Getting Stuff Done (Re: One critical security flaw...)
Ethan Blanton
elb at pidgin.im
Mon Feb 1 12:19:15 EST 2010
Sadrul Habib Chowdhury spake unto us the following wisdom:
> > * Finish the ICQ X-Status stuff ASAP for 2.7.0 (string freeze
> > for release within 3 days of completed merge).
>
> I personally wouldn't hold up a release because of the X-status stuff,
> mostly for two reasons: it affects only one (two?) service/protocol, and
> it clearly isn't something a lot of users (and more importantly
> developers) want. I would rather suggest that we [try to] include this
> in 3.x. That way, it wouldn't be necessary to work around the potential
> ABI-breakage (changes in PurpleRequestField) the latest patch causes.
While this isn't a volunteer to do the integration ... I kind of
disagree. The X-Status patch has been floating around for literally
years, and I'd like to see it merged. We're not sending a very
promising message to contributors when we put patches off for so long,
and I think this is what John is trying to address.
I realize the X-Status patch had some issues which took time in and of
themselves (like icon ownership, if I remember), but no matter how you
slice it, it's been on our plate for a *while*.
> > * As soon as 2.7.0 is out, create a branch such as
> > im.pidgin.pidgin.2.7.x (I'm open to better names) from the tag
> > of 2.7.0 for future maintenance releases.
> > * Once 2.7.x is branched, 2.x.y is API frozen--no new API unless
> > absolutely required to fix a security issue.
> > * Once 2.7.x is branched, im.pidgin.pidgin is for 3.0.0 development.
> > All new features, API additions, etc. should happen only on this
> > branch or other branches that will be merged *only* to
> > im.pidgin.pidgin.
>
> I would suggest to make it a 'feature freeze', rather than an
> 'API freeze'. I would welcome API changes to make 2.x branch cleaner
> while the main development continues to happen towards 3.x
>
> This is probably a good time to toy with the idea of decoupling the major
> version numbers of libpurple and the UIs (pidgin, finch). I personally
> think this is a good idea, but I don't know how much effort would be
> needed for this, and if it would be worth the benefits.
I don't think this is a bad idea. Libpurple is now used by enough
people to merit decoupling it from Pidgin, I think. We'll have to
think about how to handle releases and version compatibilities,
though.
Ethan
--
The laws that forbid the carrying of arms are laws [that have no remedy
for evils]. They disarm only those who are neither inclined nor
determined to commit crimes.
-- Cesare Beccaria, "On Crimes and Punishments", 1764
-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 481 bytes
Desc: Digital signature
URL: <http://pidgin.im/pipermail/devel/attachments/20100201/ec22d322/attachment.sig>
More information about the Devel
mailing list