[Python-Dev] Network Security Backport Status

[Nick Coghlan]

On 1 Jul 2014 11:28, "Alex Gaynor" <alex.gaynor at gmail.com> wrote:
>
> I've come up with a new approach, which I believe is most likely to be
> successful, but I'll need help to implement it.
>
> The idea is to find the most recent commit which is a parent of both the
> ``2.7`` and ``default`` branches. Then take every single change to an
``ssl``
> related file on the ``default`` branch, and attempt to replay it on the
``2.7``
> branch. Require manual review on each commit to make sure it compiles,
and to
> ensure it doesn't make any backwards incompatible changes.
>
> I think this provides the most iterative and guided approach to getting
this
> done.

Sounds promising, although it may still have some challenges if the SSL
code depends on earlier changes to other code.

> I can do all the work of reviewing each commit, but I need some help from
a
> mercurial expert to automate the cherry-picking/rebasing of every single
> commit.
>
> What do folks think? Does this approach make sense? Anyone willing to
help with
> the mercurial scripting?

For the Mercurial part, it's probably worth posing that as a Stack Overflow
question:

Given two named branches in http://hg.python.org  (default and 2.7) and 4
files (Python module, C module, tests, docs):
- find the common ancestor
- find all the commits affecting those files on default & graft them to 2.7
(with a chance to test and edit each one first)

It's just a better environment for asking & answering that kind of question
:)

Cheers,
Nick.

>
> Cheers,
> Alex
>
> _______________________________________________
> Python-Dev mailing list
> Python-Dev at python.org
> https://mail.python.org/mailman/listinfo/python-dev
> Unsubscribe:
https://mail.python.org/mailman/options/python-dev/ncoghlan%40gmail.com
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://mail.python.org/pipermail/python-dev/attachments/20140701/57080973/attachment.html>