|
I thought I sent this out yesterday, but forgot to copy the list --
just as well that I wasn't able to complete the migration last
night, although I did get started on the security-spec repo.
Please note the part about issue management -- I think it will be
helpful to use issues to track what we're working on, to avoid
duplicate effort or working at cross purposes -- for now, lets use
soteria repo issues to track who's working on tasks.
Will
On 07/19/2017 12:49 PM, Will Hopkins
wrote:
MOVING THE REPOS TODAY!
Unless there are objections, I plan to migrate the security-spec,
security-api, and soteria repos to the Java EE github organization
today. Since most of you are in Europe, I'll do it during the
evening my time, which will be very late at night CET.
Before doing so, I'll disable access for everyone, to avoid
interrupting a commit or an issue update. Once everything is
successfully migrated, I'll re-enable access on the Java EE side.
ISSUE MANAGEMENT:
On a slightly different topic, I plan to triage the outstanding
Issues for both security-spec (@javaee org) and soteria, and use
them to manage the remaining work. Please plan to track work
you're doing with github issues. I'll send a more detailed email
on this topic soon.
Regards,
Will
-------- Forwarded Message --------
I think I'm about ready to migrate the repos to the javaee
organization.
If anyone has work in flight that will be disrupted, please let
me know. Otherwise, I'll plan to do the migration sometime
tomorrow (Wednesday, 7/19).
The plan is to migrate as follows:
- security-spec -> javaee/security-spec
- issues are already there (migrated from java.net)
- migrate the source only, using git clone
- recreate releases based on migrated tags at the
destination
- will lose pull-request history, but should preserve
everything else we need.
git clone --bare $GITHUB_URL_OLD_REPO
cd <repo-name>.git
git push --mirror $GITHUB_URL_NEW_REPO
- security-api -> javaee/security-api
- use github "transfer" function to migrate entire repo
- soteria -> javaee/security-ri-soteria
- use github "transfer function to migrate entire repo
- rename repo when transfer completes
I'll make a full (bare) clone of each repo before
transferring it.
Seem like a reasonable plan?
Will
On 07/11/2017 02:21 PM, Werner Keil
wrote:
Ok, let us
know, if you need any help by those who have the necessary
rights.
--
Will Hopkins | WebLogic Security Architect | +1.781.442.0310
Oracle Application Development
35 Network Drive, Burlington, MA 01803
--
Will Hopkins | WebLogic Security Architect | +1.781.442.0310
Oracle Application Development
35 Network Drive, Burlington, MA 01803
--
Will Hopkins | WebLogic Security Architect | +1.781.442.0310
Oracle Application Development
35 Network Drive, Burlington, MA 01803
|
|
|
So is everybody OK with me moving repos today?
SPEAK NOW OR FOREVER HOLD YOUR PEACE!
On 07/20/2017 10:38 AM, Will Hopkins
wrote:
I thought I sent this out yesterday, but forgot to copy the list
-- just as well that I wasn't able to complete the migration last
night, although I did get started on the security-spec repo.
Please note the part about issue management -- I think it will be
helpful to use issues to track what we're working on, to avoid
duplicate effort or working at cross purposes -- for now, lets use
soteria repo issues to track who's working on tasks.
Will
On 07/19/2017 12:49 PM, Will Hopkins
wrote:
MOVING THE REPOS TODAY!
Unless there are objections, I plan to migrate the
security-spec, security-api, and soteria repos to the Java EE
github organization today. Since most of you are in Europe, I'll
do it during the evening my time, which will be very late at
night CET.
Before doing so, I'll disable access for everyone, to avoid
interrupting a commit or an issue update. Once everything is
successfully migrated, I'll re-enable access on the Java EE
side.
ISSUE MANAGEMENT:
On a slightly different topic, I plan to triage the outstanding
Issues for both security-spec (@javaee org) and soteria, and use
them to manage the remaining work. Please plan to track work
you're doing with github issues. I'll send a more detailed email
on this topic soon.
Regards,
Will
-------- Forwarded Message --------
I think I'm about ready to migrate the repos to the javaee
organization.
