couchdb-dev mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From Robert Newson <rnew...@apache.org>
Subject Re: CouchDB 1.1.1
Date Mon, 10 Oct 2011 22:22:16 GMT
I backported erlang-oauth to 1.1.x from master and also fixed
etap_web.erl. no warnings now.

B.

On 10 October 2011 23:20, Filipe David Manana <fdmanana@apache.org> wrote:
> On Mon, Oct 10, 2011 at 9:48 PM, Robert Newson <rnewson@apache.org> wrote:
>> It's not just oauth_rsa_sha1.erl;
>>
>> ./oauth_http.erl:13: Warning: http:request/4 is deprecated and will be
>> removed in R15B; use httpc:request/4
>
> Yep, mentioned it before, that one is apparently harmless since we
> don't trigger that codepath in CouchDB.
>
>>
>> B.
>>
>>
>> On 7 October 2011 18:42, Filipe David Manana <fdmanana@apache.org> wrote:
>>> Regarding the erlang-oauth and R15 compatibility,
>>>
>>> The compilation warnings only happen in the 1.1.x because
>>> src/erlang-oauth/Makefile.am is compiling oauth_rsa_sha1.erl while
>>> trunk and 1.2.x are not.
>>>
>>> Our OAuth handler is not supporting rsa-sha1 signatures, so it can be
>>> safely ignored. I think the right thing would be to exclude that file
>>> from the build list.
>>>
>>> It was added in the following 1.1.x commit:
>>>
>>> https://github.com/apache/couchdb/commit/ea57780780730eb5f2d98f30697e6a8c2b3cf7f7
>>>
>>> That said, upgrading to the same erlang-oauth we have in trunk/1.2.x won't help.
>>>
>>> On Thu, Oct 6, 2011 at 7:10 PM, Filipe David Manana <fdmanana@apache.org>
wrote:
>>>> On Thu, Oct 6, 2011 at 6:59 PM, Robert Newson <rnewson@apache.org>
wrote:
>>>>> does the newer erlang-oauth break anything?
>>>>
>>>> Not that I know of.
>>>>
>>>>>
>>>>> On 6 October 2011 18:52, Filipe David Manana <fdmanana@apache.org>
wrote:
>>>>>> On Thu, Oct 6, 2011 at 6:23 PM, Robert Newson <rnewson@apache.org>
wrote:
>>>>>>> If there are no objections, I'm going to build the first 1.1.1
>>>>>>> candidate in the morning and start a new thread for the release.
>>>>>>
>>>>>> As pointed out in 2 other related threads, we have some compilation
>>>>>> warnings about functions that will no longer exist in OTP R15 (to
be
>>>>>> released by the end of this year):
>>>>>>
>>>>>> /opt/r14b03/bin/erlc +debug_info oauth_http.erl
>>>>>> ./oauth_http.erl:13: Warning: http:request/4 is deprecated and will
be
>>>>>> removed in R15B; use httpc:request/4
>>>>>> /opt/r14b03/bin/erlc +debug_info oauth_plaintext.erl
>>>>>> /opt/r14b03/bin/erlc +debug_info oauth_rsa_sha1.erl
>>>>>> ./oauth_rsa_sha1.erl:9: Warning: public_key:pem_to_der/1: deprecated
>>>>>> (will be removed in R15A); use file:read_file/1 and
>>>>>> public_key:pem_decode/1
>>>>>> ./oauth_rsa_sha1.erl:10: Warning: public_key:decode_private_key/1
is
>>>>>> deprecated and will be removed in R15A; use
>>>>>> public_key:pem_entry_decode/1
>>>>>> ./oauth_rsa_sha1.erl:22: Warning: public_key:pem_to_der/1: deprecated
>>>>>> (will be removed in R15A); use file:read_file/1 and
>>>>>> public_key:pem_decode/1
>>>>>> /opt/r14b03/bin/erlc +debug_info oauth_unix.erl
>>>>>>
>>>>>> The ones regarding public_key concern me, as it will break the OAuth
>>>>>> authentication handler.
>>>>>> I see 2 solutions:
>>>>>>
>>>>>> 1) upgrade erlang-oauth to the same version we have in trunk/1.2.x
>>>>>> (doesn't produce these warnings)
>>>>>>
>>>>>> 2) modify the erlang-oauth in 1.1.x and use try catches where the
>>>>>> catch would call the equivalent versions in R14/R15 (these new
>>>>>> functions don't exist in R13B03 for example)
>>>>>>
>>>>>> Naturally, I would prefer 1)
>>>>>>
>>>>>> The warnings about http:request can be ignored I think, as in Couch
we
>>>>>> don't use any codepath that will execute the deprecated function
>>>>>>
>>>>>>>
>>>>>>> B.
>>>>>>>
>>>>>>> On 6 October 2011 12:05, Robert Newson <rnewson@apache.org>
wrote:
>>>>>>>> Thanks all, I've pushed the change to 1.1.x. make check and
futon all
