True, sorry if I didn't make this clear from the beginning. I'm talking about http://propel.mirror.svn.symfony-project.com, which appears to be a mirror which is maintained by the symfony community. Nothing bad with Propel yet. Thanks Francois for setting this right. But actually I thought this would be the right group to find the right person for resolving that.
Tammo On Sep 5, 8:39 pm, Francois Zaninotto <[email protected]> wrote: > Hi guys, > > An answer has been sent to Tammo in the Propel mailing-list > (cfhttp://groups.google.com/group/propel-development/browse_thread/threa...) > and to Tom on Twitter (cf.http://twitter.com/francoisz/status/23047243764 > ). > > The answer is the same: > thehttp://propel.mirror.svn.symfony-project.comserveris not maintained > by the Propel team. You have to ask Fabien about > this. > > Please stop thinking that the Propel team is unwilling to answer if you > can't even read the answers we send you. > > Cheers, > > François > > 2010/9/5 Tom Boutell <[email protected]> > > > My first thought was "drop Propel then!" > > > My second thought is... well, yes, drop Propel if the maintainer is > > unwilling/unable to at least respond to this issue in the next 48 > > hours or so. I don't really know what alternative there is. If we're > > going to ignore this warning, which is our only guarantee that an > > external that is part of Symfony has not been compromised, then we're > > saying that we don't really care if components of Symfony get > > compromised. That is a bad message to send. > > > On Sun, Sep 5, 2010 at 10:55 AM, Tammo van Lessen <[email protected]> > > wrote: > > > Hi, > > > > this message is a warning that at the given location a different > > > repository has been found. Repositories are uniquely identified by an > > > UUID. So, if a repository has a different UUID it MUST be considered > > > to be a different repository (for whatever reason). > > > > Sure, simply deleting the old vendor checkout and fetching it again is > > > a workaround but does not fix the problem that a) the UUID has changed > > > (why?) and b) the UUID is missing a character. If you compare the > > > UUIDs, you will see that it almost identical except for this one > > > missing 'a'. My assumption is that an SVN administrator did some > > > tweaks to the repository and mistakenly changed the UUID. The > > > pessimistic variant is that the server has been compromised. Will the > > > propel code now contain malware? I hope not and I assume that this is > > > also not the case, but this is what this warning message is good for. > > > So I strongly recommend to get to the bottom of this issue and check > > > a) why has the UUID changed and b) change it back to the correct > > > value. > > > > Thanks, > > > Tammo > > > > On Sep 5, 4:09 pm, Tom Boutell <[email protected]> wrote: > > >> Oh, I see. Is this a case of the external changing and svn not being > > >> bright enough to see that this makes it not an error anymore? > > > >> On Sat, Sep 4, 2010 at 8:47 PM, Keri Henare > > > >> <[email protected]> wrote: > > >> > I found that if you delete the vendor/propel folder and then do an > > update it will check it out again with no more errors. > > > >> > Kind regards, > > >> > Keri Henare > > >> > --------------------------------------------------- > > >> > Chief Technical Officer > > >> > Pixel Fusion > > > >> > [e] [email protected] > > >> > [w] pixelfusion.co.nz > > >> > [m] (+64) 021 874 552 > > >> > [p] (+64) 09 550 3084 > > > >> > Zend Certified Engineer - > >http://www.zend.com/en/yellow-pages#show-ClientCandidateID=ZEND013450 > > > >> > PLEASE NOTE: I check my email 3 times per day and will respond at > > these intervals. For anything urgent please ring me. > > >> > --------------------------------------------------- > > > >> > On 5/09/2010, at 5:50 AM, Tom Boutell wrote: > > > >> >> Yeah, everyone is seeing this. I'm emailing Francois about it. We > > >> >> don't use Propel but this sort of thing shouldn't be left to hang... > > > >> >> On Sat, Sep 4, 2010 at 11:35 AM, Tammo van Lessen < > > [email protected]> wrote: > > >> >>> Hi devs, > > > >> >>> Since a couple of weeks or so, my svn client complains about a UUID > > >> >>> change of the propel mirror repository: > > > >> >>> Fetching external item into 