[ZF] Zope Source Code Repository

Tres Seaver tseaver at palladion.com
Thu Apr 2 16:53:58 EDT 2009


-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

First, this cross-post was inappropriate:  it is a matter for general
discussion among Zope committers, which is not a matter for the
Foundation to act on unless / until some consensus for changing the
status quo emerges.  This will be my last post to the
'foundation at zope.org' list on this thres.

Chris Withers wrote:

> I got bitten by the current zope subversion setup at PyCon so thought 
> I'd mail the appropriate groups about it. If this has been covered 
> elsewhere and I've missed anything, please just point me in the right 
> direction...
> 
> So, svn.zope.org causes me pain at the moment:
> 
> - it uses the bizarre svn or svn+ssh protocols, which I find annoying 
> (ports blocked on routers, can't check with a browser, etc)

/me shrugs.  SSH is an essential part of my day-to-day work:  not being
able to use it means I'm effectively offline.

> - the web front end is ancient and not as good as other options (Trac, 
> WebSVN)

Fixing the web front-end should be a matter for the zope-web list.

> - the process for adding keys is baroque and managed by one person who 
> is too busy to help with it (Jim)

*This* part needs some fixing, largely because Jim's role their is an
artifact of ZC's role, now lapsed, as custodians.  At a minimum, there
should be a group (I suggest the zope-web regulars) who can take over
the maintenance of that application.   A *different* group should have
the role of collecting / approving the committer access requests.

> So I thought I'd ask what the plans are now that the foundation owns all 
> the Zope IP (has this happened yet or am I imagining things?)

The foundation now owns the copyrights.  Trademarks are still in other
hands.

> Are we sticking with svn? Are we sticking with the current hosting? Are 
> we sticking with the current key-based login and upload mechanism?
> 
> For me, the ideal would be simply https for everything and using http 
> basic auth for access with more people having access to update the 
> passwd file and maybe Trac or WebSVN for a nice web interface.
> 
> I volunteer to help with any/all of the above.
> 
> The other option would be to follow Python and move to Mercurial, but 
> that has the same problems for me as with Bzr (no decent gui tools, less 
> mature, etc) although it's a toolset I'll have to learn at some point 
> anyway...

+1 to sticking with svn+ssh for write requests.

- -1 to non-pubkey-based authentication for write requests.

+1 to making svn-over-http read-only checkouts work.

- -1 to switching away from svn, at least until the Python developers have
some experience with the transition (I would wait at least 6 months).


Tres.
- --
===================================================================
Tres Seaver          +1 540-429-0999          tseaver at palladion.com
Palladion Software   "Excellence by Design"    http://palladion.com
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.6 (GNU/Linux)
Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org

iD8DBQFJ1SXm+gerLs4ltQ4RAt74AJ93TlHe0VZ4vbAI706kDQzT8IvrkACfdzNP
HrZb19KJDG+En2Zx+nRjz5c=
=kLgg
-----END PGP SIGNATURE-----


More information about the Foundation mailing list