2025 Collaboration Cafe Notes Archive#
2025-04-15#
Check-in :raising_hand:#
Min / @minrk / Simula
Raniere Silva / @rgaiacs / GESIS
Samuel Gaist / @sgaist / Idiap Research Institute
Erik Sundell / @consideRatio / Sundell Open Source Consulting AB
Angus Hollands / @agoose77 / 2i2c
Introduce yourself! :wave:#
agoose77— Hi all :wave:, I’m an OS Application Engineer at 2i2c, here on behalf of the Jupyter Book team. I’m joining these Collab Cafés following a suggestion from Kirstie Whitaker that the Jupyter Book team share this space: jupyter-book/team-compass#20
Celebrations and Shout-Outs :tada:#
Simon did a great job setting up jupyterhub/jupyterhub-container-images for publishing jupyterhub images. It will build our 5.3 release later today!
new GESIS mybinder federation member on Hetzner!
JupyterHub 5.3 release ready!
github-activity 1.0 released, it is used in our release processes, no need to install from main branch any more
Agenda :clock2:#
[name=Erik] (10m): JupyterHub org to pilot GitHub org wide security configuration
Working with the Jupyter Security Subproject, we have concluded it would be good to pilot if the “GitHub Recommended” org wide security configuration could be relevant to apply across all Jupyter’s 16 active GitHub org’s.
I propose JupyterHub takes the lead and pilots adoption of this security configuration, see jupyterhub/team-compass#768.
Agenda item goal: to make a decision if/when to trial applying the GitHub recommended security configuration in our org in a “don’t enforce” way.
[name=Min] (5m): JupyterHub 5.3 release today jupyterhub/jupyterhub#5048
Agenda finished early, so we tested enabling GitHub Recommened Security on jupyterhub/jupyterhub. Conclusion was that we should not enable this, due to the use of CodeQL (jupyter/security#102), but a very similar security policy (e.g. identical minus CodeQL) ought to be fine.
2025-03-18#
Check-in :raising_hand:#
Name / GitHub handle / affiliation
Kirstie W / @KirstieJane / Berkeley Institute for Data Science
Samuel Gaist / @sgaist / Idiap Research Institute
Raniere Silva / @rgaiacs / GESIS
Simon / @manics
Erik / @consideRatio / Sundell open source consulting AB
Wayne Decatur/ @fomightez / Upstate Medical University
Celebrations and Shout-Outs :tada:#
:speaking_head_in_silhouette: Thank you Yuvi for submitting a talk application to SciPy!
Agenda :clock2:#
Transferring some PyPI projects to Jupyter org
Old issue about setting up a PyPI org: jupyterhub/team-compass#649
About adding people to the PyPI org: jupyter-governance/ec-team-compass#101
Connections between JupyterHub and Jupyter leadership
Discussion: supportive of developer in residence programme
Question: Do we want to have people full time or part time? 100%, 50%, 20% - does that help people to participate? EG folks who are already paid to work in the stack but free up some of their time
Inspiration could come from: https://ev.kde.org/corporate/careers/
Remember that not everyone wants to be paid - there’s a lot of uncertainty and work involved in setting up a business as a contractor
Gift economy vs market economy (return on investment)
General agreement that not putting together an open process in this first year is the right choice
More important to spend the money quickly and experiment with what is going to be of benefit to the project / ecosystem as a whole.
Voices of JupyterHub update
Report around 80% done - a few more interviews to conduct but writing happening.
Retreat booked for 4 & 5 June: jupyterhub/team-compass#761
Next steps identifying agenda
Funds for childcare and dinner available for remote participants.
Aiming for true hybrid discussion - meaning remote attendees participate with the in person attendees (not parallel conversations)
2025-02-18#
Check-in :raising_hand:#
Name / GitHub handle / affiliation
Min / @minrk / Simula
Samuel / @sgaist / Idiap Research Institute
Erik / @consideratio / -
Celebrations and Shout-Outs :tada:#
JupyterHealth is adopted as part of JupyterHub
Lots of wonderful work on single-node members of mybinder federation by @yuvipanda and 2i2c
Agenda :clock2:#
Security-related work ideas in JupyterHub
Related to @krassowski writing about security work funding in Zulip
ideas:
Enable PKCE (“pixie”, /ˈpɪksi/) in JupyterHub
Requires database schema change to store code_verifier, otherwise relatively simple. Client-side already implemented in OAuthenticator.