If anyone has work in flight that will be disrupted, please
let me know. Otherwise, I'll plan to do the migration sometime
tomorrow (Wednesday, 7/19).
The plan is to migrate as follows:
- security-spec -> javaee/security-spec
- issues are already there (migrated from java.net)
- migrate the source only, using git clone
- recreate releases based on migrated tags at the
destination
- will lose pull-request history, but should preserve
everything else we need.
git clone --bare $GITHUB_URL_OLD_REPO
cd <repo-name>.git
git push --mirror $GITHUB_URL_NEW_REPO
- security-api -> javaee/security-api
- use github "transfer" function to migrate entire repo
- soteria -> javaee/security-ri-soteria
- use github "transfer function to migrate entire repo
- rename repo when transfer completes
I'll make a full (bare) clone of each repo before
transferring it.
Seem like a reasonable plan?
Will
On 07/11/2017 02:21 PM, Werner
Keil wrote:
Ok, let us
know, if you need any help by those who have the necessary
rights.
--
Will Hopkins | WebLogic Security Architect | +1.781.442.0310
Oracle Application Development
35 Network Drive, Burlington, MA 01803
--
Will Hopkins | WebLogic Security Architect | +1.781.442.0310
Oracle Application Development
35 Network Drive, Burlington, MA 01803
--
Will Hopkins | WebLogic Security Architect | +1.781.442.0310
Oracle Application Development
35 Network Drive, Burlington, MA 01803
--
Will Hopkins | WebLogic Security Architect | +1.781.442.0310
Oracle Application Development
35 Network Drive, Burlington, MA 01803
|
|
|
Guillermo González de Agüero
toggle quoted messageShow quoted text
On Thu, Jul 20, 2017 at 8:39 PM, Will Hopkins <will.hopkins@...> wrote:
So is everybody OK with me moving repos today?
SPEAK NOW OR FOREVER HOLD YOUR PEACE!
On 07/20/2017 10:38 AM, Will Hopkins
wrote:
I thought I sent this out yesterday, but forgot to copy the list
-- just as well that I wasn't able to complete the migration last
night, although I did get started on the security-spec repo.
Please note the part about issue management -- I think it will be
helpful to use issues to track what we're working on, to avoid
duplicate effort or working at cross purposes -- for now, lets use
soteria repo issues to track who's working on tasks.
Will
On 07/19/2017 12:49 PM, Will Hopkins
wrote:
MOVING THE REPOS TODAY!
Unless there are objections, I plan to migrate the
security-spec, security-api, and soteria repos to the Java EE
github organization today. Since most of you are in Europe, I'll
do it during the evening my time, which will be very late at
night CET.
Before doing so, I'll disable access for everyone, to avoid
interrupting a commit or an issue update. Once everything is
successfully migrated, I'll re-enable access on the Java EE
side.
ISSUE MANAGEMENT:
On a slightly different topic, I plan to triage the outstanding
Issues for both security-spec (@javaee org) and soteria, and use
them to manage the remaining work. Please plan to track work
you're doing with github issues. I'll send a more detailed email
on this topic soon.
Regards,
Will
-------- Forwarded Message --------
I think I'm about ready to migrate the repos to the javaee
organization.
If anyone has work in flight that will be disrupted, please
let me know. Otherwise, I'll plan to do the migration sometime
tomorrow (Wednesday, 7/19).
The plan is to migrate as follows:
- security-spec -> javaee/security-spec
- issues are already there (migrated from java.net)
- migrate the source only, using git clone
- recreate releases based on migrated tags at the
destination
- will lose pull-request history, but should preserve
everything else we need.
git clone --bare $GITHUB_URL_OLD_REPO
cd <repo-name>.git
git push --mirror $GITHUB_URL_NEW_REPO
- security-api -> javaee/security-api
- use github "transfer" function to migrate entire repo
- soteria -> javaee/security-ri-soteria
- use github "transfer function to migrate entire repo
- rename repo when transfer completes
I'll make a full (bare) clone of each repo before
transferring it.
