You are viewing a plain text version of this content. The canonical link for it is here.

Posted to dev@couchdb.apache.org by Jan Lehnardt <ja...@apache.org> on 2020/09/01 15:24:48 UTC

Re: Preparing 3.1.1 release

This PR by my coworker Jacoba should address this issue satisfactorily:

   https://github.com/apache/couchdb-fauxton/pull/1292

Best
Jan
—

> On 27. Aug 2020, at 11:41, Jan Lehnardt <ja...@apache.org> wrote:
> 
> In ermouth's defence, I also think that the PR was merged prematurely. But adding a button with a warning that then conditionally loads the iframe should not be a lot of work and I'm happy to review a PR there.
> 
> Cheers
> Jan
> —
> 
>> On 27. Aug 2020, at 01:05, Joan Touzet <wo...@apache.org> wrote:
>> 
>> A PR to disable the tab via an ini file setting would absolutely be merged. Why not work on one?
>> 
>> On 2020-08-26 6:45 p.m., ermouth wrote:
>>>> The blog is controlled by the CouchDB PMC. No one outside of the PMC or
>>> who they authorize has access to it.
>>> This is about wordpress server where the blog lives. The server is
>>> maintained so impressively, that shows default wordpress favicon for years
>>> and responds with x-hacker header, promoting jobs aggregator. It implies an
>>> obvious question about how reliable is the server in terms of injections
>>> and logs protection.
>>> Also the blog pings gravatar, not good.
>>>> If you don't want to display it, don't click on it, and the iframe won't
>>> This is not how things are protected, and I know that you know about it.
>>> ermouth
>>> чт, 27 авг. 2020 г. в 00:55, Joan Touzet <wo...@apache.org>:
>>>> At the moment, I have no plan to update Fauxton for 3.1.1.
>>>> 
>>>> The blog is controlled by the CouchDB PMC. No one outside of the PMC or
>>>> who they authorize has access to it.
>>>> 
>>>> If you don't want to display it, don't click on it, and the iframe won't
>>>> load.
>>>> 
>>>> -Joan
>>>> 
>>>> On 2020-08-26 11:57 a.m., ermouth wrote:
>>>>> Is that very unsafe PR
>>>>> https://github.com/apache/couchdb-fauxton/pull/1284 going
>>>>> to be included into 3.1.1?
>>>>> 
>>>>> If it will, who exactly controls the wordpress site with those “news”?
>>>>> 
>>>>> ermouth
>>>>> 
>>>>> 
>>>>> вт, 25 авг. 2020 г. в 23:45, Joan Touzet <wo...@apache.org>:
>>>>> 
>>>>>> Hello there,
>>>>>> 
>>>>>> I have time to get together a 3.1.1 release now. If you have any
>>>>>> pressing things to get into 3.x, or anything that's on master that
>>>>>> should be backported, please open your PRs now.
>>>>>> 
>>>>>> -Joan "Labor Day! Schools are out and pools are open!" Touzet
>>>>>> 
>>>>> 
>>>> 
>

Re: Preparing 3.1.1 release

Posted by Robert Newson <rn...@apache.org>.

Nice 

-- 
  Robert Samuel Newson
  rnewson@apache.org

On Tue, 1 Sep 2020, at 16:24, Jan Lehnardt wrote:
> This PR by my coworker Jacoba should address this issue satisfactorily:
> 
>    https://github.com/apache/couchdb-fauxton/pull/1292
> 
> Best
> Jan
> —
> 
> > On 27. Aug 2020, at 11:41, Jan Lehnardt <ja...@apache.org> wrote:
> > 
> > In ermouth's defence, I also think that the PR was merged prematurely. But adding a button with a warning that then conditionally loads the iframe should not be a lot of work and I'm happy to review a PR there.
> > 
> > Cheers
> > Jan
> > —
> > 
> >> On 27. Aug 2020, at 01:05, Joan Touzet <wo...@apache.org> wrote:
> >> 
> >> A PR to disable the tab via an ini file setting would absolutely be merged. Why not work on one?
> >> 
> >> On 2020-08-26 6:45 p.m., ermouth wrote:
> >>>> The blog is controlled by the CouchDB PMC. No one outside of the PMC or
> >>> who they authorize has access to it.
> >>> This is about wordpress server where the blog lives. The server is
> >>> maintained so impressively, that shows default wordpress favicon for years
> >>> and responds with x-hacker header, promoting jobs aggregator. It implies an
> >>> obvious question about how reliable is the server in terms of injections
> >>> and logs protection.
> >>> Also the blog pings gravatar, not good.
> >>>> If you don't want to display it, don't click on it, and the iframe won't
> >>> This is not how things are protected, and I know that you know about it.
> >>> ermouth
> >>> чт, 27 авг. 2020 г. в 00:55, Joan Touzet <wo...@apache.org>:
> >>>> At the moment, I have no plan to update Fauxton for 3.1.1.
> >>>> 
> >>>> The blog is controlled by the CouchDB PMC. No one outside of the PMC or
> >>>> who they authorize has access to it.
> >>>> 
> >>>> If you don't want to display it, don't click on it, and the iframe won't
> >>>> load.
> >>>> 
> >>>> -Joan
> >>>> 
> >>>> On 2020-08-26 11:57 a.m., ermouth wrote:
> >>>>> Is that very unsafe PR
> >>>>> https://github.com/apache/couchdb-fauxton/pull/1284 going
> >>>>> to be included into 3.1.1?
> >>>>> 
> >>>>> If it will, who exactly controls the wordpress site with those “news”?
> >>>>> 
> >>>>> ermouth
> >>>>> 
> >>>>> 
> >>>>> вт, 25 авг. 2020 г. в 23:45, Joan Touzet <wo...@apache.org>:
> >>>>> 
> >>>>>> Hello there,
> >>>>>> 
> >>>>>> I have time to get together a 3.1.1 release now. If you have any
> >>>>>> pressing things to get into 3.x, or anything that's on master that
> >>>>>> should be backported, please open your PRs now.
> >>>>>> 
> >>>>>> -Joan "Labor Day! Schools are out and pools are open!" Touzet
> >>>>>> 
> >>>>> 
> >>>> 
> > 
> 
>