The W3C Credentials Community Group

Meeting Transcriptions and Audio Recordings (2014-today)

Go Back


Verifiable Traceability Task Force

Transcript for 2022-07-19

Agenda
https://github.com/w3c-ccg/traceability-interop/AGENDA.md
Topics
  1. IP Note, Agenda Review, Scribe Selection
  2. GitHub Issue & PR review
Organizer
Orie Steele, Mike Prorock, Mahmoud Alkhraishi
Scribe
Our Robot Overlords
Present
Chris Abernethy, Russell Hofvendahl (mesur.io), Ben - Transmute, nis, TallTed // Ted Thibodeau (he/him) (OpenLinkSw.com), Orie Steele, Ted Thibodeau, Vivien
Audio Log
Our Robot Overlords are scribing.
Ben_-_Transmute: Yeah all right I'll definitely I'll definitely take thirst first 30 minutes okay so the first thing we need to do is read the meeting notes so this meeting is held up by voiceover jitsi at the link and covers for requesting issues on items related to the various pieces of ccg projects related to traceability and the supply chain primary repositories are directed Track by the group for discussion or the traceability roof vocabulary and traceability intro.
Ben_-_Transmute: Perpetuity alternates between each of the above two repositories.
Ben_-_Transmute: Channel note the.
Ben_-_Transmute: For the weekend start up meeting so this week I believe we are in vocab correct.

Topic: IP Note, Agenda Review, Scribe Selection

Ben_-_Transmute: Okay we have a standing Agenda One IP note agenda review subscribe section agenda review IP note anyone can participate in these calls however all substantial contributions to any ccg work items must be members of the ccg with full IP are agreements signed in the URL and sure you have a w3c account that we three can carry license agreement and call notes these minutes and audio recording of everything set on the collar archived at.
Ben_-_Transmute: the link and then let's see and Jeff.

