esme-dev mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From Ethan Jewett <esjew...@gmail.com>
Subject Re: [VOTE] Approve the release of apache-esme-incubating-1.0 - (Yes Again :->)
Date Sun, 21 Feb 2010 18:19:45 GMT
Hi Sig,

Just the usual SVN process, but grab the tag instead of the trunk :-)

ESME is set up to default to the file system store for compass
("/props/compass.cfg.xml" actually) so there is no need to define a
configuration file in your default.props unless you want something
different. Search is working for me with the current tag, so I hope it
works for you too!

Ethan

On Sun, Feb 21, 2010 at 12:07 PM, Sig Rinde <sig@rinde.com> wrote:
> Got a tar file or shall I do the usual svn?
>
> Noticed that the default.props file do not have
> "compass_config_file=/props/compass.filesystem.cfg.xml" anymore.
> Compass/search etc still working now? :)
>
>
> On 21 February 2010 18:59, Richard Hirsch <hirsch.dick@gmail.com> wrote:
>> @sig - thanks for finding the bugs - the more bugs found, the higher
>> quality of ESME - and then everyone wins.
>>
>> If you want to get a head start on testing the new RC - just take a
>> look here: https://svn.apache.org/repos/asf/incubator/esme/tags/apache-esme-1.0-incubating/
>>
>> I'll do some tests tomorrow during the day and then start a vote in the evening.
>>
>> D.
>>
>> On Sun, Feb 21, 2010 at 6:22 PM, Sig Rinde <sig@rinde.com> wrote:
>>> Great work folks, interesting process to follow I must say
>>
>> I also find it interesting - especially comparing the release process
>> in a "community-based" / ASF project to releases in the corporate
>> world.
>>
>>>
>>> And sorry for messing up, keep in mind for next time I'm really good
>>> at stumbling over bugs, i.e. mess up, so set me to test work early =)
>>>
>>> Sig
>>>
>>> On 21 February 2010 17:55, Ethan Jewett <esjewett@gmail.com> wrote:
>>>> Hi,
>>>>
>>>> Thanks for humoring my concerns, and again for all the work you're doing
Dick.
>>>>
>>>> I've checked out the new tag and tested it. It passes all unit tests,
>>>> search is working out of the box, and the security hole is closed.
>>>> From my point of view, we're ready for a vote.
>>>>
>>>> Thanks,
>>>> Ethan
>>>>
>>>> On Sun, Feb 21, 2010 at 10:08 AM, Richard Hirsch <hirsch.dick@gmail.com>
wrote:
>>>>> OK.
>>>>>
>>>>> I've tagged a new Release Candidate:
>>>>> https://svn.apache.org/repos/asf/incubator/esme/tags/apache-esme-1.0-incubating/
>>>>>
>>>>> This means that we have to vote again (sigh!) -.
>>>>>
>>>>> This time I suggest we test the tagged RC before we do a vote.
>>>>>
>>>>> D.
>>>>>
>>>>> On Sun, Feb 21, 2010 at 12:49 AM, Ethan Jewett <esjewett@gmail.com>
wrote:
>>>>>> Hi all,
>>>>>>
>>>>>> For the original issue, where doing nothing simply results in a loss
>>>>>> of functionality, I would agree. However, I think this is a major
>>>>>> security hole that requires that the person deploying the software
to
>>>>>> take a specific action. If they don't take this action, then their
>>>>>> deployment is vulnerable. I'm not comfortable putting the ESME stamp
>>>>>> on a release that we know has this kind of issue. I think it's worth
>>>>>> spending the extra time to address this issue and set the precedent
>>>>>> that we don't release software with known security holes.
>>>>>>
>>>>>> I'm sticking with my -1 at this point. I'm not trying to veto (I
don't
>>>>>> even know if I can :-), so if a majority have voted for release after
>>>>>> 72 hours (which I think is the case), then feel free to go ahead.
>>>>>>
>>>>>> Ethan
>>>>>>
>>>>>> On Sat, Feb 20, 2010 at 3:46 PM, Richard Hirsch <hirsch.dick@gmail.com>
wrote:
>>>>>>> I agree with Bertrand.
>>>>>>>
>>>>>>> I'd like to get this release out and then do a another release
soon to
>>>>>>> fix the errors.
>>>>>>>
>>>>>>> Right now, there are the two issues that have to be changed and
Ethan
>>>>>>> has already changed them in SVN.
>>>>>>>
>>>>>>>>I believe that this will happen on any system and I think
the fact that search and the API2 doesn't work out of the box will really
>>>>>>>>confuse people.
>>>>>>> The fact that search doesn't work is IMHO the lesser of the two
>>>>>>> errors. Does the API2 not work at all or is the problem more
the
>>>>>>> security one associated with the "role.api_test=integration-admin"
>>>>>>> setting?
>>>>>>>
>>>>>>> I'm reluctant to cut a new release , because then we'd have to
start
>>>>>>> over again. Like I've said, I see this first release as a learning
>>>>>>> experience. No release will be perfect and will always include
a few
>>>>>>> bugs. I'd rather get this release out and then do another release
in 2
>>>>>>> weeks time with the bug fixes.  Now that we know how to do create
>>>>>>> releases it will be easier the next time.  We should get used
to
>>>>>>>
>>>>>>> I'd rather describe the two changes that have to made in the
resource
>>>>>>> files in a blog post or on the wiki and then push for a new release.
>>>>>>>
>>>>>>> Anyone else have thoughts on this
>>>>>>>
>>>>>>> D.
>>>>>>>
>>>>>>>
>>>>>>>
>>>>>>> On Sat, Feb 20, 2010 at 10:10 PM, Bertrand Delacretaz
>>>>>>> <bdelacretaz@apache.org> wrote:
>>>>>>>> On Sat, Feb 20, 2010 at 9:03 PM, Ethan Jewett <esjewett@gmail.com>
wrote:
>>>>>>>>> ...Maybe making this two-line change to one file is small
enough that we
>>>>>>>>> don't have to revote. I'm not sure. Maybe the mentors
can weigh in....
>>>>>>>>
>>>>>>>> Anything that changes the release artifacts needs a new vote.
>>>>>>>>
>>>>>>>> On the other hand, if there's a workaround (IIUC people can
change
>>>>>>>> something manually to get things to work?) I suggest releasing
as is.
>>>>>>>>
>>>>>>>> Nothing prevents you from making another release soon, if
needed.
>>>>>>>> Getting used to releasing is good progress towards graduation
;-)
>>>>>>>>
>>>>>>>> -Bertrand
>>>>>>>>
>>>>>>>
>>>>>>
>>>>>
>>>>
>>>
>>
>

Mime
View raw message