[security-dev] PicketLink3 and Apache Deltaspike Dependencies

Pete Muir pmuir at redhat.com
Fri Feb 15 06:49:45 EST 2013 

Does this commit cover everything, or did you need more?

https://github.com/picketlink/picketlink/commit/2a9d1894dc1e15320d227377c2dd3372651377c0

Particularly the config stuff and project stage stuff I would expect us to be able remove the need for.

On 15 Feb 2013, at 04:34, Jason Porter wrote:

> It may not be the best option, but we should probably stick with v0.3 for now. 
> 
> Sent from my iPhone
> 
> On Feb 14, 2013, at 18:31, Anil Saldhana <asaldhan at redhat.com> wrote:
> 
>> Nothing needed.
>> 
>> On Feb 14, 2013, at 6:47 PM, Jason Porter <lightguard.jp at gmail.com> wrote:
>> 
>>> Is there anything in v0.4 you need, or can you simply get by with v0.3
>>> 
>>> Sent from my iPhone
>>> 
>>> On Feb 14, 2013, at 17:29, Anil Saldhana <Anil.Saldhana at redhat.com> wrote:
>>> 
>>>> Scratch this plan.  Shane and I determined that this is larger than we
>>>> originally thought -> lots of DS classes need to be forked.
>>>> 
>>>> 
>>>> On 02/13/2013 10:25 AM, Anil Saldhana wrote:
>>>>> Hi all,
>>>>> PicketLink3 is on the final stretch of release cycles.  One of the
>>>>> concerns I have had is the Apache Deltaspike dependency which is some
>>>>> type of incubating snapshot. Since there are very few Deltaspike classes
>>>>> (3-5 in number) that we depend on, the following strategy should work:
>>>>> - Copy the source files (Retaining Apache Headers) as it is from Apache
>>>>> Deltaspike to a PicketLink namespace such as : org.picketlink.deltaspike.*
>>>>> - Remove the Apache Deltaspike dependency.
>>>>> 
>>>>> In few months, when Apache Deltaspike has proper releases, we can remove
>>>>> the PicketLink Deltaspike forked classes and bring back the Apache
>>>>> Deltaspike dependency back.  I do not think PicketLink users will
>>>>> directly code to DS classes.
>>>>> 
>>>>> I ran this with Pete Muir, Shane and Jason Porter and they all agreed
>>>>> that this is a good strategy (I did refine the strategy based on Shane's
>>>>> comments).
>>>>> 
>>>>> Regards,
>>>>> Anil
>>>> _______________________________________________
>>>> security-dev mailing list
>>>> security-dev at lists.jboss.org
>>>> https://lists.jboss.org/mailman/listinfo/security-dev
>>> _______________________________________________
>>> security-dev mailing list
>>> security-dev at lists.jboss.org
>>> https://lists.jboss.org/mailman/listinfo/security-dev
> 
> _______________________________________________
> security-dev mailing list
> security-dev at lists.jboss.org
> https://lists.jboss.org/mailman/listinfo/security-dev

More information about the security-dev mailing list