Topic: GitHub Issue & PR review

Ben_-_Transmute: I think we're okay to skip the rest of this after that Q other good stuff as we go so I guess let's go ahead and get started with traceability vocab pull requests.
Ben_-_Transmute: And we have one that is merged marked as merch first so I will go ahead and start with pull request or 74.
Ben_-_Transmute: Okay so since this is my poor request what this does is this goes through a lot of the verifiable credential or other verify credentials that I know adds a tag to The yellow section of them and Mahmood made a note on this to say can we have multiple tags and the answer is absolutely yes this there's nothing service for these tags currently the main reason I wanted to add them is because number one it makes scripting.
Ben_-_Transmute: Through credentials and searching through them.
Ben_-_Transmute: Here to say like hey give me all the credentials that relate to e-commerce I can search them and then write scripts and make changes as needed and then also later on we can service this and the respect document and the open API spec as needed to make how these are used more visible.
Ben_-_Transmute: so if there are no.
Ben_-_Transmute: Sentence to emerging 474 I will go ahead and do so.
Ben_-_Transmute: Okay merging 474.
Ben_-_Transmute: Okay and then going back and starting from oldest to newest I'll just go ahead and order the next one is pull request for 71 by this so feel free to take it.
Ben_-_Transmute: Okay any objections to emerging pull requests for 71.
Ben_-_Transmute: Okay merging for because 471.
Ben_-_Transmute: Next pull request is for 72 this is also mine and what it does is it updates our CI script for schemas to vote count that Jess and what this does is it reads through all the credentials as we're building the HTML for the gets built into the respect document and it looks for dependencies that are used inside the credential and it adds some has links under the schema credit under the exam.
Ben_-_Transmute: Just as a side note testing this locally really improved readability because you can quickly jump to other credentials that are related to these so thank you 40 any objections to merging pull requests for 72.
Chris_Abernethy: Yeah I like this one a lot.
Ben_-_Transmute: Okay it was it was a small change by I'm very happy with how it turned out so the next one is pull request for 73 posting in chat this is a very small change there is no description in the commercial invoice certificate example Jason and all this does is just add a quick description too.
Ben_-_Transmute: To that effect.
Ben_-_Transmute: So I think this should be a pretty easy one to merge our there any objections.
Ben_-_Transmute: Okay emerging 473.
Ben_-_Transmute: Okay then the next one is for request for 75.
Ben_-_Transmute: I guess I was pretty active this week I was looking through tickets that our backlog and just looking for easy ones to snipe this addresses issue 235 which we have issue which is we're using the issue for a issue and Trace vocab as a placeholder for our example Jason and this room looks at and updates it with new data for the relocation list 2020 status and your objections to merging 475.
Ben_-_Transmute: Okay the next one is 476 by 40.
Orie Steele: Right clean up workflow definitions this PR basically just updates the way that we were referring to some terms it gives us a way to link directly to the extensions we've made to the technical recommendation for verifiable credentials.
Ben_-_Transmute: Okay any objections to emerging 476.
Ben_-_Transmute: Okay the next one is fixing a crown description 478 -.
Ben_-_Transmute: Okay very small change I think everyone is okay with this says to approvals merging or some gate.
Ben_-_Transmute: Next one is for 79 by this looks like Russell yes what do you want to discuss for Sunday night.
Russell_Hofvendahl_(mesur.io): Yeah sure this provides a lot of this provides the credentials that will be needed for people to submit information about the CTE s critical tracking events and key data elements they can comply with the the new traceability rule by the FDA.
Ben_-_Transmute: Okay it looks like there is a bunch of conversations on the pull request nothing that is specifically blocking are there any objections or any final challenges before we merge 479.
Ben_-_Transmute: Okay merging it's okay.
Ben_-_Transmute: Merging for Sunday night.
Ben_-_Transmute: Okay the next one is 86 intend to important priority.
Orie Steele: Right talked with Mike Baroque about this this is a pull request which essentially just changes the name of a example credential I think Miss had mentioned something about a pull request that was based off of this that might be coming late so if Miss if you've already done that then we should merge yours instead of mine right.
Ben_-_Transmute: I think it's 486.
Ben_-_Transmute: 40 50 in 1020 Fort certificate okay.
Orie Steele: And it won't have any changes that I would merge to mine like if I accept tall Ted's grammar correction it will then create a conflict between these two and we would want to take yours if it's more substantive first and then go back and make that change.
Orie Steele: That's excellent so I would prefer we take yours which is pull 485.
