Re: [Zope-dev] zope.security with Py3
-BEGIN PGP SIGNED MESSAGE- Hash: SHA1 On 03/08/2013 02:18 PM, Stephan Richter wrote: > On Thursday, February 14, 2013 03:42:06 PM Tres Seaver wrote: >> -BEGIN PGP SIGNED MESSAGE- Hash: SHA1 >> >> On 02/14/2013 03:15 PM, Tres Seaver wrote: >>> The work to create a compatible pure-Python proxy is partly done >>> (I added tests for all the features of the C version I could >>> discover). The version I have in my sandbox doesn't pass all those >>> tests, so I haven't pushed it. >> >> I put that work on a branch: >> >> https://github.com/zopefoundation/zope.security/tree/pure_python_proxy >> >> >> Likely I won't get back to it this week. > > Hi Tres, > > do you see yourself working on this again soon? I was going to port > some packages to PyPy, but got quickly blocked by zope.security. No, I don't think I will be working on that package in the near future (I pushed changes merging the trunk and fixed the coverage today). Tres. - -- === Tres Seaver +1 540-429-0999 tsea...@palladion.com Palladion Software "Excellence by Design"http://palladion.com -BEGIN PGP SIGNATURE- Version: GnuPG v1.4.11 (GNU/Linux) Comment: Using GnuPG with undefined - http://www.enigmail.net/ iEYEARECAAYFAlE6S1AACgkQ+gerLs4ltQ75/ACbBoPUgnPVEFPBLorH5SRiYnXX vfIAmgKOsillJ0VLZzZsxsQ2L48z48PI =C34r -END PGP SIGNATURE- ___ Zope-Dev maillist - Zope-Dev@zope.org https://mail.zope.org/mailman/listinfo/zope-dev ** No cross posts or HTML encoding! ** (Related lists - https://mail.zope.org/mailman/listinfo/zope-announce https://mail.zope.org/mailman/listinfo/zope )
Re: [Zope-dev] zope.security with Py3
On Thursday, February 14, 2013 03:42:06 PM Tres Seaver wrote: > -BEGIN PGP SIGNED MESSAGE- > Hash: SHA1 > > On 02/14/2013 03:15 PM, Tres Seaver wrote: > > The work to create a compatible pure-Python proxy is partly done (I > > added tests for all the features of the C version I could discover). > > The version I have in my sandbox doesn't pass all those tests, so I > > haven't pushed it. > > I put that work on a branch: > > https://github.com/zopefoundation/zope.security/tree/pure_python_proxy > > Likely I won't get back to it this week. Hi Tres, do you see yourself working on this again soon? I was going to port some packages to PyPy, but got quickly blocked by zope.security. Regards, Stephan -- Entrepreneur and Software Geek Google me. "Zope Stephan Richter" ___ Zope-Dev maillist - Zope-Dev@zope.org https://mail.zope.org/mailman/listinfo/zope-dev ** No cross posts or HTML encoding! ** (Related lists - https://mail.zope.org/mailman/listinfo/zope-announce https://mail.zope.org/mailman/listinfo/zope )
Re: [Zope-dev] zope.security with Py3
-BEGIN PGP SIGNED MESSAGE- Hash: SHA1 On 02/14/2013 03:15 PM, Tres Seaver wrote: > The work to create a compatible pure-Python proxy is partly done (I > added tests for all the features of the C version I could discover). > The version I have in my sandbox doesn't pass all those tests, so I > haven't pushed it. I put that work on a branch: https://github.com/zopefoundation/zope.security/tree/pure_python_proxy Likely I won't get back to it this week. Tres. - -- === Tres Seaver +1 540-429-0999 tsea...@palladion.com Palladion Software "Excellence by Design"http://palladion.com -BEGIN PGP SIGNATURE- Version: GnuPG v1.4.11 (GNU/Linux) Comment: Using GnuPG with undefined - http://www.enigmail.net/ iEYEARECAAYFAlEdTB4ACgkQ+gerLs4ltQ6OZQCfVIM/aPRd8BJkRSDEXx7wg4FM inIAnA0jSbOlTBdpi5P1CYtpUg/3dMF/ =4bBx -END PGP SIGNATURE- ___ Zope-Dev maillist - Zope-Dev@zope.org https://mail.zope.org/mailman/listinfo/zope-dev ** No cross posts or HTML encoding! ** (Related lists - https://mail.zope.org/mailman/listinfo/zope-announce https://mail.zope.org/mailman/listinfo/zope )
Re: [Zope-dev] zope.security with Py3
-BEGIN PGP SIGNED MESSAGE- Hash: SHA1 On 02/13/2013 05:02 PM, Tres Seaver wrote: > On 02/13/2013 11:04 AM, Tres Seaver wrote: >> On 02/12/2013 10:47 PM, Stephan Richter wrote: > >>> I saw you finished test coverage tonight for zope.security. What >>> is your timeline to do the port to Python 3? Our efforts are >>> blocked until we get zope.security going. We would be willing to >>> take a shot at the port, but you have just done all the hard work >>> writing the tests, so I do not want to steal the momentum from >>> you. > >> Now that the test coverage is in place, I plan to finish the Py3k >> conversion today, or tomorrow at the latest. > > The trunk is now Py3k-compatible. I'd like to hold off on a final > 4.0.0 release until I can think about adding PyPy support (pure > Python reference implementations of the _proxy and > _zope_security_checker stuff). > > We could push a 4.0.0 alpha if you need it installable from PyPI. Done: http://pypi.python.org/pypi/zope.security/4.0.0a1 The work to create a compatible pure-Python proxy is partly done (I added tests for all the features of the C version I could discover). The version I have in my sandbox doesn't pass all those tests, so I haven't pushed it. Tres. - -- === Tres Seaver +1 540-429-0999 tsea...@palladion.com Palladion Software "Excellence by Design"http://palladion.com -BEGIN PGP SIGNATURE- Version: GnuPG v1.4.11 (GNU/Linux) Comment: Using GnuPG with undefined - http://www.enigmail.net/ iEYEARECAAYFAlEdRcUACgkQ+gerLs4ltQ7zfACfTdED2bc7LizYEcxyno9G9guk tpEAoJ+lUfuRnqHeELRfkTBJOGEkpbW8 =HoJd -END PGP SIGNATURE- ___ Zope-Dev maillist - Zope-Dev@zope.org https://mail.zope.org/mailman/listinfo/zope-dev ** No cross posts or HTML encoding! ** (Related lists - https://mail.zope.org/mailman/listinfo/zope-announce https://mail.zope.org/mailman/listinfo/zope )
Re: [Zope-dev] zope.security with Py3
