Developers Meeting on Thurs, November 20, 2025

Time/Location

20 Nov 2025 from 15:00-16:00 UTC

Location: https://lyrasis.zoom.us/my/dspace?pwd=RTk4QUhISnhPRi9YenVrTFJKbDllQT09 (Meeting ID: 502 527 3040).  Passcode: dspace

• More connection options available at DSpace Meeting Room

Agenda

• Discussion Topics - If you have a topic you'd like to have added to the agenda, please just add it. 
  1. DSpace & DSpace-CRIS potential merger discussions
     
     1. DSpace and DSpace-CRIS Planning Groups - wiki pages to follow along with ongoing discussions.
  2. Other topics
     1. Pulling some spring XML from src/main/resources into config folder (e.g. spring-dspace-addon-validation-services.xml) (Kim)
     2. Overlap of new suggested Provenance enhancements and Audit Trail.  How do we want to deal with these overlapping feature suggestions?  See also https://github.com/DSpace/DSpace/issues/11522#issuecomment-3517584967
        1. Audit Trail work (nearly finished/partially approved): https://github.com/DSpace/DSpace/pull/11072 and https://github.com/DSpace/dspace-angular/pull/4576 .  When enabled, tracks DSpaceObject metadata changes, bundle creation/deletion, bitstream add/remove/replace (with checksum). Audit trail is stored separate from each object and is searchable globally or at an object level.
        2. Enhanced Provenance for Bitstream create/delete:  https://github.com/DSpace/DSpace/pull/11477
        3. Enhanced Provenance for Bitstreams (add/remove bitstream, embargo setting, policy changes) and Items (add/remove/replace metadata, collection moves/mapping, policy changes): https://github.com/DSpace/DSpace/pull/11534
     3. Angular 20 Upgrade is ready to merge: https://github.com/DSpace/dspace-angular/pull/4804
     4. Enable "stale" checks of Issues and PRs: https://github.com/DSpace/DSpace/pull/11550
• Board Review:
  • 10.0 Project Board - Review PRs collaboratively or Assign new PRs to volunteers to code review and/or test.
  • Backlog Board - Are there any tickets here stuck in the "Triage" column?  We'd like to keep this column as small as possible.
  • Maintenance Board (9.x, 8.x, 7.6.x) - Known bugs can be found here, along with any backported bug fixes.
• Upcoming Topics: (Let us know if there are topics you want to discuss in future weeks)
  • Potentially auto-closing "stale" issues and PRs: https://github.com/DSpace/DSpace/pull/11550
  • Revisiting Nx / modularization discussion: Prototyping Nx vs Angular CLI Workspaces
    • Preparation PR (preparing for possible Nx or Angular Workspaces migration): https://github.com/DSpace/dspace-angular/pull/4629
    • Prototype Angular Workspaces PR: https://github.com/DSpace/dspace-angular/pull/4783
    • Original Nx PR (example full migration to Nx): https://github.com/DSpace/dspace-angular/pull/4019
  • Follow-up on "aggressive bot" discussion:  https://github.com/DSpace/dspace-angular/issues/4565
    • PR to update our built-in "rate limiter": https://github.com/DSpace/dspace-angular/pull/4620

Attendees

• Tim Donohue 
• Holger Lenz 

• Art Lowel (Atmire) 

• Andrea Bollini (4Science)

• Giuseppe Digilio (4Science) 
• Paulo Graça
• Mark H. Wood 
• Grazia Quercia (4Science)
• Stefano Maffei (4Science)
• Julian Timal (eScire) 
• Martin Walk 
• Melissa Anez  
• Pascal-Nicolas Becker 
• Pierre Lasou 
• Kim Shepherd 
• Nicholas Woodward 
• Sascha Szott 
• Marsa Haoua 
• Jesiel Viana 
• Arturo Garduño Magaña 
• Scholaris Team

Current Work

Project Boards

• DSpace 10.0 board: https://github.com/orgs/DSpace/projects/32
• DSpace 9.x, 8.x and 7.6.x maintenance board: https://github.com/orgs/DSpace/projects/29

To quickly find PRs assigned to you for review, visit https://github.com/pulls/review-requested  (This is also available in the GitHub header under "Pull Requests → Review Requests")

Goals for 10.0

To be decided by DSpace Steering Group with feedback from Leadership Group. 

Priorities listed at DSpace Release 10.0 Status. 

