[reportlab-users] Development practices

[William Dode]

"Andy Robinson" <andy@reportlab.com> writes:

>> For what i understand, with arch you don't need to give write access to
>> external groups, they make their own branch alone, and it's up to the
>> manager to read them (or not) when he want to take their patchs. So,
>> everybody can work on the project, security is not in the same place.
>
> That's the problem.  We can't commit to a manager making the time
> available.  

There is a "patch queue manager" for this now, writen in python :-)
http://web.verbum.org/arch-pqm/


But this kind of tools are maybe too young, i don't know.

> We want to let several trusted user group members commit
> to core algorithms, and a much wider group commit to docs and
> examples - but prevent any of those people seeing other stuff
> in our repositories which relates to corporate customer projects.
> On the other hand, we often do a release of Project X for Customer Y
> which depends on very specific tags of the open source code.  So
> having them all in one repository and one issue tracking system
> makes life much, much easier.
>
> Again, Mr. Wheeler has a good essay stating the issues quite well.
>     http://www.dwheeler.com/essays/scm-security.html
> The nice thing about subversion is that it can delegate all this to
> the well known Apache model.

When you'll use it, you'll say us if it fit all your needs.

>
> But thanks for making me research it a bit harder. Any other SCM systems
> we should look at? :-)

There are a lot ! but sadly, they seems to don't want to work
together... It was a time when arch and subversion wanted to share the
underlying structure, it would save us a lot of time !

bye

-- 
William Dode