small summary and big plea was:(Re: [Zope-dev] Versions: should
they die?)
Oliver Bleutgen
myzope@gmx.net
Fri, 06 Jun 2003 15:54:56 +0200
Casey Duncan wrote:
> One man's opinion:
>
> - Version support (at the application level) should be optional in 2.7. You
> should be able to turn it off (maybe through ZConfig). The default should
> probably be off, since I think more people avoid them than use them.
>
> I would suggest these approaches:
>
> 1: File a bug in the collector and be prepared to wait an indefinite time for
> it to be acted upon.
I had a bug in the collector for that in the 2.3.x times, before the db
crashed, IIRC. I fear I'm bad at explaining the issue clear enough, so
nobody cared.
> 2: develop a patch and submit it and/or check it in probably after vetting the
> change on a branch.
I have definately not enough knowledge to get a fix for that which is
acceptable speedwise. And removing the version support is probably not
what you want ;).
> I'm afraid the only way to get your favorite issue fixed quickly is to fix it
> yourself.
This is not my favorite issue, non of my sites is really affected by
this because there only trusted users are able to write to the ZODB, so
they could do much more harm in simpler ways.
> The security implications do not seem dire enough to me to warrent trying to
> squeeze this into 2.6.x. If you do not use versions then none of the
> implications apply.
This is the important thing that doesn't seem to get through.
These implications _do_ apply! I would be very suprised if I wouldn't be
able to inject versioned objects into zope.org, collector.zope.org or
squishdot.org for example.
cheers,
oliver