[Zope3-dev] Re: zope.security problems related to Python 2.5 update? (Was: Removed zope.security 3.4b4)

Jim Fulton jim at zope.com
Wed Aug 15 12:02:32 EDT 2007

On Aug 15, 2007, at 11:56 AM, Christian Theune wrote:
> I'm not sure that we should have to rely on removing packages like
> those.

I'm fairly sure that removing them is *not* the right solution.  For  
example, that might have broken other applications.  (After all, I  
released b4 for a reason.)

The right short-term fix in this case was to use b2 in grok until b5  
was released.

> As Tres pointed out we should just avoid that everybody gets
> those immediately anyway, but we should keep them as historic releases
> in general.

Only getting released versions would probably have just delayed the  
problem until it would have been harder to solve. I was able to  
address this quickly because the changes that caused it were fresh in  
my mind.  It would have been harder if the problem were reported much  

This particular problem was due to a circular import, which is a very  
hard thing to test for sadly.  We need to fix this.


Jim Fulton			mailto:jim at zope.com		Python Powered!
CTO 				(540) 361-1714			http://www.python.org
Zope Corporation	http://www.zope.com		http://www.zope.org

More information about the Zope3-dev mailing list