Ben_-_Transmute: Okay so I will I will jump in order and merge 45 do we want to do give a quick summary of what intention Port is covered.
Orie Steele: Now we've talked about it quite a lot it's signaling your intent to import and it has a full description of what it is in the pull request.
Ben_-_Transmute: Okay I will go ahead and if there's no check since I'll go ahead and merge both 45.
Ben_-_Transmute: Okay porch 45 was merch.
Ben_-_Transmute: You want to take a look at 40 and that actually automatically closed or a pork roast or a tea I think.
Ben_-_Transmute: I was nuts I just was worried about not losing those changes the next tournament is full of requests for 81 which is fixed term bug on raw material this is from this.
Ben_-_Transmute: Okay any objections to merging 481.
Ben_-_Transmute: Everyone is we've got for approvals merging or three and a half like this G forty-one next one is 482 which is also notice would you care to describe the changes and.
Ben_-_Transmute: Okay so if there's no objections to merging 482 I'm the only person who approved it but let's go ahead and now okay we have to to approvals up merging 42 and the next one is.
Ben_-_Transmute: 83 this is another.
Ben_-_Transmute: Fix so I think the same one applies I will go ahead and add an approval and anyone else who would like to see these changes fixed cannot improve on next two or three things.
Ben_-_Transmute: Okay that's that's perfectly fine so just small term changes emerging or 83.
Ben_-_Transmute: And the next one is 484 if this is what I think it is Russell might become my new favorite person.
Russell_Hofvendahl_(mesur.io): Yeah I hadn't thought of AG being confused for silver.
Ben_-_Transmute: Okay yeah that's the only thing I can either way it looks like it just changes the agriculture abbreviations to agriculture as a whole thing better Clarity better conventions I am super on board with this change any objections to pull request 44.
Ben_-_Transmute: Beautiful I agree merging 44.
Russell_Hofvendahl_(mesur.io): Is that is that a property with accidentally a capital name.
Russell_Hofvendahl_(mesur.io): Just a little.
Chris_Abernethy: Hang on hang on hang on I have what one question about the agricultural inspection report line 23 should that be capital I apologize I just saw it as we're looking through I think it doesn't have a capital name.
Orie Steele: So attributes or properties should be camelcase and classes or types should be title case that's the convention.
Russell_Hofvendahl_(mesur.io): Um can you repeat what time it is.
Chris_Abernethy: And I just created a change request.
Chris_Abernethy: It was line 263 okay.
Ben_-_Transmute: Let's see should I try birth the commit to go ahead and.
Orie Steele: We should probably take a follow-up.
Russell_Hofvendahl_(mesur.io): Yeah right away.
Orie Steele: Take a tissue or a subsequent pull request if it's very smoke if I do that.
Russell_Hofvendahl_(mesur.io): I can probably didn't real quick but so.
Ben_-_Transmute: All right so just handle another poll request I think that would be perfectly fine.
Ben_-_Transmute: Expert report yeah just handle than a holy roller coasters.
Russell_Hofvendahl_(mesur.io): Sure so another pull request you said.
Ben_-_Transmute: I think though easiest.
Ben_-_Transmute: Okay important intend to import workflow so this is 486.
Chris_Abernethy: You do the other one.
Orie Steele: Let's do it.
Ben_-_Transmute: Okay yeah I think although all of the remaining four of us are from you traceability presentations is the same thing that has uncommitted suggestions from Ted see my license number and C mon let's do 488 as that one seems very simple I can go ahead and describe this if you want to do commits such thing as license number added this is a small change to Seema.
Ben_-_Transmute: License where we a day.
Ben_-_Transmute: We're a missing license number which is a required attribute from the example and so this is just fixing a small error in the an example Jason that was not addressed until now so a 488 just fixes the example Jason for see my license this is a small change I would be extremely surprised if there are any objections any objections to merging poor request for Ada.
Ben_-_Transmute: Okay merging radiate.
Ben_-_Transmute: And what's up Russell.
Russell_Hofvendahl_(mesur.io): Actually I was just looking at your suggestion Chris and I'm not sure if I understand it currently agriculture package is lower case because it is a property named I don't understand why that would be capitalized.
Orie Steele: Seems correct if it's a property name that it should be camel case.
Chris_Abernethy: Yeah if my suggestion is not valid that's fine I was just going off of what I was seeing in that file as far as like patterns and how you were making these changes and that one seem different to me.
Russell_Hofvendahl_(mesur.io): Okay there are some where it says type agriculture package and those are referencing a file rather than a property there's somewhere there's a property name that matches with a schema name later.
Orie Steele: I'm tight yeah.
Russell_Hofvendahl_(mesur.io): Cool so that one might be measurable then.
Orie Steele: That one was emerged as far as I'm aware.
Russell_Hofvendahl_(mesur.io): No rape your breasts are great.
