Advertisement:

Author Topic: SMF 1.1.13, SMF 2.0 RC4 Security Patch, and SMF 2.0 Release Candidate 5  (Read 1123460 times)

Offline Aleksi "Lex" Kilpinen

  • A Peculiar Finn
  • Lead Support Specialist
  • SMF Super Hero
  • *
  • Posts: 18,737
  • Gender: Male
  • Don't worry, I'm n00b friendly
    • Aleksi.Kilpinen on Facebook
    • LexArma on GitHub
    • aleksi-kilpinen on LinkedIn
    • There's No Place Like 127.0.0.1
Re: SMF 1.1.13, SMF 2.0 RC4 Security Patch, and SMF 2.0 Release Candidate 5
« Reply #320 on: March 25, 2011, 07:33:57 AM »
A date must be fixed at one time or another. If deadlines can not be required (3 years after the release of the first beta), it's still disturbing.
You are absolutely correct in that there should be a deadline when we have been working on a single release for so long - unfortunately with this particular release, we can not make deadlines and stick to them - because it is not up to the code being ready or not, but other things that must be handled before the release is made.
These things are being worked on, and progress is being made, but due to the nature of these things we can not realistically make deadlines for them to be handled.
They are handled as fast as possible, and how fast that is - no one really knows in advance.
A Finnish Support Specialist
 Happily running multiple SMF 2.0 installations.
  Fooling around with an i7 990X @ 3,47Ghz / 12Gb / Win 10 x64 / 3840x2160


How you can help SMF

"Before you allow people access to your forum, especially in an administrative position, you must be aware that that person can seriously damage your forum.
 Therefore, you should only allow people that you trust, implicitly, to have such access." -Douglas

Offline poolhall

  • Jr. Member
  • **
  • Posts: 316
Re: SMF 1.1.13, SMF 2.0 RC4 Security Patch, and SMF 2.0 Release Candidate 5
« Reply #321 on: March 25, 2011, 10:05:48 AM »
They are handled as fast as possible, and how fast that is - no one really knows in advance.

I don't really want to offend the team but repeating this uhh-some-legal-matter-is-holding-us,-we-can't-really-know-when-is-done stuff does sound like bull******. Why can't the officers provide more particular information? Is it sensitive and can't be shared?

Offline IchBin™

  • SMF Friend
  • SMF Super Hero
  • *
  • Posts: 11,115
  • Gender: Male
  • I don't speak German.
Re: SMF 1.1.13, SMF 2.0 RC4 Security Patch, and SMF 2.0 Release Candidate 5
« Reply #322 on: March 25, 2011, 10:21:28 AM »
Have you ever worked with Lawyers to transfer business assets and legal documents across state boundaries? Have you ever done it for a LCC or NPO where all people who work on the project can only do things in their spare time? Anyone who has ever worked with Lawyers knows how painful and arduous it can be. We are only waiting on the legal matters to end. An end is in site, but we certainly cannot give a date when we don't even know one ourselves.

If you'd like to further discuss your issues with the volunteers here, feel free to start a topic in chitchat or Site comments.
IchBin™        TinyPortal
Coding Guidelines       

Offline poolhall

  • Jr. Member
  • **
  • Posts: 316
Re: SMF 1.1.13, SMF 2.0 RC4 Security Patch, and SMF 2.0 Release Candidate 5
« Reply #323 on: March 25, 2011, 02:39:21 PM »
I've actually been working "with" lawyers for 16 years. I am also running SMF 2.0 on a large forum since 2008 doing this in my spare time, by the way, so I understand the nature of volunteer work very well and don't really wait for the final release. What I am talking about is lack of information on a particular matter.

Offline Kindred

  • The Mean One
  • Support Specialist
  • SMF Legend
  • *
  • Posts: 58,620
  • Gender: Male
    • Kindred-999 on GitHub
Re: SMF 1.1.13, SMF 2.0 RC4 Security Patch, and SMF 2.0 Release Candidate 5
« Reply #324 on: March 25, 2011, 02:42:59 PM »
what information do you think there is?   as I (and several others) have clearly stated: We are waiting for the final, legal contract to complete the transfer of assets. What information is lacking from that statement?
Please do not PM, IM or Email me with support questions.  You will get better and faster responses in the support boards.  Thank you.

