Tres Seaver wrote:
> Ugh. -1 to any attempt to use "space suits" in Z2. I would rather move
> to a model which made it easy to mark some / all TTW objects as
> "trusted", disabling security checks altogether: the "untrusted users
> can edit TTW code" use case is pretty much irrelevant for any si
Lennart Regebro wrote:
> On Thu, Jan 22, 2009 at 10:38, Chris Withers wrote:
>>> Note that Jim never explained to me how he does these audits, but I gathered
>>> some methods he used in conversations. I think I did a pretty thorough job
>>> during the review.
>> Yeah, this disturbs me a lot still
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
Lennart Regebro wrote:
> On Thu, Jan 22, 2009 at 10:38, Chris Withers wrote:
>>> Note that Jim never explained to me how he does these audits, but I gathered
>>> some methods he used in conversations. I think I did a pretty thorough job
>>> during the
On Thu, Jan 22, 2009 at 10:38, Chris Withers wrote:
>> Note that Jim never explained to me how he does these audits, but I gathered
>> some methods he used in conversations. I think I did a pretty thorough job
>> during the review.
>
> Yeah, this disturbs me a lot still though :-S
I know the feel
Shane Hathaway wrote:
> Chris Withers wrote:
>> I don't think this is such a huge change, it's a change in the style
>> of what RP does already, not a complete re-implementation...
>
> OTOH, with Python 3 now released, it seems unlikely that we'll see any
> new syntax added to Python 2.x. So RP
Dieter Maurer wrote:
> Chris Withers wrote at 2009-1-22 09:38 +:
>> ...
>> One thing that myself and Shane talked briefly about on this list was
>> re-implementing the AST manipulation as dissallow-by-default filter
>> rather than a straight manipulation. That way, unexpected stuff should
>>
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
On 25.01.2009 20:34 Uhr, Dieter Maurer wrote:
> Andreas Jung wrote at 2009-1-25 20:19 +0100:
>> ...
>> Please stop the discussion. The majority of Zope developers considers
>> the ZClasses programming model as not up2date and not flexible enough
>> whe
Andreas Jung wrote at 2009-1-25 20:19 +0100:
> ...
>Please stop the discussion. The majority of Zope developers considers
>the ZClasses programming model as not up2date and not flexible enough
>when it comes to extensibility and scalability.
>That's why we don't want
>ZClasses being part of Zope 2
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
On 25.01.2009 20:09 Uhr, Dieter Maurer wrote:
> Martijn Pieters wrote at 2009-1-25 13:29 +0100:
>> On Sun, Jan 25, 2009 at 12:56, Dieter Maurer wrote:
>>> I plan to provide such a package as "dm.ZClasses" or (maybe)
>>> "Zope2.ZClasses"
>>> -- of cou
Martijn Pieters wrote at 2009-1-25 13:29 +0100:
>On Sun, Jan 25, 2009 at 12:56, Dieter Maurer wrote:
>> I plan to provide such a package as "dm.ZClasses" or (maybe) "Zope2.ZClasses"
>> -- of course with some complaints against the Zope release management
>> in the documentation:
>>
>> * cutting
Previously Laurence Rowe wrote:
> It's possible to have egg dependencies on development versions of other
> eggs so long as there is an svn egg link on the pypi page.
>
> For example in zope.sqlalchemy's pypi page I include a link like to:
>
> svn://svn.zope.org/repos/main/zope.sqlalchemy/trunk#
Andreas Jung wrote:
>> - complete eggification (apparently pretty much done)
>
> We have to define what "eggification" means exactly. By now the
> Zope2.buildout seems to work fine with Python 2.4-2.6. I think
> we want to see Zope2 being easy_install-able. This means basically:
>
> - a source c
Andreas Jung wrote:
> On 21.01.2009 14:55 Uhr, Andreas Jung wrote:
>
>> - complete eggification (apparently pretty much done)
I tried to make an old-style full-tarball release yesterday and ran into
a problem. The setup.py in the created tarball references the 'src'
folder in some steps, which is
On Sun, Jan 25, 2009 at 12:56, Dieter Maurer wrote:
> I plan to provide such a package as "dm.ZClasses" or (maybe) "Zope2.ZClasses"
> -- of course with some complaints against the Zope release management
> in the documentation:
>
> * cutting away useful features without any serious need
>
> *
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
On 25.01.2009 12:56 Uhr, Dieter Maurer wrote:
> Andreas Jung wrote at 2009-1-25 10:21 +0100:
>> -BEGIN PGP SIGNED MESSAGE-
>> Hash: SHA1
>>
>> On 25.01.2009 9:27 Uhr, Dieter Maurer wrote:
>>> Andreas Jung wrote at 2009-1-21 14:55 +0100:
..
Andreas Jung wrote at 2009-1-25 12:53 +0100:
> ...
>> - removing ZClasses completely
>>> This is done now.
>>
>> Wow. This was quick!
>> Much quicker than fixing bugs reported in the collector :-(
>
>
>Please stop bitching and fix your favorite bugs in the collector.
>You have svn commit right
Andreas Jung wrote at 2009-1-25 10:21 +0100:
>-BEGIN PGP SIGNED MESSAGE-
>Hash: SHA1
>
>On 25.01.2009 9:27 Uhr, Dieter Maurer wrote:
>> Andreas Jung wrote at 2009-1-21 14:55 +0100:
>>> ...
