[Framework-Team] [Plone-developers] Plone framework team meeting minutes, May 8

Elizabeth Leddy elizabeth.leddy at gmail.com
Wed May 9 21:24:34 UTC 2012


On May 8, 2012, at 4:36 PM, David Glick wrote:

> On 5/8/12 3:34 PM, Dylan Jay wrote:
>> Hi,
>> 
>> I noticed https://dev.plone.org/ticket/10959 has now been dropped from
>> your list. It's implemented but I need to know if its worth the effort
>> in finishing the last remaining test failures. I've asked advice on if
>> the FWT wants the implementation or not (see last comment 9 days ago).
>> Is this the advice?
>> BTW This PLIP has been open almost 2 years. I'd like see some kind of
>> resolution to password validation in plone.
>> 
>> 
> Hey Dylan. I'm sorry we've been dropping the ball on your PLIP since Ross stepped down from being its champion. (In the case of today's meeting, we accidentally overlooked a section of our spreadsheet which included this PLIP.)
> 
> I just familiarized myself with the code, past reviews and conversation, and my personal feeling is that this is a good change and while there are reasonable concerns raised in the reviews, we shouldn't let the perfect be the enemy of the good.
> 
> To touch on some of the specific items that were outstanding in the reviews:
> * Yiorgis raised the issue of the initial generated password not necessarily being compliant with the validation, but you pointed out that this is not a problem because the user never sees the initial password. That makes sense to me, so I think this concern is resolved.
> * Yiorgis and Ross both raised concerns about whether the PAS API should be extended (to support limits on password age, say, or to support providing more specific help text for the password field on a registration form). I agree these are ideas worth considering, but they are outside the scope of this PLIP (which is just a tiny change in Plone to make use of the existing PAS API), orthogonal to it, and should not be blockers.
> * Ross said he hadn't tested to make sure the validation is applied during the password reset process. Can you or someone else please verify that this works?
> * Ross mentioned a test failure in CMFPlone (testGeneratePassword). This looks trivial to fix if it hasn't been already so we can handle it during merge.
> * Vincent brought up an i18n concern at https://github.com/plone/plone.app.users/pull/2/files#L1R250 which looks valid to me. Can you fix that?
> * I think you still need to add an upgrade step to plone.app.upgrade to install the plugin for upgraded sites.
> 

For me, the test case and upgrade steps should definitely be handled. I'm more concerned about the documentation as a test case than anything (I can't find it anymore actually...). I *think* this should be in the community dev manual.

Liz




> Any opinions from the rest of you FWT folks?  This seems like too much of an easy win to me to let it drag out longer.
> David
> 
> 
> ----------		
> David Glick
> Web Developer
> davidglick at groundwire.org
> 206.286.1235x32
> 
> Are you engaging? Find out! Use our free engagement benchmarking tool.
> 
> http://groundwire.org/labs/engagement-strategy/diy-benchmarking-survey
> 
> 
> _______________________________________________
> Framework-Team mailing list
> Framework-Team at lists.plone.org
> https://lists.plone.org/mailman/listinfo/plone-framework-team



More information about the Framework-Team mailing list