Security Redesign and Release 10.x Branch

> On 6/04/2010, at 6:36 PM, Adrian Crum wrote:
>
>> --- On Tue, 4/6/10, Scott Gray <[hidden email]> wrote:
>>> On 6/04/2010, at 5:18 PM, Adrian Crum
>>> wrote:
>>>
>>>> Adam Heath wrote:
>>>>> Adrian Crum wrote:
>>>>>> Anil Patel wrote:
>>>>>>> I was thinking, Why not other way round.
>>>>>>> As I understand, we will not be able to
>>> use execution content features
>>>>>>> in other parts of Ofbiz in time for 10.4
>>> release. If this is the case
>>>>>>> then additional code in release branch may
>>> add some new issues but
>>>>>>> will not add any benefits. Right?
>>>>>> Have you even looked at the design document or
>>> the code?
>>>>> Hmm, why do you have to be so difficult?
>>> Couldn't you have just
>>>>> answered the question?  Or included a
>>> reference to the design
>>>>> document?  You know more about this branch
>>> than others, so why not
>>>>> share that knowledge?
>>>>
>>>> I wasn't being difficult. Anil is saying the security
>>> redesign won't add any benefits. That tells me he hasn't
>>> read the design document.
>>>
>>> I think you're misinterpreting what he was saying, the no
>>> benefits is in reference to it being disabled because it
>>> isn't complete
>>>
>>>> I'm a little stunned by all the push back. A year ago
>>> there was a lot of enthusiasm for this. Now it seems I'm the
>>> only person interested in seeing it included in the
>>> project.
>>>
>>> Included in the project and included in a release branch to
>>> be created this month are two very different things.
>>
>> Then something has changed. In the past, a release branch was created regardless of the state of the trunk. In other words, it was released "warts and all."
>
> Nothing has changed, there is a difference between putting something in the trunk because it's ready to go in there and putting something in the trunk because a release branch is about to be created.  So I would argue that the change is a behavioral one on your part because of the looming release branch.
>
>> I not trying to be argumentative, but I would like to make one more point. If we wait until after the release branch, then the branch will be immediately obsolete. As an example: right after the R4 branch was created we refactored the UI. For the next two years we had users wishing we would port the trunk's UI over to R4.
>>
>> The new security design is far better than the current one. I have a feeling history will repeat itself.
>
> If that is a real problem then we should be delaying creating the branch and not rushing to cram things in there.  The security framework is either finished and works and is ready to be committed or it isn't, which is it?  I'm quite sure I will be working with this branch on a regular basis and I'm gonna be annoyed if it's plagued with problems because of this merge, I'm not saying it will be but I'd like to assured that it isn't likely.
>
> Regards
> Scott

> --- On Tue, 4/6/10, Scott Gray <[hidden email]> wrote:
>> On 6/04/2010, at 5:18 PM, Adrian Crum
>> wrote:
>>
>>> Adam Heath wrote:
>>>> Adrian Crum wrote:
>>>>> Anil Patel wrote:
>>>>>> I was thinking, Why not other way round.
>>>>>> As I understand, we will not be able to
>> use execution content features
>>>>>> in other parts of Ofbiz in time for 10.4
>> release. If this is the case
>>>>>> then additional code in release branch may
>> add some new issues but
>>>>>> will not add any benefits. Right?
>>>>> Have you even looked at the design document or
>> the code?
>>>> Hmm, why do you have to be so difficult?
>> Couldn't you have just
>>>> answered the question?  Or included a
>> reference to the design
>>>> document?  You know more about this branch
>> than others, so why not
>>>> share that knowledge?
>>> I wasn't being difficult. Anil is saying the security
>> redesign won't add any benefits. That tells me he hasn't
>> read the design document.
>>
>> I think you're misinterpreting what he was saying, the no
>> benefits is in reference to it being disabled because it
>> isn't complete
>>
>>> I'm a little stunned by all the push back. A year ago
>> there was a lot of enthusiasm for this. Now it seems I'm the
>> only person interested in seeing it included in the
>> project.
>>
>> Included in the project and included in a release branch to
>> be created this month are two very different things.
>
> Then something has changed. In the past, a release branch was created regardless of the state of the trunk. In other words, it was released "warts and all."
>
> I not trying to be argumentative, but I would like to make one more point. If we wait until after the release branch, then the branch will be immediately obsolete. As an example: right after the R4 branch was created we refactored the UI. For the next two years we had users wishing we would port the trunk's UI over to R4.
>
> The new security design is far better than the current one. I have a feeling history will repeat itself.
>
> -Adrian
>
>
>
>
>