Ben_-_Transmute: Yeah yeah so if there if there's no changes then there's no need to put up a subsequent PR to address those changes.
Russell_Hofvendahl_(mesur.io): Great thank you.
Ben_-_Transmute: Okay the next one to draw attention to is 489 so we get feedback from just which said that rather than the PHD a status message this credential or specifically refers to the status of a shipment and they wanted to make that a lot easier to understand in terms of shipment status and that is why this credential has been changed to from PJ status message to PGA shipment status.
Ben_-_Transmute: It looks like there is.
Ben_-_Transmute: Request on conflict on the on the on the pull request is there any objections to merging this outside the call or a sink as soon as this conflict has been resolved.
Ben_-_Transmute: Not I will make a.
Orie Steele: No I'll leave a comment saying that.
Ben_-_Transmute: Okay and that looks like we gave Miss enough time to address the feedback so do you want to come back to 486.
Ben_-_Transmute: It says outdated suggestion so it looks like there might have been.
Orie Steele: Can you link to the comment in the chat.
TallTed_//_Ted_Thibodeau_(he/him)_(OpenLinkSw.com): Sorry I'm looking at it now.
TallTed_//_Ted_Thibodeau_(he/him)_(OpenLinkSw.com): Right in the that line in the line 5 that you had changed.
TallTed_//_Ted_Thibodeau_(he/him)_(OpenLinkSw.com): You put into that description it's at the far end but the far right.
TallTed_//_Ted_Thibodeau_(he/him)_(OpenLinkSw.com): That's the same description that was up above so.
TallTed_//_Ted_Thibodeau_(he/him)_(OpenLinkSw.com): Intention to intended use that's all.
TallTed_//_Ted_Thibodeau_(he/him)_(OpenLinkSw.com): You took the notes to myself there you go yep.
Ben_-_Transmute: Okay so are we saying it's are we okay for all requests for 87.
Ben_-_Transmute: Or are we or do we want to say that it can be marched outside of meeting once it's been addressed which one would you prefer this.
Ben_-_Transmute: Okay any objections to the Virgin 4:15 87.
Ben_-_Transmute: Searching for Ethan.
Ben_-_Transmute: Okay 486 is green and gray to be addressed I think we already talked about this door okay and there is currently no approvals on it everything has been resolved in the comments adding a approval hear any objections to emerging for requests for 86.
Ben_-_Transmute: Okay merging poor quest for 86.
Ben_-_Transmute: And then that leaves us with our last poll requests which is opj tell update which will be merged as soon as the conflict has been resolved so that concludes traceability vocab.
Ben_-_Transmute: Okay that was one of the Lagos for questions I think we've hacked this do you want do you want to do traceability interrupt you two want to switch off 30 minutes like that.
Ben_-_Transmute: All right shows yours.
Chris_Abernethy: Right so this is if you remember last time we spoke I had a pull request to create two workflows that would allow you to rotate the G key and onboard new users with an encrypted environment file or a suggested that it would be helpful if we can do this on the command line so folks didn't have to generate personal access tokens with Google so I added a couple of wrapper script.
Chris_Abernethy: Is that you can run from the command line.
<orie> thank for the wrapper scripts... much nicer devx
Chris_Abernethy: Then call out and reuse this code that I already developed certain to run the workflows I also modify the documentation to indicate that instead of generating the personal access token you could use the personal access token from the command line the GitHub command line will dump that for you if you do I think it was GH off minus t so added functionality with some rapper Scripts.
<orie> excellent documentation!
<orie> awesome work!
Chris_Abernethy: Yep so 288 is a modification to the open API spec when you are issuing a credential the that the issuer ID is required the spec was not correctly requiring it if it was presented to issue is presented as an object with an ID parameter so this adds a requirement on the ID parameter when it's an object for.
Chris_Abernethy: Yeah that's the embedded schema for conformance testing.
Chris_Abernethy: So this is one of many conformance tests additions I've added this particular one let's see ads conformance testing for the did Jason and point and the identifiers did and point.
Chris_Abernethy: Not for those two endpoints but for additional conformance testing.
Chris_Abernethy: I'm so 292 this is the first of I think what is going to be several conflicts but the essence of this one is modifying the variable name used to hold the response schema for validation of the credentials issue endpoint initially it was called response schema 201 which is not very descriptive and will Clash when we do a response game of 2001 validation for presentations proof so simply renamed.
Chris_Abernethy: That it was a bit more descriptive and won't clash with other variables doing similar schema work.
Chris_Abernethy: Or he just added one.
<orie> This is excellent as well
Chris_Abernethy: This one is mine as well so when the new conformance reports list all of the tests that are run the assertions on the left hand side and they did not include any sort of name spacing to indicate which end point they were for and we're going to be having a lot of these and many of them will have similar names so this change request adds a bit of name spacing so that it's easily identifiable identifiable which.
