update policy #9
Comments
|
Yeah, we can elaborate on process a bit. I'll be honest, before recently the process around here wasn't always followed perfectly because of a lack of resources, but now that I'm full-time on Python HTTP projects certifi's state of affairs should get a bit better. The high-level features are:
Beyond that, we get notified using a tool called The goal is to refresh the bundle fairly swiftly after Mozilla changes it. That doesn't always happen, but it usually does, and we're getting better all the time. |
|
OK, thanks for the information :) I am working on a script that regenerate automatically the erlang bundle. However I wonder if we couldn't generalize that to all projects as a policy. Or at least regenerating the website to tell which package is outdated. Thoughts? |
|
@benoitc It generalises pretty easily. The really stupid one I wrote for Python is here: https://github.com/certifi/certifi-prompt. Its principle is basically to do a diff of the file produced by It would be helpful if each project had essentially a Makefile that would apply a new update correctly: that way, admins can easily update all projects if needed. |
|
@Lukasa this is what I did in erlang-certifi: https://github.com/certifi/erlang-certifi/blob/master/Makefile Running the Makefile will regenerate the source. |
|
@benoitc That looks reasonable to me. =) I'll work on having a better notification service put in place (the most general I can think of at this time is email, which is less than ideal, but might work). |
There is no clear description on how the certificate bundle are currently built and the update cycle of it.
Imo we should define the following:
There is a running discussion on erlang/rebar3#789 about these topics. Answering to them would expand the adoption of certifi.
The text was updated successfully, but these errors were encountered: