenter/sbt-dependency-graph-action](https://github.com/scalacenter/sbt-dependency-graph-action), a Github action that can configure and run the sbt plugin in a Github workflow. Those projects are being validated and are therefore not ready to be used.
+We built [scalacenter/sbt-github-dependency-graph](https://github.com/scalacenter/sbt-github-dependency-graph), an sbt plugin that can submit all the dependencies to GitHub, and [scalacenter/sbt-dependency-graph-action](https://github.com/scalacenter/sbt-dependency-graph-action), a GitHub action that can configure and run the sbt plugin in a GitHub workflow. Those projects are being validated and are therefore not ready to be used.
 
 ### Scala 3 Expression Evaluation in Metals' Debugger
 

records/2022-Q3-activity-report.md

@@ -71,7 +71,7 @@ Ideally we would like to be able to also run the tests in the background but thi
 
 For Scala 3 and Scala 2.
 
-We released [`scalacenter/sbt-dependency-submission`](https://github.com/scalacenter/sbt-dependency-submission) a Github action that submits the full graph of dependencies of an sbt project to Github for security scanning.
+We released [`scalacenter/sbt-dependency-submission`](https://github.com/scalacenter/sbt-dependency-submission) a GitHub action that submits the full graph of dependencies of an sbt project to GitHub for security scanning.
 It is used in more than [50 open repositories](https://github.com/scalacenter/sbt-dependency-submission/network/dependents?package_id=UGFja2FnZS0zMjE3ODc0ODM1).
 It can also be used in private repositories.
 

records/2023-Q1-activity-report.md

@@ -222,7 +222,7 @@ the detailed outcomes of the summit in this [blog article](https://scala-lang.or
 
 For Scala 2 and Scala 3.
 
-[scalacenter/sbt-dependency-submission](https://github.com/scalacenter/sbt-dependency-submission) is a Github action that submits all the dependencies of an sbt project to Github for scanning security vulnerabilities.
+[scalacenter/sbt-dependency-submission](https://github.com/scalacenter/sbt-dependency-submission) is a GitHub action that submits all the dependencies of an sbt project to GitHub for scanning security vulnerabilities.
 
 We made it possible to submit the dependencies of several sbt builds in the same workflow, in [#93](https://github.com/scalacenter/sbt-dependency-submission/pull/93) and [#96](https://github.com/scalacenter/sbt-dependency-submission/pull/96).