On 2/16/06, Ted Husted <[EMAIL PROTECTED]> wrote: > If someone is going to manage a 1.2.9 release, then, yes, it would > make sense for someone to make the necessary changes to 1.3 before we > mark it GA. (It just isn't going to be me.) > > But, if we are doing this because it's a security hole (and I don't > agree it is), then we should also patch and re-release Struts 1.1, > which many more people are using. The behavior has existed from day > one; it's not specific to 1.2. Or, if we are saying that 1.2 makes 1.1 > obsolete, then perhaps we should focus on stablizing Struts 1.3 so as > to make 1.2 obsolete too.
Yes we should patch and release 1.1 as well, but I don't have any interest in working on 1.1. > As to any other changes, if Wendy doesn't mind, and someone wants to > make those and also help finish up on the 1.3.0 release, I'm not going > to argue. But, I would have to remove my name as release co-manager, > since I just don't have any more time to spend on 1.3.0 right now. If > someone else can do it, that would be great, it's just that I can't. Its down to whether you're hoping 1.3.0 makes "GA" quality or not. If we want to give it a chance of "GA" then we should fix them now. If we just want to get a milestone out there then carry on. I don't mind either way. > If some people feel these patches are a problem, then we can always > keep Action 1.3.0 as a test-build, until someone has time to apply > them and roll an Action 1.3.1 (note that the other six subprojects > would *not* have to tagged and rolled again, only the one we change). Good point and probably all the more reason for carrying on with things as they stand. Niall > The important thing, I think, is to get past the point having to > release everything all at once. Then we can address any other issues > in an agile, release-often, way. Otherwise, it will always be > something, and a week will turn into a month, which turns into another > quarter. > > -Ted. --------------------------------------------------------------------- To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
