rave-dev mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From Ate Douma <...@douma.nu>
Subject Re: [DISCUSS] Apache Rave 0.13 Release Candidate
Date Sun, 01 Jul 2012 21:54:55 GMT
On 06/30/2012 05:25 PM, Franklin, Matthew B. wrote:
> Unfortunately, I found a pretty big bug.  When we cut over to the new interface model,
the rave-shindig classes began using the username as the opensocial id (similar to igoogle,etc)
rather than the arbitrary database entity id.  Unfortunately, when I made those changes, I
didn't update the security token classes in rave portal.  This means that any code in shindig
that checks the security token id against the passed in userid will fail.  This primarily
affects appdata; which, IMO is a pretty big deal..
> Apologies, but when you consider this with Ate's potential bug, I am not sure we should
ship the release...

Matt, thanks for finding and reporting this. I agree this seems like a rather 
serious bug.

I haven't had time yet over the weekend to dive deeper into RAVE-708 but will 
try to find time for it coming days.

The merge of the model interfaces changes, the upgrade to OpenJPA 2.2.0, and on 
top of that, the upgrade to shindig 2.5.0-beta2, all happened in the last week. 
Overall this release gives me a bit uneasy feeling of being (too) 
unstable/unreliable and certainly as not enough tested.

I'd like to hear others opinion on it, but I'm currently inclined to say we 
should hold off/cancel shipping this release.

Maybe we should take the coming weeks to better validate and fix/improve the 
quality and reliability instead of keep rushing in more major changes.
As well as JIRA could use a bit of scrubbing and cleaning up of old/outstanding 
issues I think.

We are also entering the summer holiday period (I myself will be 3 weeks away 
after next week) so maybe we should anticipate a bit slower progress anyway or 
at least lesser time or eyes available for properly review and test major changes.

All in all, I'm hesitant to push out a lesser tested/validated 0.13 (unlucky?) 
version out.


>> -----Original Message-----
>> From: Ate Douma [mailto:ate@douma.nu]
>> Sent: Friday, June 29, 2012 7:43 PM
>> To: dev@rave.apache.org
>> Subject: [DISCUSS] Apache Rave 0.13 Release Candidate
>> Discussion thread for vote on 0.13 release candidate.
>> For more information on the release process, checkout -
>> http://www.apache.org/dev/release.html
>> Some of the things to check before voting are:
>> - can you run the demo binaries
>> - can you build the contents of source-release.zip and svn tag
>> - do all of the staged jars/zips contain the required LICENSE and NOTICE files
>> - are all of the staged artifacts signed and the signature verifiable
>> - is the signing key in the project's KEYS file and on a public server

View raw message