Hi folks,
Open Zaak 1.7.0 was just released and Open Notificaties 1.4 was released a
couple weeks ago.
The new version of Open Zaak implements Zaken API 1.1 and Catalogi API 1.1
- a step towards implementing all the latest versions of the API's from the
standard. We've also made a number of improvements to the Catalogi Admin
environment which will be welcomed by your admins designing "zaaktypen" :-)
Finally, we managed to also fix a number of bugs in Open Zaak again. The
full changelog is available on the documentation website
<https://open-zaak.readthedocs.io/en/stable/development/changelog.html#id1%3E>
.
Open Notificaties 1.4 implements some controls to ensure delivery of
notifications to subscribers, meaning it will keep retrying a number of
times before giving up. The full details and how you can configure this are
also specified in the documentation
<https://open-notificaties.readthedocs.io/en/stable/changelog.html#id1%3E.>.
Once the build has completed, all images will be available on Docker Hub
again. Issues and bugs can still be reported to Github.
Best,
Sergei
Hi everyone - this is a notice for the sake of transparency with regard to
a potential security vulnerability.
The Django team released security fixes related to potential SQL
injections. We've audited the Open Zaak code and found no vulnerable code
paths that make this exploitable.
Updating to new patch versions is tracked on Github:
https://github.com/open-zaak/open-zaak/issues/1207
Hi everyone - this is a notice for the sake of transparency with regard to
a potential security vulnerability.
The Django team released security fixes related to potential SQL
injections. We've audited the Open Zaak code and found no vulnerable code
paths that make this exploitable.
To track this and prevent it in the future, I've created a Github issue:
https://github.com/open-zaak/open-zaak/issues/1136
Hello,
We're delighted to see that OpenZaak now meet 12 out of 15 criteria of the
Standard for Public Code:
https://github.com/open-zaak/open-zaak/blob/main/docs/introduction/open-s...
Of the remaining criteria, some may already be covered and only need
re-review and discussion, whereas others, like "Use plain English" would
require investing in improving the codebase and documentation.
We would like to hear what ambitions the community has this year to get
movement on meeting the Standard for Public Code.
Best regards,
Jan Ainali, Codebase Steward
jan(a)publiccode.net | +46762122776 | @jan_ainali
Foundation for Public Code https://publiccode.net
Hi everyone!
Open Zaak 1.6.0 and Open Notificaties 1.3.0 have just been released. Both
releases focused on upgrading our dependencies to keep receiving security
fixes from the underlying framework.
Users are advised to update as soon as possible to keep receiving future
security updates and keep the upgrade path as smooth as possible.
Additionally, the container images have been updated to use smaller base
images, both reducing the potential attack surface and resulting image
sizes.
Finally, a number of bugs in Open Zaak were fixed and some periodic project
maintenance performed. For the full list of changes and required manual
interventions while upgrading, please review the Open Zaak changelog
<https://open-zaak.readthedocs.io/en/stable/development/changelog.html#id1> and
the Open Notificaties release notes
<https://open-notificaties.readthedocs.io/en/stable/changelog.html#id1>.
As usual, the container images have been published to Docker Hub
<https://hub.docker.com/u/openzaak>.
Hi everyone,
I'd like to draw attention to this Github issue about funding:
https://github.com/open-zaak/open-zaak/issues/1104 I would like to have
this put on an agenda somewhere with people who make the budget-kind
decisions.
Some more context: recently there has been some questions about the Helm
Charts and container images of Open Zaak. In parallel of that, the
documentation of deploying on Kubernetes has been rewritten which
references these Helm charts. While processing the feedback, a budget issue
was raised on Github by me, pointing out the structural need to keep
supporting the infrastructure aspect of the community.
Hi Open Zaak community,
Some personal news as I'm leaving the Foundation for Public Code to start
another job in January. I will no longer belong to the organization
although I'll still be an enthusiastic public code supporter.
I didn't want to leave without sharing the Open Zaak videos I've worked on.
Here you can find the (still hidden) playlist
<https://youtube.com/playlist?list=PL_5ziu2gADmCnEhBPf2KXXjGqaAdI3epJ> that
will be published on Monday.
It's been an interesting time where I got to learn a lot about
open collaboration and got to know some of you better.
