incubator-ooo-dev mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From Pedro Giffuni <...@apache.org>
Subject Re: [code] (stax-api) Anyone still uses Java 5?
Date Mon, 13 Feb 2012 16:48:54 GMT
On 02/13/12 11:24, Rob Weir wrote:
> On Sun, Feb 12, 2012 at 8:34 PM, Pedro Giffuni<pfg@apache.org>  wrote:
>> Hmm...
>>
>> On 02/12/12 17:06, Rob Weir wrote:
>> ...
>>
>>> Anyone wants to play a bit with a patch? Alternatively we could just leave
>>> things as they are and drop StaX out of the distribution after 3.4-Release.
>>> +1 for changing after 3.4.
>>>
>>>
>> Rob's message arrived *after* I committed the update.
>> It's a low risk update though; it helps a bit with the license
>> clearance issues and the instructions for using the prebuilt
>> distribution were just too outdated so let's wait to see what
>> the buildbot thinks about it.
>>
> Low risk, but not zero.  At the very least, since we've already
> started a formal QA pass for 3.4, it would be great if any changes
> made from now on mentioned what, if anything, should be retested.
> This probably also means that changes should come with a BZ issue
> where such information is recorded.

In my build, and in the buildbots so far, the impact has been
zero and I am ready to revert if there is any need, but I see
your point.

I think we should still update some components: the security
stuff I mentioned earlier and apache-commons. I can open
bugzilla items for those. FWIW, I had a look at updating icc
and Lucene but those are very high risk IMHO.
> I'm open to arguments that we're not at that point in the 3.4 release
> cycle yet.  But I think at some point we want to engage that level of
> change discipline.
We should go further indeed: when we are ready for a release
we should call a code freeze: I suggest that should be called right
after the neon replacement is finished. We should probably be
thinking on branching after that too.

Pedro.


> -Rob
>
>> FWIW, I am more worried about some other updates that
>> should be done for security reasons; nss and libxmlsec,
>> but I have currently no plans to touch those.
>>
>> Cheers,
>>
>> Pedro.
>>


Mime
View raw message