Offline twig/al

  • Jr. Member
  • **
  • Posts: 165
  • Gender: Male
Re: SMF 1.1.13, SMF 2.0 RC4 Security Patch, and SMF 2.0 Release Candidate 5
« Reply #325 on: March 25, 2011, 05:09:22 PM »
Guys, I want 2.0 Gold as bad as anyone... It will be ready when things are final... It is not any of our business what the holdup is... I don't care and like I said it is none of MY business either... These people do a great job and I for one have no complaints... IF I were the one on the other end taking all the complaints about some of the things... I would lock the topic and tell everyone that they will be notified when it is ready... Then move on with other things that need to be done instead of answering the same old questions over and over again....

Now let me be clear, I am not a member of any SMF team, own stock or have any connections with SMF, other than being a loyal user...

Offline poolhall

  • Jr. Member
  • **
  • Posts: 316
Re: SMF 1.1.13, SMF 2.0 RC4 Security Patch, and SMF 2.0 Release Candidate 5
« Reply #326 on: March 25, 2011, 09:50:15 PM »
what information do you think there is?   as I (and several others) have clearly stated: We are waiting for the final, legal contract to complete the transfer of assets. What information is lacking from that statement?
and what is so special about it that makes it impossible to estimate when it's done? I must be missing something, so please can you tell?

Offline Arantor

  • Resident Overthinker
  • SMF Friend
  • SMF Legend
  • *
  • Posts: 71,982
    • StoryBB/StoryBB on GitHub
Re: SMF 1.1.13, SMF 2.0 RC4 Security Patch, and SMF 2.0 Release Candidate 5
« Reply #327 on: March 25, 2011, 09:59:35 PM »
From the time involved, I'd say that the contract has gone back and forth to get things amended on each side until both sides were happy; that's the normal reason legal contracts take time (certainly that was the case in the mortgage industry where I used to work)
Don’t try to tell me that some power can corrupt a person. You haven’t had enough to know what it’s like.

No good deed goes unpunished / No act of charity goes unresented.

Offline Aleksi "Lex" Kilpinen

  • A Peculiar Finn
  • Lead Support Specialist
  • SMF Super Hero
  • *
  • Posts: 18,737
  • Gender: Male
  • Don't worry, I'm n00b friendly
    • Aleksi.Kilpinen on Facebook
    • LexArma on GitHub
    • aleksi-kilpinen on LinkedIn
    • There's No Place Like 127.0.0.1
Re: SMF 1.1.13, SMF 2.0 RC4 Security Patch, and SMF 2.0 Release Candidate 5
« Reply #328 on: March 26, 2011, 01:03:15 AM »
That, plus the fact that both ends have interested parties scattered around the country.

A simple hypotethical example:
If I owned and managed an LLC and an NPO, I would expect a transfer like this between them to happen in days max, with one lawyer, no problem - but if I owned only part of the NPO, and the rest of the ownership of both companies were scattered around the globe, it would ofcourse require more than one lawyer, and understandably more time to handle things so that no one is left with a bad taste in their mouth, and so that all owners of both sides have time to understand and actually agree to the terms of the transfer, and so that contracts can be mailed back and forth between the lawyers and the owners of both sides until everyone is satisfied with the end result.

