fineract-dev mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From Markus Geiß <markus.ge...@live.de>
Subject RE: Please help evaluation Fineract's readiness for graduation
Date Wed, 15 Feb 2017 08:18:38 GMT
Hey Sendoro,

good question. ; o)

We are following the Semantic Version paradigm (http://semver.org/). Given we are usually
also release new features and not only bugfixes within a release, we increase Y in favor of
Z. If we'd create a bug fix only release with no changes to the API we'd increase Z.

With graduation we will set X to 1, this would also indicate that following 1.y.z releases
won't break because of incompatible API changes.

We were in need to change a lot internally to meet all policies and regulations at ASF, so
we decided to run 0.y.z during incubation.

Hope this helps. ; o)

Cheers

Markus

-----Original Message-----
From: sendoro@singo.co.tz [mailto:sendoro@singo.co.tz] 
Sent: Wednesday, February 15, 2017 08:56 AM
To: dev@fineract.incubator.apache.org
Cc: Ed Cable <edcable@mifos.org>
Subject: Re: Please help evaluation Fineract's readiness for graduation

Dears,

I'm not sure if this is the right thread to ask this question.

So far till today we had been working with Fineract version  x.y.z; whereby, we have only
touched  x,y i.e. 0.1.0, 0.2.0... and now 0.7.0

While I understand why we haven't touched x, I don't know when we shall touch z.  Or rather
what is the criteria to touch version .z above?

Though, I thought that  our Fineract application would touch more of "z". Due to the level
of development it is in.

For example...
- I thought critical bugs which affects core banking functionalities should be resolved with
emergency priority through patching; and as for versioning, we should use the "z" above...
and that only new functionalities should touch the "y" and "x".

- Also, how many votes are required to push emergence fixes. as for ITIL this usually they
don't need fully CAB approval. O rather do we have operational change approval board... that
will approve when what is needed is only "z"?

My apologies if my post is taking you back....


Regards
Sendoro







On 2017-02-15 00:32, Ed Cable wrote:
> Just doing a check-in as to where we stand.
> 
> Nazeer has been addressing some of the outstanding points and has 
> recently posted some additional release management documentation which 
> can be viewed at
> https://cwiki.apache.org/confluence/pages/viewpage.action?pageId=67640
> 333
> 
> I have pushed the changes to the Apache Fineract website github repo 
> and these have been merged the but the website is not reflecting the 
> edits I made.
> 
> Nazeer has requested feedback on the Findbugs Implementation he has 
> ready go go.
> 
> 2 active threads are being discussed related to security and backwards 
> compatibility.
> 
> We are also evaluating a couple additional committers and will soon be 
> ready to call for graduation if our mentors too fee we are ready.
> 
> Ed
> 
> 
> 
> On Fri, Jan 27, 2017 at 10:14 AM, Jim Jagielski <jim@jagunet.com>
> wrote:
> 
>> Makes sense.
>> > On Jan 25, 2017, at 10:52 PM, Shaik Nazeer <nazeer.shaik@
>> confluxtechnologies.com> wrote:
>> >
>> > Instead of modifying Fineract website on every Fineract releases, 
>> > can we
>> link required details to Fineract wiki pages?
>> > For example latest release details can be found at
>> https://cwiki.apache.org/confluence/display/FINERACT/Release+Folders
>> >
>> > Thanks,
>> > Nazeer
>> > -----Original Message-----
>> > From: Markus Geiß [mailto:mgeiss@mifos.org]
>> > Sent: 26 January 2017 01:55
>> > To: Ed Cable
>> > Cc: dev (dev@fineract.incubator.apache.org)
>> > Subject: Re: Please help evaluation Fineract's readiness for 
>> > graduation
>> >
>> > Hey Ed,
>> >
>> > the Apache Fineract website is a github repo you'll find at 
>> > Apache's
>> github mirror.
>> >
>> > Simply fork it, create a new branch, do the needed changes and send a PR.
>> >
>> > Best wishes,
>> >
>> > Markus Geiss
>> > Chief Architect
>> > RɅĐɅЯ, The Mifos Initiative
>> >
>> > On Jan 24, 2017 15:58, "Ed Cable" <edcable@mifos.org> wrote:
>> >
>> >> Markus,
>> >>
>> >> Nazeer is continuing to work on addressing the areas of concern 
>> >> related to QU10, QU40, and RE50.
>> >>
>> >> Could you provide me access to the Apache Fineract website to 
>> >> address
>> >> CO10 and then for CS10 do we want that on the Apache Fineract 
>> >> website or the wiki?
>> >>
>> >> Thanks,
>> >>
>> >> Ed
>> >>
>> >> On Tue, Jan 10, 2017 at 5:48 AM, Jim Jagielski <jim@jagunet.com> wrote:
>> >>
>> >>> Agreed.
>> >>>
>> >>>> On Jan 6, 2017, at 8:41 PM, Roman Shaposhnik 
>> >>>> <roman@shaposhnik.org>
>> >>> wrote:
>> >>>>
>> >>>> On Fri, Jan 6, 2017 at 4:24 PM, Ed Cable <edcable@mifos.org>
wrote:
>> >>>>> Could our Apache Fineract mentors please provide some guidance

