Open Stack

On Wed, 2013-08-14 at 14:06 -0300, Thierry Carrez wrote:
> Adam Young wrote:
> > On 08/13/2013 06:20 PM, Dolph Mathews wrote:
> >> During today's project status meeting [1], the state of KDS was
> >> discussed [2]. To quote ttx directly: "we've been bitten in the past
> >> with late security-sensitive stuff" and "I'm a bit worried to ship
> >> late code with such security implications as a KDS." I share the same
> >> concern, especially considering the API only recently went up for
> >> formal review [3], and the WIP implementation is still failing
> >> smokestack [4].
> > 
> > Since KDS is a security tightening in acase where there is no security
> > at all, adding it in can only improve security.
> 
> It's not really a question of "more security" or "less security"... It's
> about putting young sensitive code into a release, with the risk of
> having to issue a lot of security advisories for early bugs.
> 
> I'm all for that code to land in the icehouse master branch as soon as
> it opens and that it gets put into good use by projects throughout the
> icehouse development cycle. I just think the benefits of waiting
> outweigh the benefits of landing it now.
> 
> I explained why I prefer it to land in a few weeks rather than now...
> Can someone explain why they prefer the reverse ? Why does it have to be
> in havana ?

Because it was painful top rebase due to the migrations code, however
since Adam landed the code that splits migrations so that extensions can
have their own separate code for that I think the burden will be
substantially lower.

If this is your final word on the matter I'll take notice that the work
will be deferred till Icehouse and I will slightly demote its priority
in my work queue.

Simo.

-- 
Simo Sorce * Red Hat, Inc * New York