One must remember that this is not a buy out, this is not your everyday corporate takeover, but at the same time this is not just an internal transfer of assets either. The LLC and the NPO have differing ownership.
A Finnish Support Specialist
 Happily running multiple SMF 2.0 installations.
  Fooling around with an i7 990X @ 3,47Ghz / 12Gb / Win 10 x64 / 3840x2160


How you can help SMF

"Before you allow people access to your forum, especially in an administrative position, you must be aware that that person can seriously damage your forum.
 Therefore, you should only allow people that you trust, implicitly, to have such access." -Douglas

Offline IchBin™

  • SMF Friend
  • SMF Super Hero
  • *
  • Posts: 11,115
  • Gender: Male
  • I don't speak German.
Re: SMF 1.1.13, SMF 2.0 RC4 Security Patch, and SMF 2.0 Release Candidate 5
« Reply #329 on: March 26, 2011, 01:06:49 PM »
what information do you think there is?   as I (and several others) have clearly stated: We are waiting for the final, legal contract to complete the transfer of assets. What information is lacking from that statement?
and what is so special about it that makes it impossible to estimate when it's done? I must be missing something, so please can you tell?

If you can figure out how to put a date on someone's free time, or how about putting date on the mail system when things are getting mailed back and forth, or how about how long it takes a lawyer to do his part, or how about how long it takes to even get a hold of each party to get something done, or.... I think you get the point. How can you possibly put a date on anything involved?
IchBin™        TinyPortal
Coding Guidelines       

Offline Norv

  • SMF Friend
  • SMF Super Hero
  • *
  • Posts: 18,313
  • Blue Wolf
Re: SMF 1.1.13, SMF 2.0 RC4 Security Patch, and SMF 2.0 Release Candidate 5
« Reply #330 on: March 26, 2011, 05:28:32 PM »
Anyway I hope that in future:
 - future versions will come with a little more transparency.
I completely agree. I can tell they will indeed come with more transparency, as long as I'm here. Probably, not a little more, but much more. (though that's in the eye of the beholder, too :)).

- that the prototypes will no longer remain as R.C. for X months (or years)
I hope the same, but there are no guarantees here. We are working on improving drastically many things, though, with the purpose of speeding up releases.

However, on clear dates promised, I can only echo what has been said before: no, we will not set strict dates, and as annoying as it may sound, SMF release policy has been and will be: when it is ready.
To-do lists are for deferral. The more things you write down the later they're done… until you have 100s of lists of things you don't do.
File a security report | Developers' Blog | Bug Tracker

Also known as Norv on D* | Norv N. on G+ | Norv on Github

Offline Green Day Portal

  • Semi-Newbie
  • *
  • Posts: 13
  • Development in progress!
Re: SMF 1.1.13, SMF 2.0 RC4 Security Patch, and SMF 2.0 Release Candidate 5
« Reply #331 on: March 27, 2011, 04:51:22 AM »
Congrats team :)
Green Day Portal (GP)
Upcoming portal for Simple Machines Forum 2.0!

Offline NanoSector

  • SMF Friend
  • SMF Super Hero
  • *
  • Posts: 10,500
  • Gender: Male
  • VC321xb47@aperture:~#
    • Yoshi2889 on GitHub
My Mods / Mod Builder - A tool to easily create mods / Blog
"I've heard from a reliable source that the Answer is 42. But, still no word on what the question is."

Offline Green Day Portal

  • Semi-Newbie
  • *
  • Posts: 13
  • Development in progress!
Re: SMF 1.1.13, SMF 2.0 RC4 Security Patch, and SMF 2.0 Release Candidate 5
« Reply #333 on: March 27, 2011, 01:23:52 PM »
I rather prefer being late than never do it. :P
Green Day Portal (GP)
Upcoming portal for Simple Machines Forum 2.0!

Offline petabyte

  • Jr. Member
  • **
  • Posts: 160
  • Gender: Male
  • whatever...

Offline TurtleKicker

  • Full Member
  • ***
  • Posts: 416
Re: SMF 1.1.13, SMF 2.0 RC4 Security Patch, and SMF 2.0 Release Candidate 5
« Reply #335 on: March 31, 2011, 01:54:34 PM »
is RC5 the last version before final?