> I would like to start bringing parts of the executioncontext20091231 branch into the trunk before we create the next release branch. The implementation of the new security design is not finished, but it will be disabled - so everything will still work the same.
>
> My goal is to allow users of the 10.x release to plan for the forthcoming changes, and maybe have the conversion to the new design completed by the release that follows 10.x.
>
> I will wait a few days, and if there are no objections I will begin merging the design into the trunk.
>
> -Adrian
>
>
>
>

> I would suggest to:
> 1) release 10.04 before the merge is done
> 2) merge the code to the trunk, switch to it, fix any possible issue
> 3) do another release (10.06?)
>
> I know this is not inline with what we currently think a release  
> should be, but this is very inline with what the ASF practices and  
> so I will continue to insist with the release-often practice. :-)
>
> Jacopo
>
> On Apr 4, 2010, at 8:21 PM, Adrian Crum wrote:
>
>> I would like to start bringing parts of the  
>> executioncontext20091231 branch into the trunk before we create the  
>> next release branch. The implementation of the new security design  
>> is not finished, but it will be disabled - so everything will still  
>> work the same.
>>
>> My goal is to allow users of the 10.x release to plan for the  
>> forthcoming changes, and maybe have the conversion to the new  
>> design completed by the release that follows 10.x.
>>
>> I will wait a few days, and if there are no objections I will begin  
>> merging the design into the trunk.
>>
>> -Adrian
>>
>>
>>
>>
>

> I would suggest to:
> 1) release 10.04 before the merge is done
> 2) merge the code to the trunk, switch to it, fix any possible issue
> 3) do another release (10.06?)
>
> I know this is not inline with what we currently think a release should be, but this is very inline with what the ASF practices and so I will continue to insist with the release-often practice. :-)
>
> Jacopo
>
> On Apr 4, 2010, at 8:21 PM, Adrian Crum wrote:
>
>> I would like to start bringing parts of the executioncontext20091231 branch into the trunk before we create the next release branch. The implementation of the new security design is not finished, but it will be disabled - so everything will still work the same.
>>
>> My goal is to allow users of the 10.x release to plan for the forthcoming changes, and maybe have the conversion to the new design completed by the release that follows 10.x.
>>
>> I will wait a few days, and if there are no objections I will begin merging the design into the trunk.
>>
>> -Adrian
>>
>>
>>
>>
>

>
> Thanks and Regards
> Anil Patel
> HotWax Media Inc
> Find us on the web at www.hotwaxmedia.com or Google Keyword "ofbiz"
>
> On Apr 7, 2010, at 2:07 AM, Jacopo Cappellato wrote:
>
>> I would suggest to:
>> 1) release 10.04 before the merge is done
>> 2) merge the code to the trunk, switch to it, fix any possible issue
>> 3) do another release (10.06?)
>>
>> I know this is not inline with what we currently think a release should be, but this is very inline with what the ASF practices and so I will continue to insist with the release-often practice. :-)
>>
>> Jacopo
>>
>> On Apr 4, 2010, at 8:21 PM, Adrian Crum wrote:
>>
>>> I would like to start bringing parts of the executioncontext20091231 branch into the trunk before we create the next release branch. The implementation of the new security design is not finished, but it will be disabled - so everything will still work the same.
>>>
>>> My goal is to allow users of the 10.x release to plan for the forthcoming changes, and maybe have the conversion to the new design completed by the release that follows 10.x.
>>>
>>> I will wait a few days, and if there are no objections I will begin merging the design into the trunk.
>>>
>>> -Adrian
>>>
>>>
>>>
>>>
>>
>

