Return-Path: X-Original-To: apmail-rave-dev-archive@www.apache.org Delivered-To: apmail-rave-dev-archive@www.apache.org Received: from mail.apache.org (hermes.apache.org [140.211.11.3]) by minotaur.apache.org (Postfix) with SMTP id 113BCD602 for ; Sun, 1 Jul 2012 21:55:27 +0000 (UTC) Received: (qmail 62890 invoked by uid 500); 1 Jul 2012 21:55:27 -0000 Delivered-To: apmail-rave-dev-archive@rave.apache.org Received: (qmail 62769 invoked by uid 500); 1 Jul 2012 21:55:26 -0000 Mailing-List: contact dev-help@rave.apache.org; run by ezmlm Precedence: bulk List-Help: List-Unsubscribe: List-Post: List-Id: Reply-To: dev@rave.apache.org Delivered-To: mailing list dev@rave.apache.org Received: (qmail 62761 invoked by uid 99); 1 Jul 2012 21:55:26 -0000 Received: from nike.apache.org (HELO nike.apache.org) (192.87.106.230) by apache.org (qpsmtpd/0.29) with ESMTP; Sun, 01 Jul 2012 21:55:26 +0000 X-ASF-Spam-Status: No, hits=-0.0 required=5.0 tests=RCVD_IN_DNSWL_LOW,SPF_NEUTRAL X-Spam-Check-By: apache.org Received-SPF: neutral (nike.apache.org: local policy) Received: from [74.125.82.41] (HELO mail-wg0-f41.google.com) (74.125.82.41) by apache.org (qpsmtpd/0.29) with ESMTP; Sun, 01 Jul 2012 21:55:17 +0000 Received: by wgbds1 with SMTP id ds1so2140386wgb.0 for ; Sun, 01 Jul 2012 14:54:57 -0700 (PDT) X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=20120113; h=message-id:date:from:user-agent:mime-version:to:subject:references :in-reply-to:content-type:content-transfer-encoding :x-gm-message-state; bh=0lNuFG+KikzukGCWE/1y906b9C+ESFbFJd03QpIaHeo=; b=AeYlFDsHsvbiheKrZSAYCieM1oL5xlMwi+l/EPzHNkPl//ixFU2pc1GOa1nhWINQ8X 2QGkBrs1uLqtBDZyYcMMs1L3869RKuXUCAY7pzaJPmbCUAHr6jauFTuerL+DZG5gOhxp oaTealL0lNFWifglDn0CizxloxWvTeSrQPHTzARH/k9Jp3dnrEG6iBUrgJdyGBbnnhp1 TDR8B1kxob511ZEHqA3CWHgEF8MumXbiPTQ2muy+mrynBC59vy0gO9guCr1/TGryWqyU 1PRrjKO5Ldo5mIWc54z63UmgNrPIET4S5GOf3aHwI1CQGH2zUJlk1STsoVy3lpc8Ib/6 JrsA== Received: by 10.216.221.74 with SMTP id q52mr728777wep.181.1341179697149; Sun, 01 Jul 2012 14:54:57 -0700 (PDT) Received: from [192.168.1.135] (134-098-045-062.dynamic.caiway.nl. [62.45.98.134]) by mx.google.com with ESMTPS id db7sm21288891wib.6.2012.07.01.14.54.55 (version=TLSv1/SSLv3 cipher=OTHER); Sun, 01 Jul 2012 14:54:56 -0700 (PDT) Message-ID: <4FF0C72F.9060602@douma.nu> Date: Sun, 01 Jul 2012 23:54:55 +0200 From: Ate Douma User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:13.0) Gecko/20120615 Thunderbird/13.0.1 MIME-Version: 1.0 To: dev@rave.apache.org Subject: Re: [DISCUSS] Apache Rave 0.13 Release Candidate References: <4FEE3D88.4070306@douma.nu> <2E45169E9A237B4DA78078A68962F9EF01606F7E@IMCMBX01.MITRE.ORG> In-Reply-To: <2E45169E9A237B4DA78078A68962F9EF01606F7E@IMCMBX01.MITRE.ORG> Content-Type: text/plain; charset=ISO-8859-1; format=flowed Content-Transfer-Encoding: 7bit X-Gm-Message-State: ALoCoQnC76iX1YEvaVa2DzjZoz6AFCsdMbbhrM6xc9XrT/ID1zFJFR6ZcCuw7OJ1RH5NyXaulEnp On 06/30/2012 05:25 PM, Franklin, Matthew B. wrote: > Unfortunately, I found a pretty big bug. When we cut over to the new interface model, the rave-shindig classes began using the username as the opensocial id (similar to igoogle,etc) rather than the arbitrary database entity id. Unfortunately, when I made those changes, I didn't update the security token classes in rave portal. This means that any code in shindig that checks the security token id against the passed in userid will fail. This primarily affects appdata; which, IMO is a pretty big deal.. > > Apologies, but when you consider this with Ate's potential bug, I am not sure we should ship the release... Matt, thanks for finding and reporting this. I agree this seems like a rather serious bug. I haven't had time yet over the weekend to dive deeper into RAVE-708 but will try to find time for it coming days. The merge of the model interfaces changes, the upgrade to OpenJPA 2.2.0, and on top of that, the upgrade to shindig 2.5.0-beta2, all happened in the last week. Overall this release gives me a bit uneasy feeling of being (too) unstable/unreliable and certainly as not enough tested. I'd like to hear others opinion on it, but I'm currently inclined to say we should hold off/cancel shipping this release. Maybe we should take the coming weeks to better validate and fix/improve the quality and reliability instead of keep rushing in more major changes. As well as JIRA could use a bit of scrubbing and cleaning up of old/outstanding issues I think. We are also entering the summer holiday period (I myself will be 3 weeks away after next week) so maybe we should anticipate a bit slower progress anyway or at least lesser time or eyes available for properly review and test major changes. All in all, I'm hesitant to push out a lesser tested/validated 0.13 (unlucky?) version out. WDYT? > >> -----Original Message----- >> From: Ate Douma [mailto:ate@douma.nu] >> Sent: Friday, June 29, 2012 7:43 PM >> To: dev@rave.apache.org >> Subject: [DISCUSS] Apache Rave 0.13 Release Candidate >> >> Discussion thread for vote on 0.13 release candidate. >> >> For more information on the release process, checkout - >> http://www.apache.org/dev/release.html >> >> Some of the things to check before voting are: >> - can you run the demo binaries >> - can you build the contents of source-release.zip and svn tag >> - do all of the staged jars/zips contain the required LICENSE and NOTICE files >> - are all of the staged artifacts signed and the signature verifiable >> - is the signing key in the project's KEYS file and on a public server