Seem like a reasonable plan?
Will
On 07/11/2017 02:21 PM, Werner
Keil wrote:
Ok, let us
know, if you need any help by those who have the necessary
rights.
--
Will Hopkins | WebLogic Security Architect | +1.781.442.0310
Oracle Application Development
35 Network Drive, Burlington, MA 01803
--
Will Hopkins | WebLogic Security Architect | +1.781.442.0310
Oracle Application Development
35 Network Drive, Burlington, MA 01803
--
Will Hopkins | WebLogic Security Architect | +1.781.442.0310
Oracle Application Development
35 Network Drive, Burlington, MA 01803
--
Will Hopkins | WebLogic Security Architect | +1.781.442.0310
Oracle Application Development
35 Network Drive, Burlington, MA 01803
|
|
|
Thanks, Guillermo.
On 07/20/2017 02:42 PM, Guillermo
González de Agüero wrote:
--
Will Hopkins | WebLogic Security Architect | +1.781.442.0310
Oracle Application Development
35 Network Drive, Burlington, MA 01803
|
|
|
Ok for me, but I'm not a member of the Java EE organization. Yet? (or is that not the intention)
Rudy
On 20 July 2017 at 20:39, Will Hopkins <will.hopkins@...> wrote:
So is everybody OK with me moving repos today?
SPEAK NOW OR FOREVER HOLD YOUR PEACE!
On 07/20/2017 10:38 AM, Will Hopkins
wrote:
I thought I sent this out yesterday, but forgot to copy the list
-- just as well that I wasn't able to complete the migration last
night, although I did get started on the security-spec repo.
Please note the part about issue management -- I think it will be
helpful to use issues to track what we're working on, to avoid
duplicate effort or working at cross purposes -- for now, lets use
soteria repo issues to track who's working on tasks.
Will
On 07/19/2017 12:49 PM, Will Hopkins
wrote:
MOVING THE REPOS TODAY!
Unless there are objections, I plan to migrate the
security-spec, security-api, and soteria repos to the Java EE
github organization today. Since most of you are in Europe, I'll
do it during the evening my time, which will be very late at
night CET.
Before doing so, I'll disable access for everyone, to avoid
interrupting a commit or an issue update. Once everything is
successfully migrated, I'll re-enable access on the Java EE
side.
ISSUE MANAGEMENT:
On a slightly different topic, I plan to triage the outstanding
Issues for both security-spec (@javaee org) and soteria, and use
them to manage the remaining work. Please plan to track work
you're doing with github issues. I'll send a more detailed email
on this topic soon.
Regards,
Will
-------- Forwarded Message --------
I think I'm about ready to migrate the repos to the javaee
organization.
If anyone has work in flight that will be disrupted, please
let me know. Otherwise, I'll plan to do the migration sometime
tomorrow (Wednesday, 7/19).
The plan is to migrate as follows:
- security-spec -> javaee/security-spec
- issues are already there (migrated from java.net)
- migrate the source only, using git clone
- recreate releases based on migrated tags at the
destination
- will lose pull-request history, but should preserve
everything else we need.
git clone --bare $GITHUB_URL_OLD_REPO
cd <repo-name>.git
git push --mirror $GITHUB_URL_NEW_REPO
- security-api -> javaee/security-api
- use github "transfer" function to migrate entire repo
- soteria -> javaee/security-ri-soteria
- use github "transfer function to migrate entire repo
- rename repo when transfer completes
I'll make a full (bare) clone of each repo before
transferring it.
Seem like a reasonable plan?
Will
On 07/11/2017 02:21 PM, Werner
Keil wrote:
Ok, let us
know, if you need any help by those who have the necessary
rights.
