Integration and release processes. #559
Comments
It would be great if @jirikuncar could be added as a maintainer to help catch up. I don't see any value in having two forks, especially for such a small (albeit active) community. |
IMO, if current maintainers are not interested on this, @jirikuncar (or whoever) should convert the fork into an independent library. This library is very useful and should be up to date. |
We're working on a maintenance path forward. I'll post another update here with details this week. |
It would be great if the maintainership could be further clarified so that those of us who depend on this great library can decide what to do. We've been using @jirikuncar's fork for almost 6 weeks now. Especially as it includes #565. All of us have families, day jobs and other distractions in our lives but it has now been over a month. As @jirikuncar has already stated, there are numerous useful PRs that either deserve to be merged or at least commented upon. Contributor momentum is being lost and it would be a real shame if people were unknowingly exposed to security vulnerabilities because they weren't using the fork. |
Dear all, Wishing all the best in 2017! |
Just want to mention that @jonafato and I will be meeting next week to work out a maintenance plan. |
I hope you guys are able to come up with a way to keep the community united! |
@mattupstate @jonafato do you have any updates on a maintenance plan? |
@jirikuncar I've given @jonafato pypi rights to publish releases, and he plans on contributing fixes in the near future that will help his own project work, so that will help. Additionally, I'm forcing myself to find some time to go through the back log of issues and PR's. We'll do our best to get some much needed updates out the door. |
@mattupstate please have a look at the master branch of our fork since it includes many PRs together with little changes needed for smooth integration. |
Good to hear there is some movement, and I look forward to the next release :) I recently started using your fork releases @jirikuncar Thanks! |
Sorry guys, but it is pretty obvious that this repo is not going to catch up. Would be pretty easy to let @jirikuncar help and put the repo up to date. Otherwise, we should create an independent repo. This package is so important for the python community, and could be much better if people were given the opportunity of contributing. |
The only disadvantage of using a fork is that it is not possible to post new issues to the fork, right? |
@melonista I can enable issues on the fork. I was hoping to quick integration with "upstream", but it looks like we might live with the fork longer. |
@mattupstate and @jonafato - I really hope you will consider integrating the @inveniosoftware fork where @jirikuncar has done a really great job integrating PRs and fixing tests - it's really going to save you time. I don't think it benefits neither you nor the Python community to have this package split. You've done a really great job producing this package and we're all extremely grateful for that, but I believe it's time you open up the project and let others into the core. |
What are the differences between flask-security and flask-security-fork at this point? I've started several new projects and am torn on choosing between the two. Are there security vulnerabilities in flask-security? Or is flask-security-fork simply implementing features to support other database types, etc? |
@mattupstate @jonafato any update on this? Given the amount of work @jirikuncar has contributed, it would be helpful for him to be added as a maintainer. Itching for a new release :-) |
Well if we decide to move along with this I have a private registration PR that I can push (I need to rework it so that it fits in the core design). :D My only comment on this is whatever way this project moves forward (its obvious it will one way or another) please continue to allow for super-classing the main FS object so that customization can still be achieved relatively easy. Other thoughts and notes ... would be nice to generalize more of the fucs and methods so that additional serializers and context processors can be created within your application without having to super. ... Maybe generalize send_mail also and allow it to take more params without being bound to FS so tightly. So again it can be used through out your application and not just within the context of FS and its methods. |
bump |
Postgres is including flask-security as a RPM (prob debs too) in their repo's now. Would be nice to stay active and maintain that. |
@mattupstate it's really sad that this repo is "prisoned" here and people like @jirikuncar can't contribute officially. If you can't maintain this, maybe you should move it to an organization where more people will be able to contribute and decide about it. |
It's been months now, can we please have an update. |
Suggest it's time to start opening pull requests against the fork. I notice some people have already started doing so. |
Maybe it's time to push people to start using the fork repo & pypi package instead of this unmaintained one |
I suggest that authors of open pull request should copy them over to flask-security-fork. If there's a pull request you want merging, I suggest you ask the author to move their P/R. Feels to me like the momentum is already with the fork.. It's 182 commits ahead right now. |
@mafrosis I have already merged many PRs from this repo. There is no need of coping them over if they are passing tests and there is an agreement on it. Please be patient as I am discussing with @mattupstate the future steps. Thank you very much for your contributions! |
Nice to hear that. Hope you guys solve this soon. |
@jirikuncar Will you start the process of closing down inveniosoftware/flask-security-fork? I.e. put a comment on the GitHub repo, probably either make a last release or simply update the pypi readme that the fork module should no longer be used. |
@lnielsen yes, I will try to prepare release within a week or two so we can close the fork and notify users. |
Very happy to see that @mattupstate and @jirikuncar worked something out to move forward with this repo. Thank you both for making it happen! 🎉 |
Dear @mattupstate and @jonafato:
In the light of recent Flask-Login release, I would like to ask you about plans for this package. There are many useful PRs that deserve to be merged (#494 #502 #519 #526 #528 #537 #538 #542 #544 #549 and more). Some of them are over a year old without any comment from maintainers.
If there is an interest I would offer my help with maintaining this package. Until the reply I am going to manage our fork so we can take benefits of the latest comunity work in both Flask-Login and Flask-Security packages.
Kind regards,
Jiri
The text was updated successfully, but these errors were encountered: