[Koha-devel] Koha Library Software

Ian Walls ian.walls at bywatersolutions.com
Fri Jun 3 15:11:33 CEST 2011 

It would be hard for a sekrit society of developers to push through any
changes that aren't documented publicly; we can all see the commit stream to
Git, and if there are a sudden burst of patches being committed that violate
the community's agreed-upon practices for submission and review, the
community can call shenanigans on the person(s) doing the commits.

In the case of any critical security fix, it would be the Release Manager's
and Release Maintainers' responsibilities to justify the change set and the
deviation from standard procedure; this is probably going to be as simple as
"fixes this security issue" in the commit message.  Once it's committed, a
more robust report can be written up somewhere and linked.

I don't think we're going to encounter these kinds of security issues often,
so building a complex process to handle them seems counter-productive.  I'd
rather spend the time just finding/fixing any such issues.


-Ian

On Fri, Jun 3, 2011 at 8:38 AM, Owen Leonard <oleonard at myacpl.org> wrote:

> > Op vrijdag 3 juni 2011 22:03:50 schreef MJ Ray:
> >> Please, no closed list for development discussions.
>
> We're not talking about a secret cabal of self-chosen list members
> (anymore). Koha now has an (informally) elected list of officers who
> can be on the list: Release manager, release maintainer, QA manager.
> Let's keep it as simple as that.
>
>  -- Owen
>
> --
> Web Developer
> Athens County Public Libraries
> http://www.myacpl.org
> _______________________________________________
> Koha-devel mailing list
> Koha-devel at lists.koha-community.org
> http://lists.koha-community.org/cgi-bin/mailman/listinfo/koha-devel
> website : http://www.koha-community.org/
> git : http://git.koha-community.org/
> bugs : http://bugs.koha-community.org/
>



-- 
Ian Walls
Lead Development Specialist
ByWater Solutions
ALA Booth 732
Phone # (888) 900-8944
http://bywatersolutions.com
ian.walls at bywatersolutions.com
Twitter: @sekjal
-------------- next part --------------
An HTML attachment was scrubbed...
URL: </pipermail/koha-devel/attachments/20110603/4f2921f7/attachment.htm>

More information about the Koha-devel mailing list