GSIP 129

GSIP 129 - Dev Guide Refresh

Overview

Proposed By

Jody Garnett

Assigned to Release

The live developers guide is based off master, so the sooner we can correct the better :)

State

Motivation

In reviewing the developers guide a few sections are out of date:

Community Process

we have changed from roadmap planning to a time boxed release cycle
cross link to to Release Cycle

Quickstart

Update to quickstart to modern branches

Eclipse Guide

Correct GEOSERVER_DATA_DIR VM argument example

Policies and Procedures

We can use a section on "responsible disclosure" of security issues

Release Schedule

Push the code freeze back a month, and remove the RC2 release. This provides a bit more coding time each cycle and is a response to the lack of feedback on release candidates
The result is a development cycle on master than ends with: beta, RC1 (code freeze), release

Submitting Patches

Clarify that fixes are expected to be back ported to the stable and maintenance branches (or what is the point of having them)
This will be a strong recommendation for now (rather than a requirement).
Initial patch/jira/pull request should be evaluated for
1. Investigating if the issue impact all the active branches
2. Investigating whether a fix is possible
3. Capturing this in jira

Proposal

Updating the build instructions and quickstart are a casual activity that should be able to proceed without formal change proposal.

Changing the following procedures are subject to review and approval by the PSC:

Removing the section on roadmap planning
Adding a section on responsible disclosure
- keep exploit details out of issue report
- send to developer/PSC privately (just like we do for sample data)
- be prepared to work with PSC members on a solution
- if you are unable to communicate in public/issue tracker please contact PSC members privately, or contact OSGeo at info@osgeogeo.org
- keep in mind PSC members are volunteers and an extensive fix may require fundraising / resources
We can also take the opportunity to refresh our PSC list based on activity

Feedback

Discussion on reasonable disclosure:

Handling of GEOS-7032: Remote File Disclosure - concerning XML External Entity XXE Processing and GEOS-7032
Handling of a security flaw - concerning cross site scripting flaw

Backwards Compatibility

Voting

Project Steering Committee:

Alessio Fabiani
Andrea Aime
Ben Caradoc-Davies
Christian Mueller
Gabriel Roldán
Jody Garnett
Jukka Rahkonen
Justin Deoliveira
Phil Scadden
Simone Giannecchini

Committers:

Links

GEOS-7054

Home
Proposals
Release Schedule

GSIP 129

GSIP 129 - Dev Guide Refresh

Overview

Proposed By

Assigned to Release

State

Motivation

Proposal

Feedback

Backwards Compatibility

Voting

Links

Uh oh!

Uh oh!

Uh oh!

Uh oh!

Uh oh!

Uh oh!

Uh oh!

Uh oh!

Uh oh!

Uh oh!

Uh oh!

Uh oh!

Uh oh!

Uh oh!

Uh oh!

Uh oh!

Uh oh!

Uh oh!

Uh oh!

Uh oh!

Uh oh!

Uh oh!

Uh oh!

Uh oh!

Uh oh!

Uh oh!

Uh oh!

Uh oh!

Uh oh!

Uh oh!

Uh oh!

Uh oh!

Uh oh!

Uh oh!

Uh oh!

Uh oh!

Uh oh!

Uh oh!

Uh oh!

Uh oh!

Uh oh!

Uh oh!

Uh oh!

Uh oh!

Uh oh!

Uh oh!

Uh oh!

Uh oh!

Uh oh!

Uh oh!

Uh oh!

Uh oh!

Uh oh!

Uh oh!

Uh oh!

Uh oh!

Uh oh!

Uh oh!

Uh oh!

Uh oh!

Uh oh!

Uh oh!

Uh oh!

Uh oh!

Uh oh!

Uh oh!

Uh oh!

Uh oh!