--
Will Hopkins | WebLogic Security Architect | +1.781.442.0310
Oracle Application Development
35 Network Drive, Burlington, MA 01803
--
Will Hopkins | WebLogic Security Architect | +1.781.442.0310
Oracle Application Development
35 Network Drive, Burlington, MA 01803
--
Will Hopkins | WebLogic Security Architect | +1.781.442.0310
Oracle Application Development
35 Network Drive, Burlington, MA 01803
--
Will Hopkins | WebLogic Security Architect | +1.781.442.0310
Oracle Application Development
35 Network Drive, Burlington, MA 01803
|
|
|
Arjan Tijms
Hi,
Basically okay, although my 2 outstanding PRs may be an issue.
Perhaps easiest to accept those both, then migrate, and then later change in that code whatever needs changing still.
Kind regards, Arjan Tijms
On Thursday, July 20, 2017, Rudy De Busscher < rdebusscher@...> wrote: Ok for me, but I'm not a member of the Java EE organization. Yet? (or is that not the intention)
Rudy
|
|
|
Can you merge them onto a branch in the repository? If so, they'll
be carried over when the repository moves.
Note that the security-spec repo is already moved; that one I had to
clone into the existing repo at github.com/javaee, the other two
will go as a direct transfer.
Will
On 07/20/2017 03:29 PM, Arjan Tijms
wrote:
Hi,
Basically okay, although my 2 outstanding PRs may be an
issue.
Perhaps easiest to accept those both, then migrate, and then
later change in that code whatever needs changing still.
Kind regards,
Arjan Tijms
On Thursday, July 20, 2017, Rudy De Busscher < rdebusscher@...>
wrote:
Ok for me, but I'm not a member of the Java EE
organization. Yet? (or is that not the intention)
Rudy
--
Will Hopkins | WebLogic Security Architect | +1.781.442.0310
Oracle Application Development
35 Network Drive, Burlington, MA 01803
|
|
|
It's best if you are a member of the Java EE organization, because
then I can add you to the security "team" in the javaee org, but I
can also grant access to outside "collaborators".
Note that I'm planning to manage access a little differently, by
allowing write access for all contributors -- so people can create
branches, update issues, etc., for all repos -- but protect the
master branch, at least for spec and api -- so that I can do change
control when needed.
Note also that I've just been told all contributors going forward
must sign the OCA, even folks who are on the EG and therefore
presumably have already signed. There's a list of OCA signers at
http://www.oracle.com/technetwork/community/oca-486395.html, and if
you're not on the list I'm not supposed to allow commits. There are
few people who are EG members or listed as Contributors on the
JCP.org web site who aren't on the list (including some that have
already contributed, but that's apparently not a problem). Sigh.
Will
On 07/20/2017 03:20 PM, Rudy De
Busscher wrote:
Ok for me, but I'm not a member of the Java EE
organization. Yet? (or is that not the intention)
Rudy
--
Will Hopkins | WebLogic Security Architect | +1.781.442.0310
Oracle Application Development
35 Network Drive, Burlington, MA 01803
|
|
|
Guillermo González de Agüero
It's best if you are a member of the Java EE organization, because
then I can add you to the security "team" in the javaee org, but I
can also grant access to outside "collaborators".
I guess that only applies to EG members? Or contributors can also request to join? If so, how could it be done?
Note that I'm planning to manage access a little differently, by
allowing write access for all contributors -- so people can create
branches, update issues, etc., for all repos -- but protect the
master branch, at least for spec and api -- so that I can do change
control when needed.
Note also that I've just been told all contributors going forward
must sign the OCA, even folks who are on the EG and therefore
presumably have already signed. There's a list of OCA signers at
http://www.oracle.com/technetwork/community/oca-486395.html, and if
you're not on the list I'm not supposed to allow commits. There are
few people who are EG members or listed as Contributors on the
JCP.org web site who aren't on the list (including some that have
already contributed, but that's apparently not a problem). Sigh.
Will
On 07/20/2017 03:20 PM, Rudy De
Busscher wrote:
Ok for me, but I'm not a member of the Java EE
organization. Yet? (or is that not the intention)
Rudy
--
Will Hopkins | WebLogic Security Architect | +1.781.442.0310
Oracle Application Development
35 Network Drive, Burlington, MA 01803
|
|
|
On 07/20/2017 03:58 PM, Guillermo
González de Agüero wrote:
It's best if you are a
member of the Java EE organization, because then I can add
you to the security "team" in the javaee org, but I can also
grant access to outside "collaborators".