>>>>>>>> pass; review would still be nice. :) I simply reverted the
two
>>>>>>>> commits.
>>>>>>>>
>>>>>>>> B.
>>>>>>>>
>>>>>>>> On 6 October 2011 12:02, Jan Lehnardt <jan@apache.org>
wrote:
>>>>>>>>>
>>>>>>>>> On Oct 6, 2011, at 10:30 , Robert Newson wrote:
>>>>>>>>>
>>>>>>>>>> There is no build of 1.1.1 on Ubuntu 11.x that will
work as well as
>>>>>>>>>> 1.1.0, so I think it's correct that it cannot build
under those
>>>>>>>>>> conditions.
>>>>>>>>>>
>>>>>>>>>> Let's get 1.1.1 out, with the many useful bug fixes
and tweaks, and
>>>>>>>>>> then focus on getting 1.2 out with 1.8.5 support
(and "BREAKING
>>>>>>>>>> CHANGES").
>>>>>>>>>>
>>>>>>>>>> I vote +1 to removing 1.8.5 support and the paren
hack from 1.1.x.
>>>>>>>>>
>>>>>>>>> +1
>>>>>>>>>
>>>>>>>>> Cheers
>>>>>>>>> Jan
>>>>>>>>> --
>>>>>>>>>
>>>>>>>>>
>>>>>>>>>>
>>>>>>>>>> B.
>>>>>>>>>>
>>>>>>>>>> On 6 October 2011 09:25, Paul Davis <paul.joseph.davis@gmail.com>
wrote:
>>>>>>>>>>> On Thu, Oct 6, 2011 at 3:23 AM, Robert Newson
<rnewson@apache.org> wrote:
>>>>>>>>>>>> All,
>>>>>>>>>>>>
>>>>>>>>>>>> Paul Davis has researched the issue and it
seems intractable.
>>>>>>>>>>>>
>>>>>>>>>>>> I would like to remove 1.8.5 support from
1.1.1. It was not present in
>>>>>>>>>>>> 1.1.0 so will not be (officially) missed.
>>>>>>>>>>>>
>>>>>>>>>>>> The place for a breaking change of this magnitude
is 1.2, not a minor
>>>>>>>>>>>> bug fix release.
>>>>>>>>>>>>
>>>>>>>>>>>> Thoughts?
>>>>>>>>>>>> B.
>>>>>>>>>>>>
>>>>>>>>>>>
>>>>>>>>>>> +1 on removing the paren hack for sure.
>>>>>>>>>>>
>>>>>>>>>>> Not sure about removing 1.8.5 support completely.
On the one hand, it
>>>>>>>>>>> would prevent breakage because people couldn't
link against the
>>>>>>>>>>> breaking SM. On the other hand, it prevents people
from linking
>>>>>>>>>>> against 1.8.5 which means it won't build on Ubuntu
11.x.
>>>>>>>>>>>
>>>>>>>>>>> Unless someone comes up with a magic option I'd
say put it to an
>>>>>>>>>>> informal vote so that I can blame someone else.
>>>>>>>>>>>
>>>>>>>>>>>> On 5 October 2011 18:25, Paul Davis <paul.joseph.davis@gmail.com>
wrote:
>>>>>>>>>>>>> Yes, its release blocking.
>>>>>>>>>>>>>
>>>>>>>>>>>>> On Wed, Oct 5, 2011 at 7:56 AM, Robert
Newson <rnewson@apache.org> wrote:
>>>>>>>>>>>>>> All,
>>>>>>>>>>>>>>
>>>>>>>>>>>>>> I went through JIRA and updated CHANGES
and NEWS on origin/1.1.x to
>>>>>>>>>>>>>> include everything that was missing
(Sidenote: Can we all keep this
>>>>>>>>>>>>>> file up to date when commit bugfixes
or add features?). I'd appreciate
>>>>>>>>>>>>>> everyone giving it a look over before
I start to build the release
>>>>>>>>>>>>>> artifact.
>>>>>>>>>>>>>>
>>>>>>>>>>>>>> I believe there's an outstanding
issue (not present in JIRA) around
>>>>>>>>>>>>>> javascript function evaluation? Can
someone confirm that it's release
>>>>>>>>>>>>>> blocking?
>>>>>>>>>>>>>>
>>>>>>>>>>>>>> Thanks,
>>>>>>>>>>>>>> B.
>>>>>>>>>>>>>>
>>>>>>>>>>>>>
>>>>>>>>>>>>
>>>>>>>>>>>
>>>>>>>>>
>>>>>>>>>
>>>>>>>>
>>>>>>>
>>>>>>
>>>>>>
>>>>>>
>>>>>> --
>>>>>> Filipe David Manana,
>>>>>>
>>>>>> "Reasonable men adapt themselves to the world.
>>>>>>  Unreasonable men adapt the world to themselves.
>>>>>>  That's why all progress depends on unreasonable men."
>>>>>>
>>>>>
>>>>
>>>>
>>>>
>>>> --
>>>> Filipe David Manana,
>>>>
>>>> "Reasonable men adapt themselves to the world.
>>>>  Unreasonable men adapt the world to themselves.
>>>>  That's why all progress depends on unreasonable men."
>>>>
>>>
>>>
>>>
>>> --
>>> Filipe David Manana,
>>>
>>> "Reasonable men adapt themselves to the world.
>>>  Unreasonable men adapt the world to themselves.
>>>  That's why all progress depends on unreasonable men."
>>>
>>
>
>
>
> --
> Filipe David Manana,
>
> "Reasonable men adapt themselves to the world.
>  Unreasonable men adapt the world to themselves.
>  That's why all progress depends on unreasonable men."
>

Mime
View raw message