-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA512
I'm pleased to announce txtorcon 22.0.0. This fixes some broken infrastructure.
* Use GitHub Actions (not Travis)
* Update method to upload coverage to coveralls
You can download the release from PyPI or GitHub (or of
course "pip install txtorcon"):
https://pypi.python.org/pypi/txtorcon/22.0.0https://github.com/meejah/txtorcon/releases/tag/v22.0.0
Releases are also available from the hidden service:
http://…
[View More]fjblvrw2jrxnhtg67qpbzi45r7ofojaoo3orzykesly2j3c2m3htapid.onion/txtor…http://fjblvrw2jrxnhtg67qpbzi45r7ofojaoo3orzykesly2j3c2m3htapid.onion/txtor…
You can verify the sha256sum of both by running the following 4 lines
in a shell wherever you have the files downloaded:
cat <<EOF | sha256sum --check
89a1b65e32a4b369d67e6c166387fbc468cc5d05227448d239a5e7e9718aa053 dist/txtorcon-22.0.0.tar.gz
824b5df1977bedabfc1c49c9523b8fa1b7cff11d6fee78015df1ce133685779c dist/txtorcon-22.0.0-py2.py3-none-any.whl
EOF
thanks,
meejah
-----BEGIN PGP SIGNATURE-----
iQFFBAEBCgAvFiEEnVor1WiOy4id680/wmAoAxKAaacFAmIyVzMRHG1lZWphaEBt
ZWVqYWguY2EACgkQwmAoAxKAaaeNYQf/XBYfAvqqvT/jU+z8EUwgj0EJbFusNAls
8W37RE8fRkxTCYBOnfmK2IlQouHLBVgjzS2H0ZGyAzczxZb/kfY7uRbAm7N63eMx
rc7urZtDeHS4K7+cUPf03KlqYdKmbIGEezPVQSNRT1/UZ/kTB6CxMqteyXxfYkvY
+pkfIvOJ49Yw6KuMt+iWKRNnfVsMNYX+gV6PNYBHoWGRTWxANReaXRSowe+5Cgus
4O51I3+1QH1slLIH77Dvpktmqka+Fbs3mDWm1ICzf4rB0z+aJRxt7xYjNnhaLCPQ
5xeY1IdmmJAxg/WouMQh1Kus8eEWgIhFLeigPN+ABwt2VziL1lL8XQ==
=HKmX
-----END PGP SIGNATURE-----
[View Less]
Hello all,
I think it would be lovely if trial caught up to the last decade of
advances in coverage measurement technology. I *think* this means
integrating with coverage.py <https://pypi.org/project/coverage> - probably
the hands-down leader in Python coverage technology for at least the last
10 years, if not more - instead of the stdlib "trace" module which is ...
something else. Or maybe there's an even better option out there somewhere
- it would be amazing if all of the trial-…
[View More]based test suites out there got
*whatever* the best current option is - why should ever project have to
figure this out for itself?
When was the last time anyone ran trial --coverage on purpose? Did they
realize they were choosing the bad option?
I know that you can hack around this situation roughly like this:
python -m coverage run -m twisted.trial ...
but this has some shortcomings.
1. If trial --coverage exists shouldn't it be the *good* option?
2. python -m coverage run -m twisted.trial -jN ... is a bad time. How
about some coverage measurement that's multi-core friendly? It's a
*real* drag going from a 30 second no-coverage test run using 16 cores
to a 15 minute coverage-measuring run on a single core.
Does anyone agree that this is something short of an ideal situation? Is
anyone interested in helping address it?
Jean-Paul
[View Less]
Hi,
This is a briefing with the current small issues that we have with the
release process,
as asked by Glyph.
If you can help, answer here, or better, try to hangout over Matrix / Gitter [1]
The current release process is documented here
https://docs.twistedmatrix.com/en/latest/core/development/policy/release-pr…
-------------
The release process asked for a tag with the name like
`twisted-22.2.4` to be created via the GitHub Release UI.
But it looks like the GitHub UI no longer thinks …
[View More]that this is a valid tag name.
I got an error and to work around this I have manually created the
tag...and then GitHub was happy.
Not sure if it is a bug in GitHub... or maybe better change the tag
convention to `v22.2.4` or something like that.
----------
The CI release branch for the release branch is most of the time red
due to towncrier who
fails if there are no fragments for a branch, but the release branch
should have no fragments.
Basically, the release branch should be red if newsfragments are present.
This behaviour was improved in the latest towncrier version.
So if someone has time, it would help to start using the new towncrier version.
PR welcomed.
I can help with the review
------------
The current release process has little info about how to handle
security issues and GitHub security advisories.
I guess that security advisories are related to the release process,
so this should be documented in the same place.
For the last releases, we did ad-hoc and trial and error management
for the GitHub security advisories.
If anyone has time, it would help to update the current release
documentation to cover this aspect.
There were suggestion over the chat of doing something similar to
Django or OpenSSL, but I think that we need something simple, suitable
for the level of development resources
currently available to Twisted.
-------------
Not 100% related with the release... but somehow related.
We are using an older version of pydoctor to generate the api documentation
There is a never version of pydoctor with a lot of improvements,
including a read the docs theme, that should help integrate the API
docs with the narrative docs.
[1] https://gitter.im/twisted/twisted
--
Adi Roiban
[View Less]
Hi
On behalf of the Twisted contributors I announce the final release of
Twisted 22.2.0
This is a bugfix release.
The main bug is:
- CVE-2022-21716 twisted.conch.ssh.transport.SSHTransportBase now
disconnects the remote peer if the
SSH version string is not sent in the first 4096 bytes. [1]
No new features were introduced in this release.
Release documentation is available at
https://docs.twistedmatrix.com/en/twisted-22.2.0/
Wheels for the release candidate are available on PyPI
…
[View More]https://pypi.org/project/Twisted/22.2.0/
python -m pip install Twisted==22.2.0
Please use it and report any issues.
Many thanks to everyone who had a part in Twisted development,
the supporters of the Twisted Software Foundation,
the developers, and all the people testing and building great things
with Twisted!
Slava Ukraini!
[1] https://github.com/twisted/twisted/security/advisories/GHSA-rv6r-3f5q-9rgx
--
Adi Roiban
[View Less]
I am plannig to upgrade twisted's buildbot in the near future. In
preperation for that, I am going to take down the production buildbot
on Tuesday, June 26, around 1600 UTC[1].
During that time, the result of any builds done will be lost. Thus, I'd
ask that people avoid committing to trunk during that time.
I will send a reminder before I take down the buildbot both here, and on
#twisted and #twisted-dev.
Tom
[1] http://timeanddate.com/worldclock/meetingtime.html?iso=20120626&p1=80&p2=22…
On behalf of the Twisted contributors I announce the release candidate
of Twisted 22.2.0
This is mainly a security bugfix release for conch SSH protocol.
This is also officially the last version with support for Python 3.6
The release and NEWS file is available for review at
https://github.com/twisted/twisted/pull/1695/files
Release candidate documentation is available at
https://twisted--1695.org.readthedocs.build/en/1695/
Wheels for the release candidate are available on PyPI
…
[View More]https://pypi.org/project/Twisted/22.2.0rc1/
python -m pip install Twisted==22.2.0rc1
Please test it and report any issues.
If nothing comes up in one week,
22.2.0 will be released based on the latest release candidate.
Many thanks to everyone who had a part in Twisted development,
the supporters of the Twisted Software Foundation,
the developers, and all the people testing and building great things
with Twisted!
--
Adi Roiban
[View Less]