> On Apr 7, 2010, at 8:14 AM, Anil Patel wrote:
>
>> This makes sense to me.
>> Isn't this similar to what Eclipse does, RC1 ,RC2 .... Finally RC 6 becomes final release. Then final release is maintained.
>>
>> So we can do RC10.04, RC10.06, and at some point RC10.06 is stable to be released.  
>
> Yes, this is good, even if for ASF they will all be official releases (no RC): but 10.04, 10.6 will be "alpha" (or similar) releases and "10.06" will be a "stable" release.
> Even if, and I always insist on this, only the community, with the contributions coming from users of the "stable" release, will decide if the "stable" release will be "maintained": this cannot be a responsibility of committers.
>
> Jacopo
>
>>
>> Thanks and Regards
>> Anil Patel
>> HotWax Media Inc
>> Find us on the web at www.hotwaxmedia.com or Google Keyword "ofbiz"
>>
>> On Apr 7, 2010, at 2:07 AM, Jacopo Cappellato wrote:
>>
>>> I would suggest to:
>>> 1) release 10.04 before the merge is done
>>> 2) merge the code to the trunk, switch to it, fix any possible issue
>>> 3) do another release (10.06?)
>>>
>>> I know this is not inline with what we currently think a release should be, but this is very inline with what the ASF practices and so I will continue to insist with the release-often practice. :-)
>>>
>>> Jacopo
>>>
>>> On Apr 4, 2010, at 8:21 PM, Adrian Crum wrote:
>>>
>>>> I would like to start bringing parts of the executioncontext20091231 branch into the trunk before we create the next release branch. The implementation of the new security design is not finished, but it will be disabled - so everything will still work the same.
>>>>
>>>> My goal is to allow users of the 10.x release to plan for the forthcoming changes, and maybe have the conversion to the new design completed by the release that follows 10.x.
>>>>
>>>> I will wait a few days, and if there are no objections I will begin merging the design into the trunk.
>>>>
>>>> -Adrian
>>>>
>>>>
>>>>
>>>>
>>>
>>
>

> From: Jacopo Cappellato <[hidden email]>
> Subject: Re: Security Redesign and Release 10.x Branch
> To: [hidden email]
> Date: Tuesday, April 6, 2010, 11:07 PM
> I would suggest to:
> 1) release 10.04 before the merge is done
> 2) merge the code to the trunk, switch to it, fix any
> possible issue
> 3) do another release (10.06?)
>
> I know this is not inline with what we currently think a
> release should be, but this is very inline with what the ASF
> practices and so I will continue to insist with the
> release-often practice. :-)
>
> Jacopo
>
> On Apr 4, 2010, at 8:21 PM, Adrian Crum wrote:
>
> > I would like to start bringing parts of the
> executioncontext20091231 branch into the trunk before we
> create the next release branch. The implementation of the
> new security design is not finished, but it will be disabled
> - so everything will still work the same.
> >
> > My goal is to allow users of the 10.x release to plan
> for the forthcoming changes, and maybe have the conversion
> to the new design completed by the release that follows
> 10.x.
> >
> > I will wait a few days, and if there are no objections
> I will begin merging the design into the trunk.
> >
> > -Adrian
> >
> >
> >
> >
>
>

>I would suggest to:
> 1) release 10.04 before the merge is done
> 2) merge the code to the trunk, switch to it, fix any possible issue
> 3) do another release (10.06?)
>
> I know this is not inline with what we currently think a release should be, but this is very inline with what the ASF practices
> and so I will continue to insist with the release-often practice. :-)
>
> Jacopo
>
> On Apr 4, 2010, at 8:21 PM, Adrian Crum wrote:
>
>> I would like to start bringing parts of the executioncontext20091231 branch into the trunk before we create the next release
>> branch. The implementation of the new security design is not finished, but it will be disabled - so everything will still work
>> the same.
>>
>> My goal is to allow users of the 10.x release to plan for the forthcoming changes, and maybe have the conversion to the new
>> design completed by the release that follows 10.x.
>>
>> I will wait a few days, and if there are no objections I will begin merging the design into the trunk.
>>
>> -Adrian
>>
>>
>>
>>
>
>