Chris_Abernethy: Test the assertions belong.
Orie Steele: Can you link the pull request in chat please.
Orie Steele: Grade I've spoken to Mike about this I think we should merge over his objection and I can close the loop with him offline.
Orie Steele: This is to support did web essentially the did webs are unresolvable if you don't accept this this change.
Chris_Abernethy: Okay so this one.
Chris_Abernethy: This one started because there was a difference in what I was seeing in the facet view which was the list of tests with the boxes and what I was seeing in the Sunburst and the tree charts and the reason for that is that each test has multiple assertions and the Order of those assertions in the data frame is being used to drive this visualization is undefined so depending on when you ran it they.
Chris_Abernethy: might show.
<orie> go on, you can make a canonicalization joke
Chris_Abernethy: Singer Phelan so the first modification I did was to aggregate those so that we could determine you know if how many of these assertions passed and how many failed so that we could accurately reflect whether a test was fully passing fully failing or partially failing and in addition to fixing that are I also added a new color to the Chart so that we can visually see which ones were partially failing and if you scroll down there's a couple.
Chris_Abernethy: love pictures.
Chris_Abernethy: That show what it looks like now.
<orie> great name change
Chris_Abernethy: Okay so in a previous poll request there was a suggestion to rename the folder titled happy path to positive testing so I just carry that over to some of the other tests that were already in place so we are aligned on naming.
<orie> more professional looking
Chris_Abernethy: So this one is in relation to the context in a did document this is defined by did core to be either a string or an array that contains both or either strings or objects our spec said it had to be an array of strings so it admitted the just a string and the array containing objects possibilities so this modifies the spec to allow for those.
Chris_Abernethy: Three or four is adding the OS to related conformance - testing for credentials update so verifies that oauth is required in the request fail if it's not present there are several of these the first one you merge will merge the rest will conflict.
Chris_Abernethy: I believe it will look like this as well 306.
Chris_Abernethy: So this one has to do with changes that we made when we added the conformance testing we now publish report artifacts into separate folders under the reports folder and GitHub documents get a page excuse me so this modifies the reporters so that you can specify which of those two folders to use as the source when you're running it locally and it downloads the latest.
Chris_Abernethy: Ada and it does that by adding two different command line options either - see for conformance - I for interoperability they both also have long versions and this also sets the stage for 272 which is another issue that is around modifying the HTML template to be more specific depending on which type of report is being generated.
Chris_Abernethy: This one has a conflict wasn't expecting that but I'm not surprised because it's also modifies the postman test so this adds a test that when the issuer ID is provided in a credentials issue requests if it is a string but it is not in URI format then the expected result is a 400 bad request in this ad it's.
Chris_Abernethy: Appropriate - testing to be conformed.
Chris_Abernethy: I believe that was added last week.
Orie Steele: It's it's it's a requirement that comes from understanding verifiable credentials all ID values in verifiable credential are an alias of a tidy which must be a valid iri.
Chris_Abernethy: So this is ticketed or reopens while back regarding making the challenge property of presentation options be required this is simple schema change to implement that request.
Orie Steele: While we're on it just a comment regarding challenge challenge if it's a uuid requires sort of stateful management on the verifier side like the verifier has to remember that they've given you this uuid and that you know they're going to theoretically not accept the presentation over it if it comes to years later because that could be like indicating a problem you can fix this by making the challenge a Json web token or.
Orie Steele: Something that's signed by the verifier and then.
Orie Steele: Are Fire doesn't need to.
Orie Steele: Member all of the uuids that it's handed out and this has been raised on a few issues and I'm just pointing it out here because the structure of challenges and a string it doesn't say that challenge has to be a uuid and there's a really good reason why you might want that challenge to be a JWT namely the example that I just gave so I'm just providing verbal context because I'm sure we eventually we will see those issues come up and hopefully people will remember what it said.
Orie Steele: Yeah it's amazing amazing work truly amazing.