fineract-dev mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From Ed Cable <edca...@mifos.org>
Subject Re: Please help evaluation Fineract's readiness for graduation
Date Wed, 15 Feb 2017 00:32:24 GMT
Just doing a check-in as to where we stand.

Nazeer has been addressing some of the outstanding points and has recently
posted some additional release management documentation which can be viewed
at https://cwiki.apache.org/confluence/pages/viewpage.action?pageId=67640333

I have pushed the changes to the Apache Fineract website github repo and
these have been merged the but the website is not reflecting the edits I
made.

Nazeer has requested feedback on the Findbugs Implementation he has ready
go go.

2 active threads are being discussed related to security and backwards
compatibility.

We are also evaluating a couple additional committers and will soon be
ready to call for graduation if our mentors too fee we are ready.

Ed



On Fri, Jan 27, 2017 at 10:14 AM, Jim Jagielski <jim@jagunet.com> wrote:

> Makes sense.
> > On Jan 25, 2017, at 10:52 PM, Shaik Nazeer <nazeer.shaik@
> confluxtechnologies.com> wrote:
> >
> > Instead of modifying Fineract website on every Fineract releases, can we
> link required details to Fineract wiki pages?
> > For example latest release details can be found at
> https://cwiki.apache.org/confluence/display/FINERACT/Release+Folders
> >
> > Thanks,
> > Nazeer
> > -----Original Message-----
> > From: Markus Geiß [mailto:mgeiss@mifos.org]
> > Sent: 26 January 2017 01:55
> > To: Ed Cable
> > Cc: dev (dev@fineract.incubator.apache.org)
> > Subject: Re: Please help evaluation Fineract's readiness for graduation
> >
> > Hey Ed,
> >
> > the Apache Fineract website is a github repo you'll find at Apache's
> github mirror.
> >
> > Simply fork it, create a new branch, do the needed changes and send a PR.
> >
> > Best wishes,
> >
> > Markus Geiss
> > Chief Architect
> > RɅĐɅЯ, The Mifos Initiative
> >
> > On Jan 24, 2017 15:58, "Ed Cable" <edcable@mifos.org> wrote:
> >
> >> Markus,
> >>
> >> Nazeer is continuing to work on addressing the areas of concern
> >> related to QU10, QU40, and RE50.
> >>
> >> Could you provide me access to the Apache Fineract website to address
> >> CO10 and then for CS10 do we want that on the Apache Fineract website
> >> or the wiki?
> >>
> >> Thanks,
> >>
> >> Ed
> >>
> >> On Tue, Jan 10, 2017 at 5:48 AM, Jim Jagielski <jim@jagunet.com> wrote:
> >>
> >>> Agreed.
> >>>
> >>>> On Jan 6, 2017, at 8:41 PM, Roman Shaposhnik <roman@shaposhnik.org>
> >>> wrote:
> >>>>
> >>>> On Fri, Jan 6, 2017 at 4:24 PM, Ed Cable <edcable@mifos.org> wrote:
> >>>>> Could our Apache Fineract mentors please provide some guidance on
> >>>>> a
> >>> couple
> >>>>> of the areas we need to improve upon:
> >>>>>
> >>>>> QU10 "*The project is open and honest about the quality of its code.
> >>>>> Various levels of quality and maturity for various modules are
> >>>>> natural
> >>> and
> >>>>> acceptable as long as they are clearly communicated." -*
> >>>>>
> >>>>> Do you have any other projects you could point to that have strong
> >>>>> transparent measures of quality and maturity clearly available We
> >>>>> want
> >>> to
> >>>>> follow best practices and adopt similar to display at
> >>>>> http://fineract.incubator.apache.org
> >>>>
> >>>> Regular deployment of tools like Findbugs is a good indication that
> >>>> you
> >>> take
> >>>> this requirement seriously.
> >>>>
> >>>>> *QU30: The project provides a well-documented channel to report
> >>> security
> >>>>> issues, along with a documented way of responding to them.*
> >>>>>
> >>>>> Currently we just link to: http://www.apache.org/security/ Are we
> >>> able to
> >>>>> do as other projects at
> >>>>> http://www.apache.org/security/projects.html
> >>> or is
> >>>>> a private channel not something we can set up till we're out of
> >>>>> incubation.  If we can move forwarde, I'd suggest we have a
> >>>>> security
> >>> page
> >>>>> on our site, document and fix known vulnerabilities and then
> >>>>> provide
> >>> clear
> >>>>> instruction on reporting vulnerabilities to a private channel like
> >>>>> security@fineract.incubator..apache.org
> >>>>
> >>>> This is less about security@fineract vs.
> >>> http://www.apache.org/security/
> >>>> and more about the community being ready for when the first 0 day
> >>>> hits either of those. Being ready is a combination of tribal
> >>>> knowledge, wiki recommendations and a release policy that would
> >>>> allow you to patch at a drop of a hat.
> >>>>
> >>>> Thanks,
> >>>> Roman.
> >>>
> >>>
> >>
> >>
> >> --
> >> *Ed Cable*
> >> Director of Community Programs, Mifos Initiative edcable@mifos.org |
> >> Skype: edcable | Mobile: +1.484.477.8649 <(484)%20477-8649>
> >>
> >> *Collectively Creating a World of 3 Billion Maries | *http://mifos.org
> >> <http://facebook.com/mifos>  <http://www.twitter.com/mifos>
> >>
> >>
> >
>
>


-- 
*Ed Cable*
Director of Community Programs, Mifos Initiative
edcable@mifos.org | Skype: edcable | Mobile: +1.484.477.8649

*Collectively Creating a World of 3 Billion Maries | *http://mifos.org
<http://facebook.com/mifos>  <http://www.twitter.com/mifos>

Mime
  • Unnamed multipart/alternative (inline, None, 0 bytes)
View raw message