-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 First, this cross-post was inappropriate: it is a matter for general discussion among Zope committers, which is not a matter for the Foundation to act on unless / until some consensus for changing the status quo emerges. This will be my last post to the 'foundation@zope.org' list on this thres. Chris Withers wrote:
I got bitten by the current zope subversion setup at PyCon so thought I'd mail the appropriate groups about it. If this has been covered elsewhere and I've missed anything, please just point me in the right direction...
So, svn.zope.org causes me pain at the moment:
- it uses the bizarre svn or svn+ssh protocols, which I find annoying (ports blocked on routers, can't check with a browser, etc)
/me shrugs. SSH is an essential part of my day-to-day work: not being able to use it means I'm effectively offline.
- the web front end is ancient and not as good as other options (Trac, WebSVN)
Fixing the web front-end should be a matter for the zope-web list.
- the process for adding keys is baroque and managed by one person who is too busy to help with it (Jim)
*This* part needs some fixing, largely because Jim's role their is an artifact of ZC's role, now lapsed, as custodians. At a minimum, there should be a group (I suggest the zope-web regulars) who can take over the maintenance of that application. A *different* group should have the role of collecting / approving the committer access requests.
So I thought I'd ask what the plans are now that the foundation owns all the Zope IP (has this happened yet or am I imagining things?)
The foundation now owns the copyrights. Trademarks are still in other hands.
Are we sticking with svn? Are we sticking with the current hosting? Are we sticking with the current key-based login and upload mechanism?
For me, the ideal would be simply https for everything and using http basic auth for access with more people having access to update the passwd file and maybe Trac or WebSVN for a nice web interface.
I volunteer to help with any/all of the above.
The other option would be to follow Python and move to Mercurial, but that has the same problems for me as with Bzr (no decent gui tools, less mature, etc) although it's a toolset I'll have to learn at some point anyway...
+1 to sticking with svn+ssh for write requests. - -1 to non-pubkey-based authentication for write requests. +1 to making svn-over-http read-only checkouts work. - -1 to switching away from svn, at least until the Python developers have some experience with the transition (I would wait at least 6 months). Tres. - -- =================================================================== Tres Seaver +1 540-429-0999 tseaver@palladion.com Palladion Software "Excellence by Design" http://palladion.com -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.6 (GNU/Linux) Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org iD8DBQFJ1SXm+gerLs4ltQ4RAt74AJ93TlHe0VZ4vbAI706kDQzT8IvrkACfdzNP HrZb19KJDG+En2Zx+nRjz5c= =kLgg -----END PGP SIGNATURE-----