-BEGIN PGP SIGNED MESSAGE- Hash: SHA1 On 02/13/2013 11:04 AM, Tres Seaver wrote: > On 02/12/2013 10:47 PM, Stephan Richter wrote: > >> I saw you finished test coverage tonight for zope.security. What is >> your timeline to do the port to Python 3? Our efforts are blocked >> until we get zope.security going. We would be willing to take a >> shot at the port, but you have just done all the hard work writing >> the tests, so I do not want to steal the momentum from you. > > Now that the test coverage is in place, I plan to finish the Py3k > conversion today, or tomorrow at the latest. The trunk is now Py3k-compatible. I'd like to hold off on a final 4.0.0 release until I can think about adding PyPy support (pure Python reference implementations of the _proxy and _zope_security_checker stuff). We could push a 4.0.0 alpha if you need it installable from PyPI. Tres. - -- === Tres Seaver +1 540-429-0999 tsea...@palladion.com Palladion Software "Excellence by Design"http://palladion.com -BEGIN PGP SIGNATURE- Version: GnuPG v1.4.11 (GNU/Linux) Comment: Using GnuPG with undefined - http://www.enigmail.net/ iEYEARECAAYFAlEcDV0ACgkQ+gerLs4ltQ6WoACgmR0iPfQc2VbYOZ92maSWyior IgAAn2uvQv58q72Gn7ACj7HRR9WM46kL =/yBO -END PGP SIGNATURE- ___ Zope-Dev maillist - Zope-Dev@zope.org https://mail.zope.org/mailman/listinfo/zope-dev ** No cross posts or HTML encoding! ** (Related lists - https://mail.zope.org/mailman/listinfo/zope-announce https://mail.zope.org/mailman/listinfo/zope )
Re: [Zope-dev] zope.security with Py3
-BEGIN PGP SIGNED MESSAGE- Hash: SHA1 On 02/12/2013 10:47 PM, Stephan Richter wrote: > I saw you finished test coverage tonight for zope.security. What is > your timeline to do the port to Python 3? Our efforts are blocked > until we get zope.security going. We would be willing to take a shot > at the port, but you have just done all the hard work writing the > tests, so I do not want to steal the momentum from you. Now that the test coverage is in place, I plan to finish the Py3k conversion today, or tomorrow at the latest. Tres. - -- === Tres Seaver +1 540-429-0999 tsea...@palladion.com Palladion Software "Excellence by Design"http://palladion.com -BEGIN PGP SIGNATURE- Version: GnuPG v1.4.11 (GNU/Linux) Comment: Using GnuPG with undefined - http://www.enigmail.net/ iEYEARECAAYFAlEbuYMACgkQ+gerLs4ltQ4s3wCbBYky/rRSkkTnQPfkq6IJqwpq OQIAniAIFP3aBX/grlHM7wFcSYzknfCg =l8QV -END PGP SIGNATURE- ___ Zope-Dev maillist - Zope-Dev@zope.org https://mail.zope.org/mailman/listinfo/zope-dev ** No cross posts or HTML encoding! ** (Related lists - https://mail.zope.org/mailman/listinfo/zope-announce https://mail.zope.org/mailman/listinfo/zope )
Re: [Zope-dev] zope.security
> On 02/11/2013 03:36 PM, Stephan Richter wrote: > > Hi Tres (and everyone else reading along), > > > > as you are probably aware, zope.security is a package that blocks a > > lot of other packages from being ported. I just checked out the > > coverage on Github and it looks like you are making good progress. > > > > The biggest issue I see with zope.security is its dependency on > > RestrictedPython, because I think that will take a long time to port > > correctly. However, most of zope.security is very much usable and used > > without zope.security.untrustedpython. > > > > I propose to split zope.security.untrustedpython into a separate > > package called zope.untrustedpython, so that a port of zope.security > > to Python 3 can move forward. (Note: I am signing up for the work.) +1 ! -- Brian Sutherland ___ Zope-Dev maillist - Zope-Dev@zope.org https://mail.zope.org/mailman/listinfo/zope-dev ** No cross posts or HTML encoding! ** (Related lists - https://mail.zope.org/mailman/listinfo/zope-announce https://mail.zope.org/mailman/listinfo/zope )
Re: [Zope-dev] zope.security
-BEGIN PGP SIGNED MESSAGE- Hash: SHA1 On 02/11/2013 09:16 PM, Stephan Richter wrote: > On Monday, February 11, 2013 06:34:52 PM Tres Seaver wrote: >>> I propose to split zope.security.untrustedpython into a separate >>> package called zope.untrustedpython, so that a port of >>> zope.security to Python 3 can move forward. (Note: I am signing up >>> for the work.) >> >> +1 for splitting out the RP dependency. > > Okay, if you create a zope.untrustedpython project on Github, I will > get to it tomorrow or tonight. 'zope.untrustedpython' repository created. Tres. - -- === Tres Seaver +1 540-429-0999 tsea...@palladion.com Palladion Software "Excellence by Design"http://palladion.com -BEGIN PGP SIGNATURE- Version: GnuPG v1.4.11 (GNU/Linux) Comment: Using GnuPG with undefined - http://www.enigmail.net/ iEYEARECAAYFAlEZvDsACgkQ+gerLs4ltQ6G2ACg2QA1O903eN8JXtNTR1qoiLkw 5FEAoLQAmAbWaDcCtICusy82eaBYUQcX =uNeM -END PGP SIGNATURE- ___ Zope-Dev maillist - Zope-Dev@zope.org https://mail.zope.org/mailman/listinfo/zope-dev ** No cross posts or HTML encoding! ** (Related lists - https://mail.zope.org/mailman/listinfo/zope-announce https://mail.zope.org/mailman/listinfo/zope )
Re: [Zope-dev] zope.security
-BEGIN PGP SIGNED MESSAGE- Hash: SHA1 On 02/11/2013 03:36 PM, Stephan Richter wrote: > Hi Tres (and everyone else reading along), > > as you are probably aware, zope.security is a package that blocks a > lot of other packages from being ported. I just checked out the > coverage on Github and it looks like you are making good progress. > > The biggest issue I see with zope.security is its dependency on > RestrictedPython, because I think that will take a long time to port > correctly. However, most of zope.security is very much usable and used > without zope.security.untrustedpython. > > I propose to split zope.security.untrustedpython into a separate > package called zope.untrustedpython, so that a port of zope.security > to Python 3 can move forward. (Note: I am signing up for the work.) +1 for splitting out the RP dependency. Tres. - -- === Tres Seaver +1 540-429-0999 tsea...@palladion.com Palladion Software "Excellence by Design"http://palladion.com -BEGIN PGP SIGNATURE- Version: GnuPG v1.4.11 (GNU/Linux) Comment: Using GnuPG with undefined - http://www.enigmail.net/ iEYEARECAAYFAlEZgBwACgkQ+gerLs4ltQ6P0ACfXXfQJvd78p3+4mk+tEDFaA0a usoAoMNLK7YqxrU089DTQAKDq/HoNZ22 =0e3S -END PGP SIGNATURE- ___ Zope-Dev maillist - Zope-Dev@zope.org https://mail.zope.org/mailman/listinfo/zope-dev ** No cross posts or HTML encoding! ** (Related lists - https://mail.zope.org/mailman/listinfo/zope-announce https://mail.zope.org/mailman/listinfo/zope )
Re: [Zope-dev] zope.security on github?
On Mon, Feb 11, 2013 at 3:39 PM, Stephan Richter wrote: > On Monday, February 11, 2013 03:37:17 PM Jim Fulton wrote: >> > It seems to be readonly already, so I cannot remove the files. >> >> Sorry. Fixed. Can you try again please? > > All done. Thanks. Back to read only. Jim -- Jim Fulton http://www.linkedin.com/in/jimfulton Jerky is better than bacon! http://zo.pe/Kqm ___ Zope-Dev maillist - Zope-Dev@zope.org https://mail.zope.org/mailman/listinfo/zope-dev ** No cross posts or HTML encoding! ** (Related lists - https://mail.zope.org/mailman/listinfo/zope-announce https://mail.zope.org/mailman/listinfo/zope )
Re: [Zope-dev] zope.security on github?
On Monday, February 11, 2013 03:37:17 PM Jim Fulton wrote: > > It seems to be readonly already, so I cannot remove the files. > > Sorry. Fixed. Can you try again please? All done. Regards, Stephan -- Entrepreneur and Software Geek Google me. "Zope Stephan Richter" ___ Zope-Dev maillist - Zope-Dev@zope.org https://mail.zope.org/mailman/listinfo/zope-dev ** No cross posts or HTML encoding! ** (Related lists - https://mail.zope.org/mailman/listinfo/zope-announce https://mail.zope.org/mailman/listinfo/zope )
Re: [Zope-dev] zope.security on github?
On Mon, Feb 11, 2013 at 3:29 PM, Stephan Richter wrote: > On Monday, February 11, 2013 03:19:54 PM Jim Fulton wrote: >> > 1. Can we delete the contents of zope.security on svn.zope.org? >> >> Please remove the contents of trunk and add a MOVED_TO_GITHUB file in >> trunk and in the project root with the git repo url. >> >> When that's done, I'll make the project read only. > > It seems to be readonly already, so I cannot remove the files. Sorry. Fixed. Can you try again please? Jim -- Jim Fulton http://www.linkedin.com/in/jimfulton Jerky is better than bacon! http://zo.pe/Kqm ___ Zope-Dev maillist - Zope-Dev@zope.org https://mail.zope.org/mailman/listinfo/zope-dev ** No cross posts or HTML encoding! ** (Related lists - https://mail.zope.org/mailman/listinfo/zope-announce https://mail.zope.org/mailman/listinfo/zope )
Re: [Zope-dev] zope.security on github?
On Monday, February 11, 2013 03:19:54 PM Jim Fulton wrote: > > 1. Can we delete the contents of zope.security on svn.zope.org? > > Please remove the contents of trunk and add a MOVED_TO_GITHUB file in > trunk and in the project root with the git repo url. > > When that's done, I'll make the project read only. It seems to be readonly already, so I cannot remove the files. Regards, Stephan -- Entrepreneur and Software Geek Google me. "Zope Stephan Richter" ___ Zope-Dev maillist - Zope-Dev@zope.org https://mail.zope.org/mailman/listinfo/zope-dev ** No cross posts or HTML encoding! ** (Related lists - https://mail.zope.org/mailman/listinfo/zope-announce https://mail.zope.org/mailman/listinfo/zope )
Re: [Zope-dev] zope.security on github?
On Mon, Feb 11, 2013 at 3:14 PM, Stephan Richter wrote: > Hi everyone, > > I was just about to start porting zope.security using the SVN version, when I > noticed it is already on Github and Tres has even worked on it today. So 2 > things: > > 1. Can we delete the contents of zope.security on svn.zope.org? Please remove the contents of trunk and add a MOVED_TO_GITHUB file in trunk and in the project root with the git repo url. When that's done, I'll make the project read only. Jim -- Jim Fulton http://www.linkedin.com/in/jimfulton Jerky is better than bacon! http://zo.pe/Kqm ___ Zope-Dev maillist - Zope-Dev@zope.org https://mail.zope.org/mailman/listinfo/zope-dev ** No cross posts or HTML encoding! ** (Related lists - https://mail.zope.org/mailman/listinfo/zope-announce https://mail.zope.org/mailman/listinfo/zope )
Re: [Zope-dev] zope.security test failure on python2.7
On Wed, May 18, 2011 at 8:24 PM, Gediminas Paulauskas wrote: > So I removed the (incorrect) issubclass call, and the rest of the test > passes, showing that ABC checker works correctly. Even if it would be > good that issubclass worked, I think that mixing ABCs and Zope > interfaces is very unlikely anyway. > > But having one test that is known to fail, and consequently not test > all of ZTK at all is wrong. Now ZTK builders on python 2.7 can be > added/enabled again. Please do so. Thank you very much for digging into this! It would be great if the buildbot maintainers could add/enable Python 2.7 jobs for ZTK 1.1 and trunk now. Cheers, Hanno ___ Zope-Dev maillist - Zope-Dev@zope.org https://mail.zope.org/mailman/listinfo/zope-dev ** No cross posts or HTML encoding! ** (Related lists - https://mail.zope.org/mailman/listinfo/zope-announce https://mail.zope.org/mailman/listinfo/zope )
Re: [Zope-dev] zope.security dependency on zope.exceptions
-BEGIN PGP SIGNED MESSAGE- Hash: SHA1 Fabio Tranchitella wrote: > Happy New Year to everybody, > > I'm working to isolate a core set of ZTK packages which are independent > from Zope and reusable outside the Zope community. One of them is > zope.security, which can be used (and it is useful, indeed) with non-zope > frameworks too. > > While doing it, I'm trying to remove dependencies which are zope-specific, > to minimize the overhead for developers who are using the whole zope stack > (like me :)). I have such a subset in mind myself, which I call the "bicycle seat repair kit": - zope.interface - zope.coponent - zope.configuration - their dependencies. > zope.security depends on zope.exceptions because it imports this symbol in > zope.security.checker: > > from zope.exceptions import DuplicationError > > zope.exceptions defines DuplicationError as: > > class IDuplicationError(Interface): > pass > > class DuplicationError(Exception): > """A duplicate registration was attempted""" > implements(IDuplicationError) > > The zope.exceptions package contains "exception interfaces and > implementations which are so general purpose that they don't belong in Zope > application-specific packages.", as stated by the README. > > I propose to make the remove the dependency between zope.security and > zope.exceptions with a conditional import: > > * if zope.exceptions is available, use DuplicationError from it; > > * if it is not available, define a zope.security-specific DuplicationError >(which inherits from ValueError, maybe). > > As using zope.exceptions only make sense if you are checking the exception > type importing its interface from the zope.exceptions package, and thus > depending on it, I see no risk in such a change. > > Thoughts? Comments? +1. I wouldn't have thought zope.security useful elsewhere, but I take it you are using it in applications which don't use the rest of the stack. Tres. - -- === Tres Seaver +1 540-429-0999 tsea...@palladion.com Palladion Software "Excellence by Design"http://palladion.com -BEGIN PGP SIGNATURE- Version: GnuPG v1.4.9 (GNU/Linux) Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org iEYEARECAAYFAktD2N8ACgkQ+gerLs4ltQ7G0wCfVu0KZAZ5xzUXarXUO2nT6bIm LXQAoIYxT6lKDGgGeCq/ec7Xh+X+4WBo =dErh -END PGP SIGNATURE- ___ Zope-Dev maillist - Zope-Dev@zope.org https://mail.zope.org/mailman/listinfo/zope-dev ** No cross posts or HTML encoding! ** (Related lists - https://mail.zope.org/mailman/listinfo/zope-announce https://mail.zope.org/mailman/listinfo/zope )
Re: [Zope-dev] zope.security dependency on zope.exceptions
* 2010-01-05 08:26, Fabio Tranchitella wrote: > While doing it, I'm trying to remove dependencies which are zope-specific, > to minimize the overhead for developers who are using the whole zope stack > (like me :)). Ehm, I meant who are NOT using the whole zope stack. Fabio ___ Zope-Dev maillist - Zope-Dev@zope.org https://mail.zope.org/mailman/listinfo/zope-dev ** No cross posts or HTML encoding! ** (Related lists - https://mail.zope.org/mailman/listinfo/zope-announce https://mail.zope.org/mailman/listinfo/zope )
Re: [Zope-dev] zope.security in the KGS
On Thursday 08 October 2009, John Murphy wrote: > We noticed that the KGS 3.4.0b2 uses zope.security 3.4.0 and KGS > 3.5dev uses zope.security 3.6.0, both of which are vulnerable to this > bug. It would be great if the fixed version was incorporated into the > KGS soon, as segfaults during garbage collection are pretty serious -- > not to mention tough to track down :) Please note that Zope 3.4 only supports Python 2.5. Once the ZTK story is worked out, I will create a new way to create another Zope 3 release (Or what ever I have to name it sigh). Regards, Stephan -- Entrepreneur and Software Geek Google me. "Zope Stephan Richter" ___ Zope-Dev maillist - Zope-Dev@zope.org https://mail.zope.org/mailman/listinfo/zope-dev ** No cross posts or HTML encoding! ** (Related lists - https://mail.zope.org/mailman/listinfo/zope-announce https://mail.zope.org/mailman/listinfo/zope )
Re: [Zope-dev] zope.security in the KGS
> I think you will need to update your own application specific version > set. The Zope 3 KGS is currently unmaintained. The future of the Zope > 3 project is currently unknown. The last release has been eight months > ago and there is currently no active maintenance going on. My bad, I should've been looking at the ZTK KGS, which has the updated version. Thanks. --Jackie Murphy ___ Zope-Dev maillist - Zope-Dev@zope.org https://mail.zope.org/mailman/listinfo/zope-dev ** No cross posts or HTML encoding! ** (Related lists - https://mail.zope.org/mailman/listinfo/zope-announce https://mail.zope.org/mailman/listinfo/zope )
Re: [Zope-dev] zope.security in the KGS
On Thu, Oct 8, 2009 at 5:15 PM, John Murphy wrote: > We recently were bit by a segfault bug in zope.security > (https://bugs.launchpad.net/zope3/+bug/181833) when migrating an > application from Python 2.4 to 2.6. The newest zope.security (3.7.1, > http://pypi.python.org/pypi/zope.security/3.7.1#id1) has a fix for the > bug. > > We noticed that the KGS 3.4.0b2 uses zope.security 3.4.0 and KGS > 3.5dev uses zope.security 3.6.0, both of which are vulnerable to this > bug. It would be great if the fixed version was incorporated into the > KGS soon, as segfaults during garbage collection are pretty serious -- > not to mention tough to track down :) I think you will need to update your own application specific version set. The Zope 3 KGS is currently unmaintained. The future of the Zope 3 project is currently unknown. The last release has been eight months ago and there is currently no active maintenance going on. Sorry, Hanno ___ Zope-Dev maillist - Zope-Dev@zope.org https://mail.zope.org/mailman/listinfo/zope-dev ** No cross posts or HTML encoding! ** (Related lists - https://mail.zope.org/mailman/listinfo/zope-announce https://mail.zope.org/mailman/listinfo/zope )
Re: [Zope-dev] zope.security changes
Chris Withers wrote at 2009-2-6 12:31 +: > ... >> I would find is very unintuitive when configuration were centralized >> (in subpackages of "zope.configuration") rather than modular. >> >> Configuration belongs to the application or framework component >> that depends on this configuration not to any central component. > >I would normally agree, but this isn't quite as simple as that. >ZCML cuts across packages in that, if you use ZCML, you want the >directives for all the packages you have installed. At least, I want only the directives for the packages I have *really* installed. Think of the dependancy monster a common configuration package would be. And even when I have a package installed, I may not want its registrations (because they are inadequate for me and I want to provide my own). >If you don't use ZCML, you don't want any of the directives. > >using --> to mean depends on, what we want is: > >zope.configuration >^ >| >zcmlforpackagez --> packagex > >...which frees up packagex to be used without any ZCML Apparently, you treat "zope.configuration" as a namespace package and you will never install "zope.configuration" as a whole but only the lower packages -- that might work. Nevertheless, I find it highly unintuitive to rip of the configuration and put it at a completely different place. Package names of the form "packagex" and "packagex_zcml" seem far more intuitive for me. Note that below "zope.configuration" you have to retain the namepaces of your packages to avoid name conflicts and provide a homogenous map between package and its configuration package. You would get subpackages "zope.configuration.zope.proxy", "zope.configuration.z3c." Nasty -- Dieter ___ Zope-Dev maillist - Zope-Dev@zope.org http://mail.zope.org/mailman/listinfo/zope-dev ** No cross posts or HTML encoding! ** (Related lists - http://mail.zope.org/mailman/listinfo/zope-announce http://mail.zope.org/mailman/listinfo/zope )
Re: [Zope-dev] zope.security changes
2009/2/6 Chris Withers : > Dieter Maurer wrote: >> Chris Withers wrote at 2009-1-30 18:50 +: >>> Brian Sutherland wrote: > zope.configuration.x > zope.configuration.y Please don't, having namespace packages that contain files (as zope.configuration already does) breaks setuptools. >>> Then setuptools needs fixing. >> >> But not for this purpose: >> >> I would find is very unintuitive when configuration were centralized >> (in subpackages of "zope.configuration") rather than modular. >> >> Configuration belongs to the application or framework component >> that depends on this configuration not to any central component. > > I would normally agree, but this isn't quite as simple as that. > ZCML cuts across packages in that, if you use ZCML, you want the > directives for all the packages you have installed. > > If you don't use ZCML, you don't want any of the directives. > > using --> to mean depends on, what we want is: > > zope.configuration >^ >| > zcmlforpackagez --> packagex > > ...which frees up packagex to be used without any ZCML > > So, we end up with lots of "zcmlforpackage"'s which need to go somewhere. > > Either zope.configuration.packagex or packagex.zcml as package names for > these seems sensible, but if setuptools doesn't support either, then it > needs fixing... Why not just define an extra requirement for zcml in the main package and not generate thousands of packages that contain only meta directives? -- WBR, Dan Korostelev ___ Zope-Dev maillist - Zope-Dev@zope.org http://mail.zope.org/mailman/listinfo/zope-dev ** No cross posts or HTML encoding! ** (Related lists - http://mail.zope.org/mailman/listinfo/zope-announce http://mail.zope.org/mailman/listinfo/zope )
Re: [Zope-dev] zope.security changes
Dieter Maurer wrote: > Chris Withers wrote at 2009-1-30 18:50 +: >> Brian Sutherland wrote: zope.configuration.x zope.configuration.y >>> Please don't, having namespace packages that contain files (as >>> zope.configuration already does) breaks setuptools. >> Then setuptools needs fixing. > > But not for this purpose: > > I would find is very unintuitive when configuration were centralized > (in subpackages of "zope.configuration") rather than modular. > > Configuration belongs to the application or framework component > that depends on this configuration not to any central component. I would normally agree, but this isn't quite as simple as that. ZCML cuts across packages in that, if you use ZCML, you want the directives for all the packages you have installed. If you don't use ZCML, you don't want any of the directives. using --> to mean depends on, what we want is: zope.configuration ^ | zcmlforpackagez --> packagex ...which frees up packagex to be used without any ZCML So, we end up with lots of "zcmlforpackage"'s which need to go somewhere. Either zope.configuration.packagex or packagex.zcml as package names for these seems sensible, but if setuptools doesn't support either, then it needs fixing... Chris -- Simplistix - Content Management, Zope & Python Consulting - http://www.simplistix.co.uk ___ Zope-Dev maillist - Zope-Dev@zope.org http://mail.zope.org/mailman/listinfo/zope-dev ** No cross posts or HTML encoding! ** (Related lists - http://mail.zope.org/mailman/listinfo/zope-announce http://mail.zope.org/mailman/listinfo/zope )
Re: [Zope-dev] zope.security changes
On Sat, Jan 31, 2009 at 06:21:27AM -0500, Jim Fulton wrote: > > On Jan 30, 2009, at 1:48 PM, Brian Sutherland wrote: >> >> Please don't, having namespace packages that contain files (as >> zope.configuration already does) breaks setuptools. > > > zope.configuration isn't a namespace package. It is simply a package > with subpackages. I assumed Chris' suggestion was to make zope.configuration a namespace package. > > Jim > > -- > Jim Fulton > Zope Corporation > > -- Brian Sutherland ___ Zope-Dev maillist - Zope-Dev@zope.org http://mail.zope.org/mailman/listinfo/zope-dev ** No cross posts or HTML encoding! ** (Related lists - http://mail.zope.org/mailman/listinfo/zope-announce http://mail.zope.org/mailman/listinfo/zope )
Re: [Zope-dev] zope.security changes
On Jan 30, 2009, at 1:48 PM, Brian Sutherland wrote: > > Please don't, having namespace packages that contain files (as > zope.configuration already does) breaks setuptools. zope.configuration isn't a namespace package. It is simply a package with subpackages. Jim -- Jim Fulton Zope Corporation ___ Zope-Dev maillist - Zope-Dev@zope.org http://mail.zope.org/mailman/listinfo/zope-dev ** No cross posts or HTML encoding! ** (Related lists - http://mail.zope.org/mailman/listinfo/zope-announce http://mail.zope.org/mailman/listinfo/zope )
Re: [Zope-dev] zope.security changes
Chris Withers wrote at 2009-1-30 18:50 +: >Brian Sutherland wrote: >>> zope.configuration.x >>> zope.configuration.y >> >> Please don't, having namespace packages that contain files (as >> zope.configuration already does) breaks setuptools. > >Then setuptools needs fixing. But not for this purpose: I would find is very unintuitive when configuration were centralized (in subpackages of "zope.configuration") rather than modular. Configuration belongs to the application or framework component that depends on this configuration not to any central component. -- Dieter ___ Zope-Dev maillist - Zope-Dev@zope.org http://mail.zope.org/mailman/listinfo/zope-dev ** No cross posts or HTML encoding! ** (Related lists - http://mail.zope.org/mailman/listinfo/zope-announce http://mail.zope.org/mailman/listinfo/zope )
Re: [Zope-dev] zope.security changes
On Fri, Jan 30, 2009 at 4:44 PM, Martijn Faassen wrote: > Benji York wrote: >> On Fri, Jan 30, 2009 at 12:01 PM, Martijn Faassen >> wrote: >> >>> No, not there either, as zope.configuration doesn't define *any* >>> directives except the basic ones like 'include' and 'configure'. If you >>> would implement zope 3's directives in zope.configuration it'd start >>> pulling in dependencies like crazies, creating more dependency cycles. >>> >>> I think a new package might be in order. >> >> How about a namespace package zope.zcml? > > I think something like this would be a good idea. Though grokcore.* > packages would also depend on some of the configuration actions defined > there and they don't use ZCML themselves, it wouldn't pull in any > dependencies that they wouldn't already need anyway. Crazier idea: make the namespace package "zcml". -- Benji York Senior Software Engineer Zope Corporation ___ Zope-Dev maillist - Zope-Dev@zope.org http://mail.zope.org/mailman/listinfo/zope-dev ** No cross posts or HTML encoding! ** (Related lists - http://mail.zope.org/mailman/listinfo/zope-announce http://mail.zope.org/mailman/listinfo/zope )
Re: [Zope-dev] zope.security changes
Benji York wrote: > On Fri, Jan 30, 2009 at 12:01 PM, Martijn Faassen > wrote: > >> No, not there either, as zope.configuration doesn't define *any* >> directives except the basic ones like 'include' and 'configure'. If you >> would implement zope 3's directives in zope.configuration it'd start >> pulling in dependencies like crazies, creating more dependency cycles. >> >> I think a new package might be in order. > > How about a namespace package zope.zcml? I think something like this would be a good idea. Though grokcore.* packages would also depend on some of the configuration actions defined there and they don't use ZCML themselves, it wouldn't pull in any dependencies that they wouldn't already need anyway. Regards, Martijn ___ Zope-Dev maillist - Zope-Dev@zope.org http://mail.zope.org/mailman/listinfo/zope-dev ** No cross posts or HTML encoding! ** (Related lists - http://mail.zope.org/mailman/listinfo/zope-announce http://mail.zope.org/mailman/listinfo/zope )
Re: [Zope-dev] zope.security changes
On Fri, Jan 30, 2009 at 12:01 PM, Martijn Faassen wrote: > No, not there either, as zope.configuration doesn't define *any* > directives except the basic ones like 'include' and 'configure'. If you > would implement zope 3's directives in zope.configuration it'd start > pulling in dependencies like crazies, creating more dependency cycles. > > I think a new package might be in order. How about a namespace package zope.zcml? -- Benji York Senior Software Engineer Zope Corporation ___ Zope-Dev maillist - Zope-Dev@zope.org http://mail.zope.org/mailman/listinfo/zope-dev ** No cross posts or HTML encoding! ** (Related lists - http://mail.zope.org/mailman/listinfo/zope-announce http://mail.zope.org/mailman/listinfo/zope )
Re: [Zope-dev] zope.security changes
Brian Sutherland wrote: >> zope.configuration.x >> zope.configuration.y > > Please don't, having namespace packages that contain files (as > zope.configuration already does) breaks setuptools. Then setuptools needs fixing. There's no reason why zope.configuration and zope.configuration.x shouldn't happilly co-exist... (Marc-André Lemburg of the mx* library set assures me it is possible...) Chris -- Simplistix - Content Management, Zope & Python Consulting - http://www.simplistix.co.uk ___ Zope-Dev maillist - Zope-Dev@zope.org http://mail.zope.org/mailman/listinfo/zope-dev ** No cross posts or HTML encoding! ** (Related lists - http://mail.zope.org/mailman/listinfo/zope-announce http://mail.zope.org/mailman/listinfo/zope )
Re: [Zope-dev] zope.security changes
On Fri, Jan 30, 2009 at 05:32:33PM +, Chris Withers wrote: > Martijn Faassen wrote: > >>> This makes a lot more sense to me than having the ZCML support in > >>> either zope.component or zope.security. > >> Indeed, surely all zcml stuff belongs in zope.configuration anyway? > > > > No, not there either, as zope.configuration doesn't define *any* > > directives except the basic ones like 'include' and 'configure'. If you > > would implement zope 3's directives in zope.configuration it'd start > > pulling in dependencies like crazies, creating more dependency cycles. > > > > I think a new package might be in order. > > Indeed, maybe: > > zope.configuration.x > zope.configuration.y Please don't, having namespace packages that contain files (as zope.configuration already does) breaks setuptools. > etc... > > cheers, > > Chris > > -- > Simplistix - Content Management, Zope & Python Consulting > - http://www.simplistix.co.uk > ___ > Zope-Dev maillist - Zope-Dev@zope.org > http://mail.zope.org/mailman/listinfo/zope-dev > ** No cross posts or HTML encoding! ** > (Related lists - > http://mail.zope.org/mailman/listinfo/zope-announce > http://mail.zope.org/mailman/listinfo/zope ) -- Brian Sutherland ___ Zope-Dev maillist - Zope-Dev@zope.org http://mail.zope.org/mailman/listinfo/zope-dev ** No cross posts or HTML encoding! ** (Related lists - http://mail.zope.org/mailman/listinfo/zope-announce http://mail.zope.org/mailman/listinfo/zope )
