Re: [Openvpn-devel] OpenVPN core development processes?
> Hi, > > On Wed, Jan 20, 2010 at 04:00:03PM +0200, Samuli Seppänen wrote: > >> So something like this at first: >> >> http://users.utu.fi/sjsepp/openvpn/process_contributing_to_openvpn.png >> >> ... and later this: >> >> http://users.utu.fi/sjsepp/openvpn/process_contributing_to_openvpn_2.png >> > > This makes sense to me. Especially since there is well-defined feedback > to the patch author what will happen with his work. > > >> The second process avoids unnecessary bottlenecks. Perhaps we could also >> have separate "experimental", "unstable" or "feature-testing" trees >> maintained by other people. The code from these would then flow into the >> main development tree. I believe these trees could we managed with Git >> even if the main development branch is in SVN. >> > > The nice thing about git is that people can very easily do "experimental > branches" in their own repository, giving access to testers, without > having to have write access to SVN. > > OTOH, the VCS used is just a tool to help the process, and not the > primary goal :-) - so I'm definitely not going to be religious about > git or svn or cvs or... > > gert > Ok, we can test the processes and adjust as necessary. James needs to take the initiative here. -- Samuli Seppänen Community Manager OpenVPN Technologies, Inc irc freenode net: mattock
Re: [Openvpn-devel] OpenVPN core development processes?
Gert Doering wrote: > The nice thing about git is that people can very easily do > "experimental branches" in their own repository, giving access to > testers, without having to have write access to SVN. Agree, but the hosting issue aside this is possible also from an SVN repo thanks to the git svn support. Try: git svn clone http://svn.openvpn.net/projects/openvpn/trunk/openvpn (You may want to create and use a gitauthors file for best results.) //Peter
Re: [Openvpn-devel] OpenVPN core development processes?
Hi, On Wed, Jan 20, 2010 at 04:00:03PM +0200, Samuli Seppänen wrote: > So something like this at first: > > http://users.utu.fi/sjsepp/openvpn/process_contributing_to_openvpn.png > > ... and later this: > > http://users.utu.fi/sjsepp/openvpn/process_contributing_to_openvpn_2.png This makes sense to me. Especially since there is well-defined feedback to the patch author what will happen with his work. > The second process avoids unnecessary bottlenecks. Perhaps we could also > have separate "experimental", "unstable" or "feature-testing" trees > maintained by other people. The code from these would then flow into the > main development tree. I believe these trees could we managed with Git > even if the main development branch is in SVN. The nice thing about git is that people can very easily do "experimental branches" in their own repository, giving access to testers, without having to have write access to SVN. OTOH, the VCS used is just a tool to help the process, and not the primary goal :-) - so I'm definitely not going to be religious about git or svn or cvs or... gert -- USENET is *not* the non-clickable part of WWW! //www.muc.de/~gert/ Gert Doering - Munich, Germany g...@greenie.muc.de fax: +49-89-35655025g...@net.informatik.tu-muenchen.de
[Openvpn-devel] OpenVPN core development processes?
Hi, In the first development model we discussed our development processes in some length. To get some idea how other security-oriented projects handle their development, I took a look at two - OpenSSL and IPsec-tools. The idea was to see if we can learn something from them. I think the most important development processes in any OSS project are: 1) Getting code into main development tree 2) Reporting bugs (and managing bug reports) OpenSSL (http://www.openssl.org/about) handles patches and bugs using mailing lists and a bug tracker. These are at least partially integrated together. There is a relatively small group, 10 people, who have made 1000-21000 commits to the CVS. Only part of this group is currently active. Testing branches are sometimes used when testing new features. There are also several stable branches in addition to the main development branch (HEAD). The rest of the developer community needs to send patches (bug fixes, new features) to the "openssl-bugs" mailing list. Sensitive bug reports are sent to a private list, openssl-security. The usefulness of new features is discussed on the "openssl-dev" list. Core developers act as gatekeepers making sure that poor quality code does not end up in the repository. Read-only CVS access is available, as well as daily snapshots. IPsec tools (http://ipsec-tools.sourceforge.net) is a much smaller project and has only 4 core developers with 200-1600 commits. Some of these are not currently active. There are no "experimental" or "unstable" branches for testing purposes. Bugs reports and patches are handled with Trac (https://trac.ipsec-tools.net/report). It is also possible to use the mailing lists for this purpose as well as for generic development discussions. Similarly to OpenSSL, there's a special private mailing list for reporting security problems. As with OpenSSL, the small group of core developers act as gatekeepers. Read-only CVS access is available. I think we could use similar approaches in our development. For example, the idea of being able to track bugs and patches simultaneously with a tracker (e.g. Trac) and mailinglists is definitely good. Also having a private mailing list for reporting security problems makes sense. I think at the beginning James needs to continue being the "gateway" to the main line of development. Later on a few others should be given the core developer status with commit access. So something like this at first: http://users.utu.fi/sjsepp/openvpn/process_contributing_to_openvpn.png ... and later this: http://users.utu.fi/sjsepp/openvpn/process_contributing_to_openvpn_2.png The second process avoids unnecessary bottlenecks. Perhaps we could also have separate "experimental", "unstable" or "feature-testing" trees maintained by other people. The code from these would then flow into the main development tree. I believe these trees could we managed with Git even if the main development branch is in SVN. Any thoughts? -- Samuli Seppänen Community Manager OpenVPN Technologies, Inc irc freenode net: mattock
