couchdb-dev mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From Andy Wenk <andyw...@apache.org>
Subject Re: [VOTE] Release Apache CouchDB 1.6.1-rc.1
Date Fri, 15 Aug 2014 08:07:34 GMT
taking the discussed facts into account I am also +1 for 1.7


On 15 August 2014 10:00, Benoit Chesneau <bchesneau@gmail.com> wrote:

> On Fri, Aug 15, 2014 at 9:53 AM, Alexander Shorin <kxepal@gmail.com>
> wrote:
>
> > On Fri, Aug 15, 2014 at 12:49 AM, Robert Kowalski <rok@kowalski.gd>
> wrote:
> > > I might be wrong, I think that according to semver this would raise the
> > > version number to 1.7 , http://semver.org/ says: "Given a version
> number
> > > MAJOR.MINOR.PATCH, increment the: [...] MINOR version when you add
> > > functionality in a backwards-compatible manner."
> >
> > From commit message:
> >
> >
> https://github.com/apache/couchdb/commit/3bcf664b2f46750bf64bf970da07f9b133f98047
> >
> > > Add Experimental Content-Security-Policy-Support (CSP) for Fauxton
> > >
> > >Like every web application, Fauxton is vulnerable against XSS and
> > > CSP is a technology that tries to help against that.
> > >
> >  >The patch makes it possible to enable CSP for the /_utils path and
> > > allows configuration of the sent header.
> > >
> > > The default setting for the value of the header breaks the old
> > > Futon, when CSP is enabled there. The old Futon has alot of
> > > inline-JavaScript which is not allowed in the setting I have
> > > chosen as default.
> >
> > So while this is an experimental feature made for another experimental
> > feature, it's still a new feature which brings a new functionality
> > which is able to break behavior of existed one (Futon). Minor version
> > bump is required.
> >
> > How about move it for 1.7 release?
> >
>
> +1 to go for 1.7 instead. Also are the changes documented in our doc?
>
> - benoit
>



-- 
Andy Wenk
Hamburg - Germany
RockIt!

GPG fingerprint: C044 8322 9E12 1483 4FEC 9452 B65D 6BE3 9ED3 9588

 https://people.apache.org/keys/committer/andywenk.asc

Mime
  • Unnamed multipart/alternative (inline, None, 0 bytes)
View raw message