I wish you all the best in the future,
Alba
--
Alba Roza | Codebase Steward Communities & Product
alba(a)publiccode.net | @alba_roza
Foundation for Public Code | https://publiccode.net
We are proud to announce the release of Open Zaak 1.5.0! We have introduced
a number of new features, such as rootless container images, generic OpenID
Connect integration, performance improvements and a number of bugfixes.
Additionally, we have also updated the various deployment toolsets.
BEFORE upgrading, please make sure to read the release notes (
https://open-zaak.readthedocs.io/en/stable/development/changelog.html#id1)
and detailed upgrade instructions, as 1.5.0 requires some special
attention. You can read these here:
https://open-zaak.readthedocs.io/en/stable/installation/reference/1-5_upg...
Additionally, Open Notificaties 1.2.1 has been released for a while without
any spotlight shining on it. The 1.2.x line also has container image best
practices applied. The changelog is available on
https://open-notificaties.readthedocs.io/en/stable/changelog.html.
Please note that Open Notificaties no longer supports RabbitMQ as celery
result backend. This should not be a problem if you deploy using our
Ansible collection or Helm charts, but if you're running your own tooling,
you have to switch to Redis for this. You can review the Ansible roles or
Helm charts as a reference, they have been updated.
We recommend everyone to upgrade to these new versions, if only for the
better practices applied in the container images.
As a final note and announced earlier in this mailing list, we also want to
point out that you can sign up to the "Release Early Notice List" on
https://odoo.publiccode.net/survey/start/086e0627-8bc0-4b65-8aa9-f6872aba....
The Open Zaak technical steering team provides these notifications for some
releases because system administrators need time to schedule an update,
which can be especially important if a security vulnerability was resolved
in the update.
Hi all,
After the summer vacation, the technical steering meetings didn't continue.
In my opinion, this is fine and we only need to meet if necessary. But, I
think it's necessary to discuss a topic that we're struggling with at the
moment.
*Topic: Adding non-standard API features into Open Zaak*
In short, Open Zaak currently has version 1.0 of all ZGW API's implemented.
The ZGW API specifications however are evolving. Some of these API changes
are needed "now" and the question arrives if we should just add this
filter, this extra field, etc. without moving the entire API to the next
version (because that takes more time/money). Some features might even be
planned for a future version of the specification that is not released yet
(but we need now!)
The question: Should we be allowed to add some of these non-standard
features into Open Zaak (properly documented as a difference, and only if
it's in line with the future of the specifications)?
*Meeting proposal*
I propose to discuss this (and perhaps other topics) in the next meeting,
which I'll schedule on December 8, 14.00. If I don't hear anything before
November 17, I'll assume this date and time are okay.
Best regards,
Joeri Bekker
--
<https://opengem.nl>
Een initiatief van Maykin Media
Keizersgracht 117, 1015 CJ Amsterdam
tel.: +31 (0)20 753 05 23
http://www.maykinmedia.nl
Beste Allemaal,
In de afgelopen 1,5 half jaar heb ik met een aantal van jullie
samengewerkt. Het leek me daarom goed om jullie te melden dat Donderdag 27
oktober mijn laatste werkdag bij de Foundation for Public Code zal zijn.
Ik heb besloten dat het tijd is om een nieuwe uitdaging aan te gaan. Welke
dat is weet ik nog niet maar dat zal snel duidelijk worden ;-)
Ik wens jullie allemaal het beste en heel veel succes met het toepassen en
het in de dagelijkse praktijk brengen van Open Source in de overheid want
dat is en blijft hard nodig. Ook hoop ik dat de landelijke politiek de
komende kabinetsperiode meer structurele ondersteuning zal bieden voor
gemeenten en provincies om het gebruik van open source op te schalen en er
voor te zorgen dat het beheer en de ondersteuning van open source
communities en codebases beter wordt gewaarborgd.
Mijn telefoonnummer blijft hetzelfde en jullie kunnen mij vinden op
LinkedIn: https://www.linkedin.com/in/felixfaassen/
Mijn collega's Alba Rossa, Jan Ainali en Eric Herman zullen mijn taken
overnemen. Jullie kunnen ze bereiken via stewards(a)publiccode.net
Hartelijk dank voor de fijne samenwerking en ik spreek een aantal van
jullie wellicht nog in de Signalen product steering meeting.
Hartelijke groeten,
Felix
--
Felix Faassen, Codebase steward
Foundation for Public Code | https://publiccode.netgithub.com/publiccodenet | github.com/felixfaassen
felix(a)publiccode.net | +31 624633278