I guess that only applies to EG members? Or contributors can
also request to join? If so, how could it be done?
It applies to anyone who wants to contribute, whether EG member or
not. It's best if you're an EG member or official Contributor (which
you are), but the real requirement to commit is that you've signed
the OCA (I think I saw that you were on the list).
Note that any github user can clone the repo and submit a pull
request (or create an issue, but not update issues).
See here for legalese
about the OCA. I'll have to check how to join the org and get back
to you; meanwhile I've invited you as a collaborator for the
security-spec repo, and will do the same for the other repos as they
migrate.
Note that I'm planning to manage access a little
differently, by allowing write access for all contributors
-- so people can create branches, update issues, etc., for
all repos -- but protect the master branch, at least for
spec and api -- so that I can do change control when needed.
Note also that I've just been told all contributors going
forward must sign the OCA, even folks who are on the EG and
therefore presumably have already signed. There's a list of
OCA signers at http://www.oracle.com/technetwork/community/oca-486395.html,
and if you're not on the list I'm not supposed to allow
commits. There are few people who are EG members or listed
as Contributors on the JCP.org web site who aren't on the
list (including some that have already contributed, but
that's apparently not a problem). Sigh.
Will
On
07/20/2017 03:20 PM, Rudy De Busscher wrote:
Ok for me, but I'm not a member of the Java
EE organization. Yet? (or is that not the intention)
Rudy
--
Will Hopkins | WebLogic Security Architect | +1.781.442.0310
Oracle Application Development
35 Network Drive, Burlington, MA 01803
--
Will Hopkins | WebLogic Security Architect | +1.781.442.0310
Oracle Application Development
35 Network Drive, Burlington, MA 01803
|
|
|
Guillermo González de Agüero
Thanks for the invite. I've accepted it but now you've granted be push access to the repository! So I can now modify files directly without sending a PR which is not what you were trying to do I guess :)
I think everybody can make PRs despite not being an organization member. Or are there special restrictions in place here?
PS: Yes, I already signed the OCA. Arjan pointed me on that directiom at that time.
Regards,
Guillermo González de Agüero
On 07/20/2017 03:58 PM, Guillermo
González de Agüero wrote:
It's best if you are a
member of the Java EE organization, because then I can add
you to the security "team" in the javaee org, but I can also
grant access to outside "collaborators".
I guess that only applies to EG members? Or contributors can
also request to join? If so, how could it be done?
It applies to anyone who wants to contribute, whether EG member or
not. It's best if you're an EG member or official Contributor (which
you are), but the real requirement to commit is that you've signed
the OCA (I think I saw that you were on the list).
Note that any github user can clone the repo and submit a pull
request (or create an issue, but not update issues).
See here for legalese
about the OCA. I'll have to check how to join the org and get back
to you; meanwhile I've invited you as a collaborator for the
security-spec repo, and will do the same for the other repos as they
migrate.
Note that I'm planning to manage access a little
differently, by allowing write access for all contributors
-- so people can create branches, update issues, etc., for
all repos -- but protect the master branch, at least for
spec and api -- so that I can do change control when needed.
Note also that I've just been told all contributors going
forward must sign the OCA, even folks who are on the EG and
therefore presumably have already signed. There's a list of
OCA signers at http://www.oracle.com/technetwork/community/oca-486395.html,
and if you're not on the list I'm not supposed to allow
commits. There are few people who are EG members or listed
as Contributors on the JCP.org web site who aren't on the
list (including some that have already contributed, but
that's apparently not a problem). Sigh.
Will
On
07/20/2017 03:20 PM, Rudy De Busscher wrote:
Ok for me, but I'm not a member of the Java
EE organization. Yet? (or is that not the intention)
Rudy
--
Will Hopkins | WebLogic Security Architect | +1.781.442.0310
Oracle Application Development
35 Network Drive, Burlington, MA 01803
--
Will Hopkins | WebLogic Security Architect | +1.781.442.0310
Oracle Application Development
35 Network Drive, Burlington, MA 01803
|
|
|
I think you'll find that you can't push to master, but write access
is necessary if you want to update issues or create branches.