Re: [Zope-dev] zope.security changes
On Jan 30, 2009, at 12:01 PM, Martijn Faassen wrote: > Chris Withers wrote: >> Fred Drake wrote: >>> On Thu, Jan 29, 2009 at 4:01 AM, Martijn Faassen >> > wrote: I believe it'd be nicer to extract any ZCML related stuff from zope.component at some point and put it into zope.componentzcml or something like that. We could then decide to move the and directives in there as well. >>> +1 >>> >>> This makes a lot more sense to me than having the ZCML support in >>> either zope.component or zope.security. >> >> Indeed, surely all zcml stuff belongs in zope.configuration anyway? > > No, not there either, as zope.configuration doesn't define *any* > directives except the basic ones like 'include' and 'configure'. If > you > would implement zope 3's directives in zope.configuration it'd start > pulling in dependencies like crazies, creating more dependency cycles. > > I think a new package might be in order. Yes please. (I should have read this before sending the other message I just sent. :) Jim -- Jim Fulton Zope Corporation ___ Zope-Dev maillist - Zope-Dev@zope.org http://mail.zope.org/mailman/listinfo/zope-dev ** No cross posts or HTML encoding! ** (Related lists - http://mail.zope.org/mailman/listinfo/zope-announce http://mail.zope.org/mailman/listinfo/zope )
Re: [Zope-dev] zope.security changes
On Jan 30, 2009, at 6:59 AM, Chris Withers wrote: > Fred Drake wrote: >> On Thu, Jan 29, 2009 at 4:01 AM, Martijn Faassen > > wrote: >>> I believe it'd be nicer to extract any ZCML related stuff from >>> zope.component at some point and put it into zope.componentzcml or >>> something like that. We could then decide to move the and >>> directives in there as well. >> >> +1 >> >> This makes a lot more sense to me than having the ZCML support in >> either zope.component or zope.security. > > Indeed, surely all zcml stuff belongs in zope.configuration anyway? No!!! zope.configuration just contains the implmentation of zcml itself. It shouldn't have any application-dependent code. I have no problem with moving zcml out of other packages, but it has to move into new packages, not into zope.configuration. Jim -- Jim Fulton Zope Corporation ___ Zope-Dev maillist - Zope-Dev@zope.org http://mail.zope.org/mailman/listinfo/zope-dev ** No cross posts or HTML encoding! ** (Related lists - http://mail.zope.org/mailman/listinfo/zope-announce http://mail.zope.org/mailman/listinfo/zope )
Re: [Zope-dev] zope.security changes
Martijn Faassen wrote: >>> This makes a lot more sense to me than having the ZCML support in >>> either zope.component or zope.security. >> Indeed, surely all zcml stuff belongs in zope.configuration anyway? > > No, not there either, as zope.configuration doesn't define *any* > directives except the basic ones like 'include' and 'configure'. If you > would implement zope 3's directives in zope.configuration it'd start > pulling in dependencies like crazies, creating more dependency cycles. > > I think a new package might be in order. Indeed, maybe: zope.configuration.x zope.configuration.y etc... cheers, Chris -- Simplistix - Content Management, Zope & Python Consulting - http://www.simplistix.co.uk ___ Zope-Dev maillist - Zope-Dev@zope.org http://mail.zope.org/mailman/listinfo/zope-dev ** No cross posts or HTML encoding! ** (Related lists - http://mail.zope.org/mailman/listinfo/zope-announce http://mail.zope.org/mailman/listinfo/zope )
Re: [Zope-dev] zope.security changes
Chris Withers wrote: > Fred Drake wrote: >> On Thu, Jan 29, 2009 at 4:01 AM, Martijn Faassen >> wrote: >>> I believe it'd be nicer to extract any ZCML related stuff from >>> zope.component at some point and put it into zope.componentzcml or >>> something like that. We could then decide to move the and >>> directives in there as well. >> +1 >> >> This makes a lot more sense to me than having the ZCML support in >> either zope.component or zope.security. > > Indeed, surely all zcml stuff belongs in zope.configuration anyway? No, not there either, as zope.configuration doesn't define *any* directives except the basic ones like 'include' and 'configure'. If you would implement zope 3's directives in zope.configuration it'd start pulling in dependencies like crazies, creating more dependency cycles. I think a new package might be in order. Regards, Martijn ___ Zope-Dev maillist - Zope-Dev@zope.org http://mail.zope.org/mailman/listinfo/zope-dev ** No cross posts or HTML encoding! ** (Related lists - http://mail.zope.org/mailman/listinfo/zope-announce http://mail.zope.org/mailman/listinfo/zope )
Re: [Zope-dev] zope.security changes
Fred Drake wrote: > On Thu, Jan 29, 2009 at 4:01 AM, Martijn Faassen > wrote: >> I believe it'd be nicer to extract any ZCML related stuff from >> zope.component at some point and put it into zope.componentzcml or >> something like that. We could then decide to move the and >> directives in there as well. > > +1 > > This makes a lot more sense to me than having the ZCML support in > either zope.component or zope.security. Indeed, surely all zcml stuff belongs in zope.configuration anyway? cheers, Chris -- Simplistix - Content Management, Zope & Python Consulting - http://www.simplistix.co.uk ___ Zope-Dev maillist - Zope-Dev@zope.org http://mail.zope.org/mailman/listinfo/zope-dev ** No cross posts or HTML encoding! ** (Related lists - http://mail.zope.org/mailman/listinfo/zope-announce http://mail.zope.org/mailman/listinfo/zope )
Re: [Zope-dev] zope.security changes
On Thu, Jan 29, 2009 at 4:01 AM, Martijn Faassen wrote: > I believe it'd be nicer to extract any ZCML related stuff from > zope.component at some point and put it into zope.componentzcml or > something like that. We could then decide to move the and > directives in there as well. +1 This makes a lot more sense to me than having the ZCML support in either zope.component or zope.security. -Fred -- Fred L. Drake, Jr. "Chaos is the score upon which reality is written." --Henry Miller ___ Zope-Dev maillist - Zope-Dev@zope.org http://mail.zope.org/mailman/listinfo/zope-dev ** No cross posts or HTML encoding! ** (Related lists - http://mail.zope.org/mailman/listinfo/zope-announce http://mail.zope.org/mailman/listinfo/zope )
Re: [Zope-dev] zope.security changes