Goals for 9.2 / 8.3 / 7.6.5

Deadline is TBD for 9.2, 8.3 and7.6.5.  Bug fix releases do not have fixed/scheduled deadlines. Instead, the developer team will determine when to create a release based on the significance of the issues to solve. (e.g. If major issues are fixed, then a bug fix release will occur more rapidly.  If minor issues are found, then a bug fix release may be delayed until sufficient fixes have been made to warrant a release)

• Bug/security fixes only.  These minor releases will not include any new features.
  • New "themeable components" (for dspace-angular) are allowed in bug fix releases, provided that they don't significantly modify component behavior or similar.
  • Accessibility fixes are also allowed in bug fix releases, provided they don't significantly modify component behavior or similar.
• Bug fix PRs should be created against "main" branch where possible. The "main" branch has the most strict code style rules. (i.e. PRs created against dspace-7_x  are becoming more difficult to port forward.)
• Per our support policy, bug fixes are only guaranteed to be ported back to 9.x.  That said, where possible, we'll try to backport bug fixes (especially significant ones) to 8. x and 7.6.x.

Try "Pull Request Trading" for a quicker review

Do you have a PR stuck in "under review" that you really want to see move forward?  Or maybe it's someone else's PR but you want to get it more attention?

See Trading reviews on Pull Requests for how to get immediate attention to that PR!

Notes

DSpace-DSpace-CRIS Merger

• Leadership met on Nov 19 and voted on the merger of DSpace and DSpace-CRIS. A public announcement communicating the result of this vote is expected in the next few days

Provenance and Audit Trail System Overlap

The majority of the meeting focused on whether proposed pull requests should enhance

• The provenance metadata field, or
• The new audit trail system

Context

Several PRs were submitted to extend provenance tracking. These overlapped with a larger audit trail feature already in development, which led to confusion and the need for alignment.

Background

Audit Trail is for: 

• System actions occurring within DSpace (machine-recorded)

• Tracking what happened, when, and by whom, while an item resides inside the repository

Provenance is for: 

• Major history or chain-of-custody information that should travel outside of DSpace

• Information that may pre-date or post-date DSpace storage

• Metadata that should “outlive the system” if the item is exported to another repository

Concerns

Risk of Duplication & Confusion:

• Several participants worried that both systems tracking the same information would confuse administrators and future developers

Storage Bloat:

• Writing too many detailed system-level events into provenance could produce very large metadata fields that offer little value if the information already exists in the audit trail.

Audit Trail Should Be Automated

• Audit trails should not be manually editable – otherwise auditors would distrust them. Provenance can contain manually added entries when needed.

GDPR / Privacy Implications

• Tracking additional information may have GDPR implications and must be considered carefully.

Proposed Resolution Path

Working Definition Moving Forward:

• Keep major curated, historically important object changes in provenance.

• Keep day-to-day system events in the audit trail.

Examples of what may belong where:

Flexibility for Sites

Both systems may remain configurable so administrators can choose:

• provenance only

• audit trail only

• or both, depending on institutional requirements

Next Actions

• Tim Donohue will create a ticket outlining the working rules for what belongs in each system. 

• Community may consult with external curation experts (e.g., DCAT) for professional guidance on what archival standards recommend.

Pull Requests and Implementation Notes

• Some functionality (metadata changes, bitstream changes) is already tracked in the audit trail, while others (e.g., item collection transfer, certain policy changes) would need additions.

• PR authors may be asked to reframe their contributions to use the audit trail framework instead of provenance, where appropriate. 

• Where overlapping work already exists, PRs should be cross-linked to avoid isolated development.

GitHub Cleanup – Automatically Marking Stale Issues

• Tim Donohue proposed enabling GitHub automation to:

  • Flag inactive PRs after long periods

  • Automatically close them after 2 weeks if no action is taken

• High-priority items would never be automatically closed

• Some PRs and tickets have been open for nearly 10 years, and this system would help with backlog grooming

• Briefly looked over and discussed https://github.com/DSpace/DSpace/pull/11550

Key Decisions & Agreements

Consensus Emerging

• Audit trail and provenance should not completely duplicate each other.

• Audit trail should track technical changes within DSpace.

• Provenance should focus on essential, long-term descriptive history.

Expected Actions

• Create explicit written guidance on what belongs where.

• Align overlapping PRs and possibly rework some to use the audit trail.

• Configure systems so sites can choose provenance, audit trail, or both.

• Possibly consult with digital curation experts before finalizing policy.

• Introduce GitHub automation for aging PRs (experimental).