Re: Apache 2.0 Uptake thoughts

2003-11-15 Thread TOKILEY 

> William Rowe wrote...
>
> ...Ignoring for a moment the 9.13% of Apache servers that don't
> reveal their version whatsoever, ang ignorning rounding errors,
> 3.57% of the servers out there use some 2.0 version of Apache,
> so that 6% of Apache servers (identifying themselves)
> run 2.0 as opposed to another version.

Question for ya... using the same URI...

http://www.securityspace.com/s_survey/sdata/

...your numbers are not out of line but I don't see how you
got all the way to 6 percent.

For ALL Servers ( Apache or otherwise )...

I get 3.6 pct. using some flavor of 2.x
and only 2.36 pct. of Secure Servers.

Within the subset 'Servers identified as Apache'...

I get 5.4 pct. for ALL Servers and 5.11 for Secure Servers
using any flavor of 2.x

[snip]

Report date: November 1, 2003

* ALL SERVERS

Total Servers found: 12,220,278

Total reporting themselves any flavor of "Apache": 7,979,368

Server Name   Found  Pct.
- -- 
Apache/2.0.40 181671 1.49
Apache/2.0.47 143631 1.18
Apache/2.0.46 030733 0.25
Apache/2.0.45 028823 0.24
Apache/2.0.44 018745 0.15
Apache/2.0.43 017849 0.15
Apache/2.0.39 008280 0.07
Apache/2.0.47 002450 0.02 * <- Apache-AdvancedExtranetServer/2.0.47
Apache/2.0.42 002117 0.02
Apache/2.0.44 001859 0.02 * <- Apache-AdvancedExtranetServer/2.0.44
Apache/2.0.36 001360 0.01
- -- 
  437518 3.60

3.6 pct. of ALL Servers are using
any flavor of Apache 2.x.

5.4 pct. of all "Apache" servers found
are using any flavor of Apache 2.x.


* SECURE SERVERS

Total Secure Servers found: 154,477

Total reporting themselves any flavor of "Apache": 71,541

Server Name   Found  Pct.
- -- 
Apache/2.0.40 001627 1.05
Apache/2.0.47 000770 0.50
Apache/2.0.46 000306 0.20
Apache/2.0.43 000257 0.17
Apache/2.0.45 000248 0.16
Apache/2.0.44 000198 0.13
Apache/2.0.39 000161 0.10
Apache/2.0.47 51 0.03 * <- Apache-AdvancedExtranetServer/2.0.47
Apache/2.0.42 22 0.01
Apache/2.0.44 17 0.01 * <- Apache-AdvancedExtranetServer/2.0.44
- -- 
3657 2.36

2.36 pct. of ALL Secure Servers are using
any flavor of Apache 2.x.

5.11 pct. of all "Apache" Secure Servers found
are using any flavor of Apache 2.x.

[snip]

> Personally, I'm pleased by a 6% uptake in a software
> application that doesn't have to change till someone
> needs the new features, given that we continue
> to provide the security patches people need for their
> existing 1.3 infrastructure.

Well... then I wonder what the percentage of folks is
that have NEVER needed the 'new features' and what it
will take to EVER get them to upgrade if they haven't
already done so?

That's obviously ( after almost 2 years of waiting to
find out ) the majority of users, by far... and may remain
so until...  ... forever ??? Don't know.

> Of course it will only grow higher if folks trust 2.0
> and can get their problems solved, which the current
> dialog in [EMAIL PROTECTED] I hope will help address.

Got any comments back in the other thread about any of
the following 'suggestions'?

- Close 1.3 to ALL patches ( security included ) and
  finally put the nails in the coffin lid.

- Re-open 1.3 for additions, changes, new things, since
  it's obvious ( by now ) that the majority of Apache users don't
  even need/want 2.x.

- Maintain active development on ALL versions of Apache.

Maybe the simple reason a lot of people haven't bothered to
go anywhere near Apache 2.0 is that they simply don't realize
that 1.3.x is 'dead man walking' as far as this devlist is concerned.

If they embrace that horror... maybe the 2.x numbers will JUMP

I don't know... an 'annoucement' or something that makes it
CLEAR to the average 1.3.x joe that he's now using 
'obsolete/unsupported' software?

Yours...
Kevin Kiley

[ANNOUNCE] libapreq2-2.02 dev release

2003-11-15 Thread Joe Schaefer 
The uploaded file

libapreq2-2.02_02-dev.tar.gz

has entered CPAN as

  file: $CPAN/authors/id/J/JO/JOESUF/libapreq2-2.02_02-dev.tar.gz
  size: 458737 bytes
   md5: dbca30cd45ec88c642ef38ae6d229865

==
CURRENT RELEASE NOTES:

- This is a developer release, indicated by the "-dev" suffix
  on the version string.  We believe the core interfaces to be stable,
  but some portions of the API may still need significant modification.
  Thus, binary/source compatibility may be broken from one developer 
  release to the next. In particular the version numbering rules specified
  at

 http://apr.apache.org/versioning.html

  do not apply to developer releases.

==
CHANGES

Changes with libapreq2-2.02-dev

- November 12, 2003 - Perl API [joes]

Fix bogus pool/cookie initializers in Apache::Cookie::set_attr(),
which caused Apache::Cookie::new to segfault.  Bug
first reported to modperl list by Wolfgang Kubens.


-- 
Joe Schaefer

-- 
Reporting bugs: http://perl.apache.org/bugs/
Mail list info: http://perl.apache.org/maillist/modperl.html

Re: the wheel of httpd-dev life is surely slowing down, solutionsplease

2003-11-15 Thread Sander Striker 
On Thu, 2003-11-13 at 09:06, Jeff Trawick wrote:
> Aaron Bannert wrote:
> 
> > On Tue, Nov 11, 2003 at 09:55:24AM -0700, Brad Nicholes wrote:
> 
> Just to point out the obvious fact that hopefully everybody can agree with and 
> consider taking action on:  More code review[er]s would be useful regardless of 
> C-T-R vs. R-T-C.  And whether or not you agree with the current order of 
> Committing and Reviewing for the stable branch, helping out with reviews would 
> result in fixes being merged into the stable branch much faster.

Exactly.  And may I also note that releases are way more likely not to
be duds now we are using R-T-C on the stable branch?  I have noticed a
significant difference in effort it takes to release since we switched
stable to R-T-C.


Sander