Hey, Dan Korostelev wrote: [snip] >> >> What about the other use case of , i.e. declaring implemented >> interfaces, as in >> >> >> >> > > +1. That's kinda strange to have it in zope.security. > > I think, the better place to move zcml directives is zope.component, > as it already depends on zope.security for the zcml support and the > "class" directive also has component-related "factory" subdirective > which declared in zope.component. It's true isn't purely about security. It's not purely about component configuration either, though. Most of what 'class' is about is security-related, so it's using a lot of stuff in zope.security. If you look at the implementation, I think people would agree it's doing more security manipulation then it's doing component configuration. And I think we can at least agree zope.security is at least an improvement in location compared to their scattered implementation throughout zope.app.component and zope.app.security. So, I don't think we'll be moving (and then ) into zope.component this week during the sprint, and not just because it'd distract us from our main goal to reach layered dependencies. I believe that zope.component relying on zope.security (if indeed [zcml] is enabled) is actually something that could be avoided if we moved the ZCML directive implementations from zope.component entirely. When you install zope.component without ZCML support, you get a reasonable dependency list actually installed. When you do use the ZCML dependency it starts pulling in a lot more, including quite unreasonable stuff like zope.publisher and zope.traversing. See this for more information: http://plope.com/Members/chrism/pluginizing_an_app I believe it'd be nicer to extract any ZCML related stuff from zope.component at some point and put it into zope.componentzcml or something like that. We could then decide to move the and directives in there as well. Regards, Martijn ___ Zope-Dev maillist - Zope-Dev@zope.org http://mail.zope.org/mailman/listinfo/zope-dev ** No cross posts or HTML encoding! ** (Related lists - http://mail.zope.org/mailman/listinfo/zope-announce http://mail.zope.org/mailman/listinfo/zope )
Re: [Zope-dev] zope.security changes
On Wednesday 28 January 2009, Dan Korostelev wrote: > I think, the better place to move zcml directives is zope.component, > as it already depends on zope.security for the zcml support and the > "class" directive also has component-related "factory" subdirective > which declared in zope.component. Good point. Regards, Stephan -- Stephan Richter Web Software Design, Development and Training Google me. "Zope Stephan Richter" ___ Zope-Dev maillist - Zope-Dev@zope.org http://mail.zope.org/mailman/listinfo/zope-dev ** No cross posts or HTML encoding! ** (Related lists - http://mail.zope.org/mailman/listinfo/zope-announce http://mail.zope.org/mailman/listinfo/zope )
Re: [Zope-dev] zope.security changes
On Wednesday 28 January 2009, Marius Gedminas wrote: > Sounds good! > > What about the other use case of , i.e. declaring implemented > interfaces, as in > > > > I was waiting for that comment. :-) I wanted to write the same this morning, but then decided that the new solution is better than anything else I could think of. Regards, Stephan -- Stephan Richter Web Software Design, Development and Training Google me. "Zope Stephan Richter" ___ Zope-Dev maillist - Zope-Dev@zope.org http://mail.zope.org/mailman/listinfo/zope-dev ** No cross posts or HTML encoding! ** (Related lists - http://mail.zope.org/mailman/listinfo/zope-announce http://mail.zope.org/mailman/listinfo/zope )
Re: [Zope-dev] zope.security changes
2009/1/29 Marius Gedminas : > On Wed, Jan 28, 2009 at 06:42:58PM +0100, Martijn Faassen wrote: >> Hi there, >> >> In the dependency cleanup effort we've got going on at the Grok >> cavesprint here at my house, we have moved code around some more. >> >> zope.security was already defining ZCML directives so we've moved the >> directive from zope.app.component and and the >> directive from zope.app.security into zope.security as well. These only >> need things that are in zope.security already (or its dependencies) and >> the directives are about security declarations, so they seem to fit >> quite well into their new place. > > Sounds good! > > What about the other use case of , i.e. declaring implemented > interfaces, as in > > > > +1. That's kinda strange to have it in zope.security. I think, the better place to move zcml directives is zope.component, as it already depends on zope.security for the zcml support and the "class" directive also has component-related "factory" subdirective which declared in zope.component. -- WBR, Dan Korostelev ___ Zope-Dev maillist - Zope-Dev@zope.org http://mail.zope.org/mailman/listinfo/zope-dev ** No cross posts or HTML encoding! ** (Related lists - http://mail.zope.org/mailman/listinfo/zope-announce http://mail.zope.org/mailman/listinfo/zope )
Re: [Zope-dev] zope.security changes
On Wed, Jan 28, 2009 at 06:42:58PM +0100, Martijn Faassen wrote: > Hi there, > > In the dependency cleanup effort we've got going on at the Grok > cavesprint here at my house, we have moved code around some more. > > zope.security was already defining ZCML directives so we've moved the > directive from zope.app.component and and the > directive from zope.app.security into zope.security as well. These only > need things that are in zope.security already (or its dependencies) and > the directives are about security declarations, so they seem to fit > quite well into their new place. Sounds good! What about the other use case of , i.e. declaring implemented interfaces, as in ? Marius Gedminas -- http://pov.lt/ -- Zope 3 consulting and development signature.asc Description: Digital signature ___ Zope-Dev maillist - Zope-Dev@zope.org http://mail.zope.org/mailman/listinfo/zope-dev ** No cross posts or HTML encoding! ** (Related lists - http://mail.zope.org/mailman/listinfo/zope-announce http://mail.zope.org/mailman/listinfo/zope )
Re: [Zope-dev] zope.security and zope.location depend on each other
On Fri, Nov 14, 2008 at 9:54 AM, Joachim König <[EMAIL PROTECTED]> wrote: > This is only required at runtime, so this is not a (circular) build or > install dependency, > but as the NetBSD-pkgsrc build infrastructure wants to generate the > .pyc/.pyo files > at installation time, I still have a problem with that. You should not be importing any of the Python files to generate the .pyc/.pyo files at installation. You should be using compileall.py (from the Python installation) or something similar to create the .pyc/.pyo files. > So my question is: Is this circular dependency really needed or could it > be avoided > somehow? It at least looks a bit strange to me. Two components should > not depend > on each other, or am I missing something? Hopefully it can be avoided, but this isn't a problem for .pyc/.pyo generation. -Fred -- Fred L. Drake, Jr. "Chaos is the score upon which reality is written." --Henry Miller ___ Zope-Dev maillist - Zope-Dev@zope.org http://mail.zope.org/mailman/listinfo/zope-dev ** No cross posts or HTML encoding! ** (Related lists - http://mail.zope.org/mailman/listinfo/zope-announce http://mail.zope.org/mailman/listinfo/zope )
