On Jan 2, 2012, at 17:06 , Francesco Levorato wrote: > Hi everybody and happy 2012! > > We have a IRC meeting scheduled for Thursday 5th. > > I will be collecting proposals for discussion topics until Wednesday > afternoon, after that I'll publish the Doodle for voting. > > https://github.com/symfony/symfony/pull/2853 (suggested by Drak) > The following were mentioned in a thread related to 2.1 release: > here is another form PR that also mentions the need for some further > refactoring: > https://github.com/symfony/symfony/pull/2015 > > We still have a security regression in master from a commit in mid November > (https://github.com/symfony/symfony/issues/2679) which should be addressed. > > Then there is also the question of changing listener priorities > (https://github.com/symfony/symfony/issues/2680) which has also the potential > to create silent security holes in applications migrating from 2.0 to 2.1.
i would like to add another topic: maintenance of the form/validation layer i think at this point we cannot mark the form/validation layer as stable not only because the bulk of the long standing bugs are related to these components, but because we effectively do not have an active maintainer. afaik bernhard is busy writing his thesis paper at university. which also means that things can improve once he is done with it. but i guess the current situation shows either way we need someone else to become at least a 2nd in command that can take over if needs be. regards, Lukas Kahwe Smith m...@pooteeweet.org -- If you want to report a vulnerability issue on symfony, please send it to security at symfony-project.com You received this message because you are subscribed to the Google Groups "symfony developers" group. To post to this group, send email to symfony-devs@googlegroups.com To unsubscribe from this group, send email to symfony-devs+unsubscr...@googlegroups.com For more options, visit this group at http://groups.google.com/group/symfony-devs?hl=en