> I would suggest to:
> 1) release 10.04 before the merge is done
> 2) merge the code to the trunk, switch to it, fix any possible issue
> 3) do another release (10.06?)
>
> I know this is not inline with what we currently think a release should be, but this is very inline with what the ASF practices and so I will continue to insist with the release-often practice. :-)
>
> Jacopo
>
> On Apr 4, 2010, at 8:21 PM, Adrian Crum wrote:
>
>> I would like to start bringing parts of the executioncontext20091231 branch into the trunk before we create the next release branch. The implementation of the new security design is not finished, but it will be disabled - so everything will still work the same.
>>
>> My goal is to allow users of the 10.x release to plan for the forthcoming changes, and maybe have the conversion to the new design completed by the release that follows 10.x.
>>
>> I will wait a few days, and if there are no objections I will begin merging the design into the trunk.
>>
>> -Adrian
>>
>>
>>
>>
>
>

> That's not true and you know it - my email specifically addresses how much I think it will be an improvement.
>
> Cheers,
> Ruppert
>
> On Apr 6, 2010, at 5:18 PM, Adrian Crum wrote:
>
>> I'm a little stunned by all the push back. A year ago there was a lot of enthusiasm for this. Now it seems I'm the only person interested in seeing it included in the project.
>
>

> Then, why not simply report the 10.04 to 10.06 (or 10.05), like Ubuntu did for 6.06 (which should have been 6.04 and have been
> rather reported for 2 months)
> I see 3 reasons:
> * Confusion, I'm quite sure we will have to answer much users who will ask about the differences. This is not a big issue, but I
> think it will increase users confusion which is never good. People and even more markets like stability and "certainty" (I'd say
> mental certainty, as it's not real certainty, but what is reality, science?)
> * Thanks to Ean's recent trends post http://www.google.com/trends?q=ofbiz&ctab=0&geo=all&date=all&sort=0 I wonder if the most
> important marketing thing for us (not for the ASF) is not releasing. So if we make 2 relases in 2 months, the effect is watered down
> and as I said confusion increase.
> * We would like to include the layered lookups. Apart 2 minor issues they work well but when a calendar is called (it's hidden
> behind). The calendar issue is maybe not that big because Sascha already solved a such issue for lookups called from a lookup. But
> there is also another issue I found this weekend. We would want to make things as simple as possible for users. In order to do so,
> we decided that the layer would be the default. There is currently an issue with this also. I tracked it yesterday evening but did
> not have enough time to finish it yet.
>
> The 3rd reasons is maybe not a delay problem, and I also like the release often strategy. It's only that I get some Schizophrenia:
> as a developper I prefer the Apache way (release often strategy), but as a consultant I prefer the Ubuntu way. It's all about
> marketing, I let you think about that :o)
>
> Jacques
>
> From: "Jacopo Cappellato" <[hidden email]>
>> I would suggest to:
>> 1) release 10.04 before the merge is done
>> 2) merge the code to the trunk, switch to it, fix any possible issue
>> 3) do another release (10.06?)
>>
>> I know this is not inline with what we currently think a release should be, but this is very inline with what the ASF practices
>> and so I will continue to insist with the release-often practice. :-)
>>
>> Jacopo
>>
>> On Apr 4, 2010, at 8:21 PM, Adrian Crum wrote:
>>
>>> I would like to start bringing parts of the executioncontext20091231 branch into the trunk before we create the next release
>>> branch. The implementation of the new security design is not finished, but it will be disabled - so everything will still work
>>> the same.
>>>
>>> My goal is to allow users of the 10.x release to plan for the forthcoming changes, and maybe have the conversion to the new
>>> design completed by the release that follows 10.x.
>>>
>>> I will wait a few days, and if there are no objections I will begin merging the design into the trunk.
>>>
>>> -Adrian
>>>
>>>
>>>
>>>
>>
>>
>
>