--On 8. Juli 2006 14:42:31 -0400 Jim Fulton <[EMAIL PROTECTED]> wrote:

This can happen all the time. A problem in the release process does
not justify the removal of a feature until we tried our best to
solve the problem. Use the sledge hammer as a last resort.

The problem in the release process was an inattention to
basic process.  This is unacceptable in a security-related issue.

This can happen all the time, it should not happen..but it happened
(likely because the private emails around this issue caused a lot of trouble
and noise).

You seem to be the only one championing TTW reST?

I am only champion against crude removal of features and against
and a shortsighted preception.

That doesn't deserve an answer.

Sorry for being harsh but the lack of tests after two days is
really not
appropriate approach.

Who said anything about 2 days.  I said we need tests and
we need someone to be responsible for this feature or we'll have to drop
the feature.  I didn't say we had to drop it right this second.

It sounded to me that way..

Are you unwilling  to
write the tests necessary to keep it?

This is really not the point. As release manager I am allowed to
speak up. But that does not imply I have to fix all and everything.

Yes, it really is the point.

No, it is not. I haven't worked on the hotfix...so why would it be
up to me
write tests?

It's not.  The person who *did* write the hot-fix didn't want the
feature in the first place.  Tres stepped up and helped us in an
emergency. I imagine that he isn't signing up to maintaint the feature.

When you talk of "the feature"...you mean file inclusion? This feature was not supposed to be there. It was never a goal of reST to provide this feature. So Tres' solution (removing the code) is perfectly fine.

There are a lot of modules where we don't want to take over the maintainer.
The important thing is that we have clever ppl who understand the code and can deal with such problems in such a case.

The problem is that we have a feature with an implementation that is  a
security risk.  We have a feature that doesn't seem to have a  champion
-- because no one is willing to come forward and maintain it  properly.
In that case, the feature is orphaned and we have to get  rid of it.  It
is too risky to keep it under the circumstances.

I'm perfectly willing to keep it if someone takes responsibility.   That
hasn't happened yet.

See above...it's not a question of general responsibility...it's a question of taking over the responsibility for a particular problem in particular situation...of course maintainers for modules are highly welcome...things are as they are in the Zope 2 world...


Attachment: pgpfGiElKvSY5.pgp
Description: PGP signature

Zope-Dev maillist  -  Zope-Dev@zope.org
**  No cross posts or HTML encoding!  **
(Related lists - 
 http://mail.zope.org/mailman/listinfo/zope )

Reply via email to