From 35e54f3ec73444a18ba80bdb1dcc393f610e69bb Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Martin=20Ha=CC=88cker?= Date: Mon, 12 Aug 2019 08:03:01 +0200 Subject: [PATCH 1/5] Document deprecation of this package. --- README.rst | 4 ++++ 1 file changed, 4 insertions(+) diff --git a/README.rst b/README.rst index 874d41b..49439ed 100644 --- a/README.rst +++ b/README.rst @@ -5,3 +5,7 @@ A storage implementation which uses RAM to persist objects, much like MappingStorage. Unlike MappingStorage, it needs not be packed to get rid of non-cyclic garbage and it does rudimentary conflict resolution. This is a ripoff of Jim's Packless bsddb3 storage. + +**Please note: Usage of this package is deprecated, as it is known to randomly loose data, especially with zope 4.** + +For details see: https://github.com/zopefoundation/tempstorage/issues/8 From 6a7a37cd7432d6708169248844e1ca259e10438e Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?=E2=80=AErekc=C3=A4H=20nitraM=E2=80=AE?= Date: Tue, 13 Aug 2019 08:54:17 +0200 Subject: [PATCH 2/5] Update README.rst Apply suggestion Co-Authored-By: Michael Howitz --- README.rst | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/README.rst b/README.rst index 49439ed..e855426 100644 --- a/README.rst +++ b/README.rst @@ -6,6 +6,6 @@ MappingStorage. Unlike MappingStorage, it needs not be packed to get rid of non-cyclic garbage and it does rudimentary conflict resolution. This is a ripoff of Jim's Packless bsddb3 storage. -**Please note: Usage of this package is deprecated, as it is known to randomly loose data, especially with zope 4.** +**Please note: Usage of this package is deprecated, as it is known to randomly loose data, especially with Zope 4.** For details see: https://github.com/zopefoundation/tempstorage/issues/8 From 451ef43564de467f7ad0dbe4439d5e13da4805d6 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Martin=20Ha=CC=88cker?= Date: Tue, 13 Aug 2019 09:10:03 +0200 Subject: [PATCH 3/5] Document deprecation of tempstorage. --- CHANGES.rst | 7 ++++++- 1 file changed, 6 insertions(+), 1 deletion(-) diff --git a/CHANGES.rst b/CHANGES.rst index de7199a..34372de 100644 --- a/CHANGES.rst +++ b/CHANGES.rst @@ -4,7 +4,12 @@ Changelog 5.1 (unreleased) ---------------- -- Nothing changed yet. +- Package is now officially deprecated as it was broken for many years. This + was/ is common knowledge in the zope community, but was not documented + anywhere and thus this package was still used by many community members + without knowing this. See + (`#8 `_) + (`#12 `_) 5.0 (2019-05-10) From 8ac9c84bddcba096ec77b622686a532be3e9d54c Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Martin=20Ha=CC=88cker?= Date: Tue, 13 Aug 2019 09:10:17 +0200 Subject: [PATCH 4/5] Document suggested alternatives. --- README.rst | 7 ++++++- 1 file changed, 6 insertions(+), 1 deletion(-) diff --git a/README.rst b/README.rst index e855426..e5bbc88 100644 --- a/README.rst +++ b/README.rst @@ -8,4 +8,9 @@ ripoff of Jim's Packless bsddb3 storage. **Please note: Usage of this package is deprecated, as it is known to randomly loose data, especially with Zope 4.** -For details see: https://github.com/zopefoundation/tempstorage/issues/8 +For a detailed discussion see `#8 `_ as well as `#12 `_ + +To replace server-side sessions, cookies are probably your best bet, as these also get rid of any denial of service problems that server side sessions are vulnerable to. + +If you need server side storage of sessions, consider using a normal store rather than tempstorage for your session data. +For details and suggestions see `this discussion in the pull request `_ as well as the discussion in the aforementioned bug reports as well as `the discussion in Zope about the removal of the generated configuration `_. From a8c05b06d8313182d358f9e3c0d362602ef93e25 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Martin=20Ha=CC=88cker?= Date: Tue, 13 Aug 2019 15:00:25 +0200 Subject: [PATCH 5/5] Fix typo. --- README.rst | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/README.rst b/README.rst index e5bbc88..1e1fef4 100644 --- a/README.rst +++ b/README.rst @@ -6,7 +6,7 @@ MappingStorage. Unlike MappingStorage, it needs not be packed to get rid of non-cyclic garbage and it does rudimentary conflict resolution. This is a ripoff of Jim's Packless bsddb3 storage. -**Please note: Usage of this package is deprecated, as it is known to randomly loose data, especially with Zope 4.** +**Please note: Usage of this package is deprecated, as it is known to randomly lose data, especially with Zope 4.** For a detailed discussion see `#8 `_ as well as `#12 `_