Hopefully we'll all continue to be prudent w.r.t. using PR's. ;-)
On 07/20/2017 04:17 PM, Guillermo
González de Agüero wrote:
Thanks
for the invite. I've accepted it but now you've granted be push
access to the repository! So I can now modify files directly
without sending a PR which is not what you were trying to do I
guess :)
I think everybody can make PRs despite not being an
organization member. Or are there special restrictions in place
here?
PS: Yes, I already signed the OCA. Arjan pointed me on that
directiom at that time.
Regards,
Guillermo González de Agüero
On
07/20/2017 03:58 PM, Guillermo González de Agüero
wrote:
It's best
if you are a member of the Java EE
organization, because then I can add you to
the security "team" in the javaee org, but I
can also grant access to outside
"collaborators".
I guess that only applies to EG members? Or
contributors can also request to join? If so, how
could it be done?
It applies to
anyone who wants to contribute, whether EG member or
not. It's best if you're an EG member or official
Contributor (which you are), but the real requirement
to commit is that you've signed the OCA (I think I saw
that you were on the list).
Note that any github user can clone the repo and
submit a pull request (or create an issue, but not
update issues).
See here for
legalese about the OCA. I'll have to check how to join
the org and get back to you; meanwhile I've invited
you as a collaborator for the security-spec repo, and
will do the same for the other repos as they migrate.
Note that I'm planning to manage access a
little differently, by allowing write access
for all contributors -- so people can create
branches, update issues, etc., for all repos
-- but protect the master branch, at least for
spec and api -- so that I can do change
control when needed.
Note also that I've just been told all
contributors going forward must sign the OCA,
even folks who are on the EG and therefore
presumably have already signed. There's a list
of OCA signers at http://www.oracle.com/technetwork/community/oca-486395.html,
and if you're not on the list I'm not supposed
to allow commits. There are few people who are
EG members or listed as Contributors on the
JCP.org web site who aren't on the list
(including some that have already contributed,
but that's apparently not a problem). Sigh.
Will
On
07/20/2017 03:20 PM, Rudy De Busscher wrote:
Ok for me, but I'm not a
member of the Java EE organization. Yet?
(or is that not the intention)
Rudy
--
Will Hopkins | WebLogic Security Architect | +1.781.442.0310
Oracle Application Development
35 Network Drive, Burlington, MA 01803
--
Will Hopkins | WebLogic Security Architect | +1.781.442.0310
Oracle Application Development
35 Network Drive, Burlington, MA 01803
--
Will Hopkins | WebLogic Security Architect | +1.781.442.0310
Oracle Application Development
35 Network Drive, Burlington, MA 01803
|
|
|
Arjan Tijms
On Thu, Jul 20, 2017 at 12:49 pm, Will Hopkins wrote:
Can you merge them onto a branch in the repository? If so, they'll be carried over when the repository moves.
I merged the Soteria PR into a new branch ("hashalgorithm"), but I don't have write access for https://github.com/javaee-security-spec/security-api and can't create a new branch there. Kind regards, Arjan Tijms
|
|
|
OK, thanks. I'll merge that one, possibly onto a different branch.
It's pretty close to what I'd propose, but I don't want to check
anything onto master just yet.
On 07/20/2017 05:37 PM, Arjan Tijms
wrote:
On Thu, Jul 20,
2017 at 12:49 pm, Will Hopkins wrote:
Can you merge them onto a branch in the repository? If
so, they'll be carried over when the repository moves.
I merged the Soteria PR into a new branch ("hashalgorithm"), but I
don't have write access for https://github.com/javaee-security-spec/security-api
and can't create a new branch there.
Kind regards,
Arjan Tijms
--
Will Hopkins | WebLogic Security Architect | +1.781.442.0310
Oracle Application Development
35 Network Drive, Burlington, MA 01803
|
|
|
