Thanks Paul. So based on Ryan and Paul inputs we will return the 2.5.0-beta5 release to its regular schedule.
I apologize for the trouble and false alarm guys. - Henry On Thu, Sep 20, 2012 at 5:14 PM, Paul Lindner <[email protected]> wrote: > Release can wait. The caja problem was a limited set of revisions. > > > On Thursday, September 20, 2012, Henry Saputra wrote: >> >> Hi Stanton, >> >> The Caja fix does warrant new release but I think it could wait till >> next week if no one actively using Caja with Shindig. >> >> I dont know if any implementors of Shindig that uses Caja needs this >> ASAP. I know Yahoo! container does use it. >> >> I am CCing user list for FYI. >> >> Paul, any thoughts? >> >> - Henry >> >> On Thu, Sep 20, 2012 at 4:02 PM, Stanton Sievers <[email protected]> >> wrote: >> > Does that mean it can happen at the regularly scheduled time, i.e., the >> > end >> > of the month? Or do you think we need beta5 ASAP because of the caja >> > fix? >> > >> > Thanks, >> > -Stanton >> > >> > On Thu, Sep 20, 2012 at 6:52 PM, Henry Saputra >> > <[email protected]>wrote: >> > >> >> Ah you are right Ryan, looks like you had cutoff the beta4 before >> >> Dan's commit the changes. >> >> >> >> We have "custom" beta4 that include Dan's refactor that we now revert >> >> to default beta4. >> >> >> >> So looks like we only need beta5 for Caja fix then I suppose. >> >> >> >> - Henry >> >> >> >> On Thu, Sep 20, 2012 at 3:40 PM, Henry Saputra >> >> <[email protected]> >> >> wrote: >> >> > Hmm so looks like the original bug >> >> > https://issues.apache.org/jira/browse/SHINDIG-1864 is close with >> >> > wrong >> >> > fix version then? >> >> > >> >> > It has fix version of 2.5.0-beta4 >> >> > >> >> > - Henry >> >> > >> >> > On Thu, Sep 20, 2012 at 3:35 PM, Ryan Baxter <[email protected]> >> >> wrote: >> >> >> I am fairly sure Dan's oAuth changes didn't make it in beta 4 but >> >> >> the >> >> Caja >> >> >> fix probably warrants a new build. >> >> >> >> >> >> -Ryan >> >> >> >> >> >> On Sep 20, 2012, at 5:34 PM, Paul Lindner <[email protected]> wrote: >> >> >> >> >> >> sure. happy to. >> >> >> >> >> >> >> >> >> On Thursday, September 20, 2012, Henry Saputra wrote: >> >> >>> >> >> >>> Hi Ryan or Paul, >> >> >>> >> >> >>> With Dan's reverting changes to improvement for oauthpopup (this >> >> >>> will >> >> >>> fix OAuth 1.0a flow for three legged dance) and Paul changes to fix >> >> >>> Caja security vulnerability, could one of you help preparing >> >> >>> 2.5.0-beta5 release? >> >> >>> >> >> >>> >> >> >>> Thanks, >> >> >>> >> >> >>> - Henry >> >> >> >> >> >> >> >> >> >> >> >> -- >> >> >> Paul Lindner -- [email protected] -- profiles.google.com/pmlindner >> >> > > > > -- > Paul Lindner -- [email protected] -- profiles.google.com/pmlindner
