📝 Notes
Mar 6, 2026
Polina x Andrey — Weekly
Invited Andrey Sundiev Polina Khokhonova
Attachments Polina x Andrey — Weekly
Meeting records Transcript

Summary
Andrey and Polina discussed progress on the API migration project. The OAuth authentication blocker was reviewed, and Andrey agreed to escalate the security review. They decided to proceed with a rolling database migration to avoid downtime during the product launch window.

API Migration Status
Polina reported that the team hit a blocker with the authentication layer. The existing OAuth implementation does not support the new scopes required by v2. The code changes are estimated at two days, but the client reconfiguration requires security team approval. The request ticket is SEC-4521.

Database Migration
The schema migration scripts have been written and tested against production data. The team chose a rolling migration approach over a maintenance window.

Onboarding
Priya starts next Monday. Polina set up the onboarding checklist in Notion and paired the first three tasks with code review walkthroughs.

Decisions
Proceed with rolling database migration instead of maintenance window.
Stick with the current OAuth v2 scope expansion approach.

Next steps
Andrey: Escalate security review for SEC-4521 (00:02:30)
Polina: Document rollback plan by Thursday (00:04:30)
Review rollback plan together Friday morning (00:04:30)

Details
Polina reported a blocker with the authentication layer affecting the API migration (00:00:25). The OAuth client needs reconfiguration and the token refresh logic must be updated (00:01:15). Andrey offered to escalate the security review (00:02:30). The database schema migration is in good shape after testing against production data (00:03:42). They agreed on a rolling migration approach (00:04:15). Priya's onboarding checklist is ready in Notion (00:05:18). Action items were summarized at the end (00:05:45).

Polina x Andrey — Weekly - Transcript

00:00:00

Andrey Sundiev: Hey Polina, thanks for joining. I wanted to check in on the API migration project. How's it going?

00:00:25

Polina Khokhonova: Hi Andrey. So overall we're making progress, but we've hit a significant blocker with the authentication layer. The existing OAuth implementation doesn't support the new scopes required by v2.

00:01:03

Andrey Sundiev: Can you elaborate on what specifically is blocking you? Is it a code change or a configuration issue?

00:01:15

Polina Khokhonova: It's both, actually. The OAuth client needs to be reconfigured to request the new scopes, and the token refresh logic in our middleware needs to be updated to handle the expanded permission set. I estimate the code changes will take about two days, but the client reconfiguration requires approval from the security team.

00:02:30

Andrey Sundiev: That sounds reasonable for the code side. I can help escalate the security review. Have you already filed the request?

00:02:45

Polina Khokhonova: I filed the request yesterday. The ticket is SEC-4521. I also added a dependency note in our sprint board so the team knows about the blocker.

00:03:18

Andrey Sundiev: Great, I'll follow up with the security team today. What about the database migration part? Last week you mentioned there were some schema concerns.

00:03:42

Polina Khokhonova: Right, so the schema migration is actually in good shape. We wrote the migration scripts and tested them against a copy of production data. The only open question is whether we should do a rolling migration or a maintenance window. Rolling is safer but more complex.

00:04:15

Andrey Sundiev: Let's go with the rolling migration. We can't afford downtime during the product launch window. Can you document the rollback plan as well?

00:04:30

Polina Khokhonova: Absolutely. I'll have the rollback plan documented by end of day Thursday and we can review it together Friday morning.

00:05:00

Andrey Sundiev: Perfect. One more thing - have you had a chance to look at the new team member's onboarding tasks? Priya starts next Monday.

00:05:18

Polina Khokhonova: Yes, I set up the onboarding checklist in Notion and paired the first three tasks with code review walkthroughs. I think she'll ramp up quickly given her background in distributed systems.

00:05:45

Andrey Sundiev: Awesome. Alright, I think we're in good shape. Let me summarize the action items: I'll escalate the security review, you'll document the rollback plan by Thursday, and we'll review it Friday. Sound good?

00:06:02

Polina Khokhonova: Sounds good. Thanks Andrey.

Transcription ended after 00:06:15

This editable transcript was computer generated and might contain errors. People can also change the text after it was created.
