On Fri, Jun 15, 2012 at 1:05 PM, Christian Mueller <[email protected]> wrote: > The question is how to continue, two facts I want to point out > > - We cannot make a 2.2.0 release without the changes. The system would not > work correctly. > - My next steps would be to review/complete the security documentation and > during this work, make a next round hardening the code. > > > Opinions ?.
The fact that we still need a 4400+loc patch to fix the security subsystem tells me whatever we release next week cannot possibly be a release candidate, but at best a beta3, especially since you say that a next round of hardening is in the plans: nothing bad about it per se, but bad that it's needed since RC means Release Candidate, means we believe we're done and ask the users to check and eventually tell us otherwise. Hopefully GSIP 77 will bring some sanity into all of this. Btw, I have no time to review the patch, I can have a look during the weekend but my familiarity with the new authentication system is not enough. I'll trust Justin's judgement on it unless my quick review really finds some red flag. Cheers Andrea -- Ing. Andrea Aime GeoSolutions S.A.S. Tech lead Via Poggio alle Viti 1187 55054 Massarosa (LU) Italy phone: +39 0584 962313 fax: +39 0584 962313 mob: +39 339 8844549 http://www.geo-solutions.it http://geo-solutions.blogspot.com/ http://www.youtube.com/user/GeoSolutionsIT http://www.linkedin.com/in/andreaaime http://twitter.com/geowolf ------------------------------------------------------------------------------ Live Security Virtual Conference Exclusive live event will cover all the ways today's security and threat landscape has changed and how IT managers can respond. Discussions will include endpoint security, mobile security and the latest in malware threats. http://www.accelacomm.com/jaw/sfrnl04242012/114/50122263/ _______________________________________________ Geoserver-devel mailing list [email protected] https://lists.sourceforge.net/lists/listinfo/geoserver-devel
