On Mon, May 1, 2017 at 10:54 PM, Julian Foad <julianfoad_at_apache.org> wrote:
> Just asking...
>
> As I understand it, we paused the issuing of 1.10 alpha releases because we
> considered that the final 1.10 release will need to address the SHA1
> collision issue otherwise it won't be considered a viable release.
>
> It seemed reasonable to pause for a bit while the SHA1 issue was worked on,
> and Stefan2 has done some work on that. But currently it seems that there is
> nobody doing any further work on it.
>
> We could continue waiting, or maybe now we should resume the alpha testing
> of the new features (conflict resolution), and let the SHA1 work be fixed as
> and when someone is motivated to do so (before or after 1.10). It seems to
> me that sometimes in open source we need to get on with doing what we can
> do, and just trust that someone else will do the rest.
>
> Thoughts?
+1.
I think this "pause-for-sha1-fixes" has now taken more than long
enough. We should try gathering our focus again on releasing 1.10, and
get the improvements it brings in the hands of users.
--
Johan
Received on 2017-05-01 23:58:27 CEST