>> >>>>> on a
>> >>> couple
>> >>>>> of the areas we need to improve upon:
>> >>>>>
>> >>>>> QU10 "*The project is open and honest about the quality of its
code.
>> >>>>> Various levels of quality and maturity for various modules are

>> >>>>> natural
>> >>> and
>> >>>>> acceptable as long as they are clearly communicated." -*
>> >>>>>
>> >>>>> Do you have any other projects you could point to that have

>> >>>>> strong transparent measures of quality and maturity clearly

>> >>>>> available We want
>> >>> to
>> >>>>> follow best practices and adopt similar to display at 
>> >>>>> http://fineract.incubator.apache.org
>> >>>>
>> >>>> Regular deployment of tools like Findbugs is a good indication 
>> >>>> that you
>> >>> take
>> >>>> this requirement seriously.
>> >>>>
>> >>>>> *QU30: The project provides a well-documented channel to report
>> >>> security
>> >>>>> issues, along with a documented way of responding to them.*
>> >>>>>
>> >>>>> Currently we just link to: http://www.apache.org/security/ Are

>> >>>>> we
>> >>> able to
>> >>>>> do as other projects at
>> >>>>> http://www.apache.org/security/projects.html
>> >>> or is
>> >>>>> a private channel not something we can set up till we're out
of 
>> >>>>> incubation.  If we can move forwarde, I'd suggest we have a

>> >>>>> security
>> >>> page
>> >>>>> on our site, document and fix known vulnerabilities and then

>> >>>>> provide
>> >>> clear
>> >>>>> instruction on reporting vulnerabilities to a private channel

>> >>>>> like security@fineract.incubator..apache.org
>> >>>>
>> >>>> This is less about security@fineract vs.
>> >>> http://www.apache.org/security/
>> >>>> and more about the community being ready for when the first 0 
>> >>>> day hits either of those. Being ready is a combination of tribal

>> >>>> knowledge, wiki recommendations and a release policy that would

>> >>>> allow you to patch at a drop of a hat.
>> >>>>
>> >>>> Thanks,
>> >>>> Roman.
>> >>>
>> >>>
>> >>
>> >>
>> >> --
>> >> *Ed Cable*
>> >> Director of Community Programs, Mifos Initiative edcable@mifos.org 
>> >> |
>> >> Skype: edcable | Mobile: +1.484.477.8649 <(484)%20477-8649>
>> >>
>> >> *Collectively Creating a World of 3 Billion Maries | 
>> >> *http://mifos.org <http://facebook.com/mifos>  
>> >> <http://www.twitter.com/mifos>
>> >>
>> >>
>> >
>> 
>> 

Mime
View raw message