Enables OAuth without a client secret (“public client”)
To be required in OAuth 2.1, but it’s unclear when it is to be a thing
A client ID is required, and tied to a redirect URL
Tech overview docs
Explore JWT, JWKs instead of opaque access tokens
scopes in JWTs signed with JWKs could enable auth without Hub requests (still need revocation)
Caveats around dynamic scopes like
inheritneed consideration
Refresh tokens, expiring token UX
JupyterHub should support refresh tokens
Improving JupyterLab UX of expiring/refreshing token would enable shorter expiration by default
JupyterHub as OIDC provider
needs JWT, maybe JWK
doesn’t need full benefits of JWKs, though
OIDCAuthenticator
no direct security benefit, but simplified deployment because OIDC specifies several configuration options derived from a single .well-known URL
Security-focused testing
there is probably tools and practices to verify security and authentication
for jupyterhub as an IdP, how do we verify that we implement OAuth2 correctly?
Are there best practices on testing OAuth2 functionality, specifically focused on ensuring we deny access correctly
2025-01-21#
Check-in#
Kirstie Whitaker / KirstieJane / UC Berkeley
Sarah Gibson / sgibson91 / 2i2c
Samuel Gaist / @sgaist / Idiap Research Institute
Raniere Silva / rgaiacs / GESIS
Min RK / @minrk / Simula
Erik Sundell / @consideRatio / Sundell open source
Wayne Decatur / fomightez/ Upstate Medical University
Yijun / yijunge-ucb / UC Berkeley
Dan Sholler / @dsholler / OrgMycology
Arielle Bennett / @arielle-bennett / The Alan Turing Institute
Maryam Vareth / @maryamv / UC Berkeley and UCSF
Introductions#
Kirstie Not really new to the meeting but a new job for 2025 - I’m now the executive director of the Berkeley Institute for Data Science, working with Fernando Perez as Faculty Director. We’re VERY excited about contributing into the Jupyter ecosystem :rocket:
Arielle Hi, I’m Arielle, senior researcher for open source practices at Turing. Interested in looking at open source contributions, communities, and technical support. I also contribute to The Turing Way which has close links with Jupyter!
Maryam Hi, I’m Maryam, and I serve as the CTHO at the Berkeley Institute for Data Science (BIDS), working very closely with Fernando Perez. I’m also the Managing Director of Agile Metabolic Health Inititave at UC Berkeley College of Computing, Data Science, and Society (CDSS), developing JupyterHealth which is being considered to be a subproject of JupyterHub (VERY exciting). We’re thrilled about the opportunity to become more involved and contribute to the JupyterHub ecosystem moving forward.
Yijun Hi, I’m Yijun and I work on UC Berkeley RTL’s datahub project. I am excited to learn more about JupyterHub and engage with the JupyterHub community.
Celebrations and Shout-Outs :tada:#
Simon Li (@manics) has done a lot of work related to ARM64 and IPv6!
If you’re on the JupyterHub Steering Council don’t forget to vote in the Executive Council 2025 Election
Yuvi, Min, Simon, Chris, Sylvain for handling OVH mybinder.org outage and working towards a cost effective new strategy!
Kirstie: Massive shout out to Sarah for stepping in to host when I had terrible internet problems!
Agenda#
Kirstie 10 mins: New year intentions! These can be personal or professional, related to Jupyter or not!
Doh - this got cut because Kirstie had terrible internet!
Dan 10-15 mins: Voices of JupyterHub update
Samuel 5 - 10 mins: Update on Renku / Amalthea operator
Min 5 - 10 mins: JupyterHealth adoption
To be approved/merged: jupyterhub/team-compass#755
Yuvi 10min: 2i2c mybinder federation member
Voices of JupyterHub#
Update from Dan
Please send recommendations of people who have stopped contributing to the community - really important cohort to learn from
What are the skills that someone needs to move from being a contributor to a maintainer
Expression of Interest for interviews https://docs.google.com/forms/d/e/1FAIpQLSfQ7cpwtDOPd2paYkU4gy60hwxXUxw-Nk1xa7Qu_MrBTfZeNA/viewform?usp=sf_link
Repo for the project: the-turing-way/jupyterhub-orgmyc-EOSS
Issues welcome! Topics we should cover, feedback on desired outputs, etc.
Results will also be published here, ongoing
Targeting mid-February for end of interviews and preliminary results
Renku / Amalthea operator#
Early access opportunity for 2.0!
Allows a few more user interface options
JupyterHealth#
Issue: jupyterhub/team-compass#752
Pull request: jupyterhub/team-compass#755
Recommendation from Samuel: https://www.chorus-tre.ch
Might be using Jupyter?
Work in a similar / overlapping area
Also connect to Simon for work in SATRE and UK TRE community
2i2c joining BinderHub Federation#
Update from Yuvi
Blog post coming soon from 2i2c
2i2c hub are in the federation and taking some traffic!
PR: (KW not sure how to find)
Can we reduce the technological and social costs - and the literal finanical costs! - to build up the BinderHub Federation
Kirstie - hand up to be involved in brainstorming how to promote the value of the Federation and why it is important to contribute into open