>>> TARGET=Python 2.6.X
>>> ACCEPTABLE=Python 2.5
>>> Python 2.4.X would be basically not acceptabl
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
On 25.01.2009 12:44 Uhr, Dieter Maurer wrote:
> Hanno Schlichting wrote at 2009-1-23 19:36 +0100:
>> Wichert Akkerman wrote:
>>> Previously Tres Seaver wrote:
Andreas Jung wrote:
> - removing ZClasses completely
>> This is done now.
>
> Wow.
Hanno Schlichting wrote at 2009-1-23 19:36 +0100:
>Wichert Akkerman wrote:
>> Previously Tres Seaver wrote:
>>> Andreas Jung wrote:
- removing ZClasses completely
>
>This is done now.
Wow. This was quick!
Much quicker than fixing bugs reported in the collector :-(
--
Dieter
_
Chris Withers wrote at 2009-1-22 09:38 +:
> ...
>One thing that myself and Shane talked briefly about on this list was
>re-implementing the AST manipulation as dissallow-by-default filter
>rather than a straight manipulation. That way, unexpected stuff should
>be allowed by default.
The ter
Andreas Jung wrote at 2009-1-21 14:55 +0100:
> ...
> TARGET=Python 2.6.X
> ACCEPTABLE=Python 2.5
> Python 2.4.X would be basically not acceptable but could be used
> at your own risk using the --with-python option.
> ...
>- - removing ZClasses completely
But hopefully provided by a separate p
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
On 21.01.2009 14:55 Uhr, Andreas Jung wrote:
>
> - complete eggification (apparently pretty much done)
We have to define what "eggification" means exactly. By now the
Zope2.buildout seems to work fine with Python 2.4-2.6. I think
we want to see Zope
Wichert Akkerman wrote:
> Previously Tres Seaver wrote:
>> Andreas Jung wrote:
>>> - removing ZClasses completely
This is done now.
> There is a whole lot of legacy code surrounding Zope startup and the
> persistent control panel that is only there to support ZClasses.
> Removing them would allo
On Friday 23 January 2009, Wichert Akkerman wrote:
> > I'm actually willing to abandon the "big tree" altogether, unless
> > somebody comes up with a clever way to automate it from some Z2-specific
> > KGS index. I think the canonical "source install" would be something
> > like a tarball of a bui
On Jan 22, 2009, at 9:34 PM, Tres Seaver wrote:
> I'm actually willing to abandon the "big tree" altogether, unless
> somebody comes up with a clever way to automate it from some Z2-
> specific
> KGS index. I think the canonical "source install" would be something
> like a tarball of a buildout
Previously Tres Seaver wrote:
> Andreas Jung wrote:
> > - removing ZClasses completely
>
> - -0. I don't want to invest effort in maintaining them, but if they are
> still working for people in 2.11, I don't think we need to rip them out.
+1
There is a whole lot of legacy code surrounding Zope
Chris Withers wrote:
> I don't think this is such a huge change, it's a change in the style of
> what RP does already, not a complete re-implementation...
OTOH, with Python 3 now released, it seems unlikely that we'll see any
new syntax added to Python 2.x. So RP doesn't really need any sort of
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
Andreas Jung wrote:
> Hi there,
>
> based on an earlier Zope 2.12 thread
>
> http://mail.zope.org/pipermail/zope-dev/2008-October/033572.html
>
> I propose that we get out an alpha version of Zope 2.12 by end
> of February.
>
> http://mail.zope.org
While we are at it...
The biggest offender is the zodbcode package, which does not appear to
pass its tests at all under Python 2.6. Not having investigated this
further I can imagine three courses of action:
1) Fix zodbcode (me shrugs)
2) Exclude zodbcode tests from the test suite
Andreas Jung wrote:
>> It's a shame Jim has so little time to spend on this...
>
> Take your hat and collect some money for hiring Jim :-)
Zope Corp chose to assume the Zope brand for themselves, given the
prevelence of Zope 2 and RestrictedPython, it'd be nice if they could
devote some of Jim'
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
On 22.01.2009 10:38 Uhr, Chris Withers wrote:
> Stephan Richter wrote:
>> On Wednesday 21 January 2009, Andreas Jung wrote:
>>> - RestrictedPython security audit: such an audit has been made
>>> by Stefan and Sidnei. I am not qualified to speak about
Stephan Richter wrote:
> On Wednesday 21 January 2009, Andreas Jung wrote:
>> - RestrictedPython security audit: such an audit has been made
>> by Stefan and Sidnei. I am not qualified to speak about the
>> correctness of the audit. I assume they know what they were
>> doing. Unless objection
Andreas Jung wrote:
> - - removing ZClasses completely
...into a seperate egg/product, right?
> - - how do to a "traditional" SVN checkout of the Zope 2 and the related
> Zope 3 modules? The Zope2.buildout maintains its dependencies through
> a KGS - the old-style SVN checkout uses svn:exter
On Wednesday 21 January 2009, Andreas Jung wrote:
> - RestrictedPython security audit: such an audit has been made
> by Stefan and Sidnei. I am not qualified to speak about the
> correctness of the audit. I assume they know what they were
> doing. Unless objections one might consider this iss
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
Hi there,
based on an earlier Zope 2.12 thread
http://mail.zope.org/pipermail/zope-dev/2008-October/033572.html
I propose that we get out an alpha version of Zope 2.12 by end
of February.
http://mail.zope.org/pipermail/zope-dev/2008-October/033572.
35 matches
Mail list logo