[Zope3-dev] Re: zope.security problems related to Python 2.5 update? (Was: Removed zope.security 3.4b4)

Christian Theune ct at gocept.com
Wed Aug 15 12:07:04 EDT 2007

Am Mittwoch, den 15.08.2007, 12:02 -0400 schrieb Jim Fulton:
> On Aug 15, 2007, at 11:56 AM, Christian Theune wrote:
> > I'm not sure that we should have to rely on removing packages like
> > those.
> I'm fairly sure that removing them is *not* the right solution.  For  
> example, that might have broken other applications.  (After all, I  
> released b4 for a reason.)
> The right short-term fix in this case was to use b2 in grok until b5  
> was released.

Right. I wasn't sure that people had a way to actually deal with this. I
didn't like my approach either and it didn't help anyway. :/

> > As Tres pointed out we should just avoid that everybody gets
> > those immediately anyway, but we should keep them as historic releases
> > in general.
> Only getting released versions would probably have just delayed the  
> problem until it would have been harder to solve. I was able to  
> address this quickly because the changes that caused it were fresh in  
> my mind.  It would have been harder if the problem were reported much  
> later.

Hmm. Well. OTOH we just can't let *every* unsuspected user get that.
That's bad from multiple points of view like experience, marketing, ...

More information about the Zope3-dev mailing list