Well, RC2, RC3, and RC4 were all supposed to be the last before final... so take any answers with a grain of salt. ;)

Interesting retro offtopic... I used to run a Fidonet BBS...

can I consider, based on your comment (not on a commitment) that 2.0 RC5 is considered stable enough for a production/live forum. (as you can see I have a lot at risk if it doesn't go well or is unstable)
RC5 is pretty stable apparently but as it is not a final release, there won't be simple upgrade patches to RC6/final. It will require a full re-install, including a full reinstall of all your mods. The more mods and custom edits you have, the more time this will require.

This tidbit gets missed a lot in the recommending of betas/RCs for production use. A lot of users get burned by surprise when the next update comes, as they are accustomed to a simple automatic update process with SMF releases.

Offline dvance

  • Newbie
  • *
  • Posts: 3
Re: SMF 1.1.13, SMF 2.0 RC4 Security Patch, and SMF 2.0 Release Candidate 5
« Reply #336 on: March 31, 2011, 01:55:31 PM »
and if smf did not keep to releasing on that date there will be a lot of upset people that have prepared to update on that day to now have nothing to do. the way things are done and not going to change.

And there's not a lot of upset people already? I think at least an IDEA of finals or updates would be better than "whatever it's ready" or "whenever we feel like it". Everyday in our lives we have to provide estimates. They are not hard dates, but they are estimates. Ya, some people may get annoyed or upset at "soft dates", but they just have to understand that "soft dates" are not deadlines. This being "kept in the dark" is beyond old and unacceptable.

Offline Arantor

  • Resident Overthinker
  • SMF Friend
  • SMF Legend
  • *
  • Posts: 71,982
    • StoryBB/StoryBB on GitHub
Re: SMF 1.1.13, SMF 2.0 RC4 Security Patch, and SMF 2.0 Release Candidate 5
« Reply #337 on: March 31, 2011, 01:57:49 PM »
Quote
I think at least an IDEA of finals or updates would be better than "whatever it's ready" or "whenever we feel like it"

Except that happened once before with a previous release candidate, the date slipped due to real life stuff and there were a lot of people unhappy as a result - and only "the summer" was quoted. So no, the team will not commit to any time or date, not even approximately, because it has happened before and they know the result.
Don’t try to tell me that some power can corrupt a person. You haven’t had enough to know what it’s like.

No good deed goes unpunished / No act of charity goes unresented.

Offline Illori

  • Project Manager
  • SMF Legend
  • *
  • Posts: 51,603
Re: SMF 1.1.13, SMF 2.0 RC4 Security Patch, and SMF 2.0 Release Candidate 5
« Reply #338 on: March 31, 2011, 01:58:36 PM »
smf 2.0 final will be released before the end of time, there you got a date to work from.

Offline Norv

  • SMF Friend
  • SMF Super Hero
  • *
  • Posts: 18,313
  • Blue Wolf
Re: SMF 1.1.13, SMF 2.0 RC4 Security Patch, and SMF 2.0 Release Candidate 5
« Reply #339 on: March 31, 2011, 03:04:29 PM »
and if smf did not keep to releasing on that date there will be a lot of upset people that have prepared to update on that day to now have nothing to do. the way things are done and not going to change.

And there's not a lot of upset people already? I think at least an IDEA of finals or updates would be better than "whatever it's ready" or "whenever we feel like it". Everyday in our lives we have to provide estimates. They are not hard dates, but they are estimates. Ya, some people may get annoyed or upset at "soft dates", but they just have to understand that "soft dates" are not deadlines. This being "kept in the dark" is beyond old and unacceptable.

I understand. However, I'd point out that indeed, this way of doing is used in a number of open source projects, and is not used in others.
I can tell that we are working to improve our communication with the community for future SMF versions, for the community to be more aware of the status than from the bug tracker alone as it is today, and by that, less "in the dark" about what is going on and what to expect.
It won't happen over night, but I agree there is a problem here, currently, and I don't doubt it needs addressed better than it is today.
To-do lists are for deferral. The more things you write down the later they're done… until you have 100s of lists of things you don't do.
File a security report | Developers' Blog | Bug Tracker

Also known as Norv on D* | Norv N. on G+ | Norv on Github