'lib\vendor\symfony\lib\plugins > > >> >>> \sfPropelPlugin\lib\vendor\propel' > > >> >>> svn: warning: Repository UUID '84bc4f6-26e8-416f-aa96-3cde13879fbb' > > >> >>> doesn't match expected UUID 'a84bc4f6-26e8-416f-aa96-3cde13879fbb' > > > >> >>> It looks like this repository has lost its first character, also > > since > > >> >>> UUIDs are typically structured in the form 8-4-4-4-12, the new UUID > > >> >>> appears to be not valid or complete anymore (it is 7-4-4-4-12 > > >> >>> actually). > > > >> >>> Long story short: I just want to get sure that the propel repository > > >> >>> is still clean and has not been compromised by any evil hacker. > > Would > > >> >>> be great if you can confirm that this is not the case and it would > > be > > >> >>> even greater if you could fix the UUID back to its original value > > and > > >> >>> more importantly to a valid UUID. > > > >> >>> Thanks, > > >> >>> Tammo > > > >> >>> -- > > >> >>> If you want to report a vulnerability issue on symfony, please send > > it to security at symfony-project.com > > > >> >>> You received this message because you are subscribed to the Google > > >> >>> Groups "symfony developers" group. > > >> >>> To post to this group, send email to [email protected] > > >> >>> To unsubscribe from this group, send email to > > >> >>> [email protected]<symfony-devs%[email protected]> > > >> >>> For more options, visit this group at > > >> >>>http://groups.google.com/group/symfony-devs?hl=en > > > >> >> -- > > >> >> Tom Boutell > > >> >> P'unk Avenue > > >> >> 215 755 1330 > > >> >> punkave.com > > >> >> window.punkave.com > > > >> >> -- > > >> >> If you want to report a vulnerability issue on symfony, please send > > it to security at symfony-project.com > > > >> >> You received this message because you are subscribed to the Google > > >> >> Groups "symfony developers" group. > > >> >> To post to this group, send email to [email protected] > > >> >> To unsubscribe from this group, send email to > > >> >> [email protected]<symfony-devs%[email protected]> > > >> >> For more options, visit this group at > > >> >>http://groups.google.com/group/symfony-devs?hl=en > > > >> > -- > > >> > If you want to report a vulnerability issue on symfony, please send it > > to security at symfony-project.com > > > >> > You received this message because you are subscribed to the Google > > >> > Groups "symfony developers" group. > > >> > To post to this group, send email to [email protected] > > >> > To unsubscribe from this group, send email to > > >> > [email protected]<symfony-devs%[email protected]> > > >> > For more options, visit this group at > > >> >http://groups.google.com/group/symfony-devs?hl=en > > > >> -- > > >> Tom Boutell > > >> P'unk Avenue > > >> 215 755 1330 > > >> punkave.com > > >> window.punkave.com > > > > -- > > > If you want to report a vulnerability issue on symfony, please send it to > > security at symfony-project.com > > > > You received this message because you are subscribed to the Google > > > Groups "symfony developers" group. > > > To post to this group, send email to [email protected] > > > To unsubscribe from this group, send email to > > > [email protected]<symfony-devs%[email protected]> > > > For more options, visit this group at > > >http://groups.google.com/group/symfony-devs?hl=en > > > -- > > Tom Boutell > > P'unk Avenue > > 215 755 1330 > > punkave.com > > window.punkave.com > > > -- > > If you want to report a vulnerability issue on symfony, please send it to > > security at symfony-project.com > > > You received this message because you are subscribed to the Google > > Groups "symfony developers" group. > > To post to this group, send email to [email protected] > > To unsubscribe from this group, send email to > > [email protected]<symfony-devs%[email protected]> > > For more options, visit this group at > >http://groups.google.com/group/symfony-devs?hl=en > > -- If you want to report a vulnerability issue on symfony, please send it to security at symfony-project.com You received this message because you are subscribed to the Google Groups "symfony developers" group. To post to this group, send email to [email protected] To unsubscribe from this group, send email to [email protected] For more options, visit this group at http://groups.google.com/group/symfony-devs?hl=en
