Stuff I've been working on
I’ve just (finally) set up the auto unit test run, PerlCritic and release build for the Release01x00 branch, and fixed the trunk builder.
Foswiki trunk gets built every 6 hours, and Release01x00 every 12 (based on my Sydney TZ).
If the unit tests fail, and email will be sent to the foswiki-discuss mailing list – no news is good news. See the build output areas:
where you will find the output log files, the built tar.gz and zip files and each of the component packages that make up a release.
I created the FamFamFamContrib Icons package for T(m)wiki and Foswiki a year or three ago, and now have added a FugueIconsContrib package today – containing the fabulous iconset by Yusuke Kamiyamane.
Now we have 2 possible icon sets to replace the very odd and aging DocumentGraphics topic – the only thing holding us back is a mapping from the old %ICON{}% names to new.
I’ll dig up the work I did last year some time and see if we can finish it 🙂
I was just asked on IRC how to protect some attachments without forcing all requested attachments to go through the viewfile cgi script (as that causes your foswiki images and css to load incredibly slowly), and here’s the howto I answered with:
I was just asked on IRC how to protect some attachments without forcing all requested attachments to go through the viewfile cgi script (as that causes your foswiki images and css to load incredibly slowly), and here’s the howto I answered with:
I coded foswiki 1.0’s viewfile script to work as an apache ErrorDocument, so If you can find a way to trigger a 404 or 401 error, you can get apache to run viewfile –
ErrorDocument 404 /foswiki/bin/viewfile ErrorDocument 401 /foswiki/bin/viewfile
If you place your pub dir somewhere outside where apache serves files and then softlink the non-protected webs into apache’s path (so it serves them full speed), then the secured webs will generate a 404, triggering the viewfile ErrorDocument – which will thus serve the file only to authenticated users
This will work irrespective of the authentication choices in your foswiki setup – and as the files that require securing are outside apache’s file serving areas, can be considered as secure as possible.
As an added bonus, any request to a file that does not exist will show a foswiki error page, rather than a static html.
I’ve been working on expanding the use of Foswiki Applications and in the process began to build (using TML) a much more usable user interface for configuring and managing your Foswiki.
So – to the picture show 🙂
Many of these features already do work in Foswiki 1.0.4 – by installing FoswikiApplications Contrib, but they are a work in progress – and getting more advanced every week.
Foswiki 1.0.4 has been released with more than 100 bug fixes and some small enhancements. Upgrading is highly recommended. If you did not upgrade from TWiki yet, now is a good time as Foswiki 1.0.4 fixes more around 300 bugs relative to TWiki 4.2.4.
Grab it now from : http://foswiki.org/Download/WebHome – the straight and upgrade archives, OSX installer and my Windows Installers are here.
My debian package repository now spans Foswiki 1.0.4 and 168 Foswiki extensions – its never been easier to install 🙂
see http://fosiki.com/Foswiki_debian
Over the 4 months of our project’s existence, 33 developers have been involved in making ~3000 commits – next up, the future !
I’ve set up a debian repository that you can help test the release package before it gets uploaded into debian proper.
To try it out, add the following to your /etc/apt/sources.list
deb http://fosiki.com/Foswiki_debian/ stable main contrib
deb-src http://fosiki.com/Foswiki_debian/ stable main contrib
and then run
gpg --keyserver the.earth.li --recv-keys 379393E0AAEE96F6
apt-key add /root/.gnupg/pubring.gpg
OR (if theearth.li doesn’t work for you)
wget http://fosiki.com/Foswiki_debian/FoswikiReleaseGpgKey.asc
apt-key add FoswikiReleaseGpgKey.asc
apt-get update
apt-get install apache2 foswiki
This repository contains about 281 (Apr2011) foswiki-extensions – auto updated nightly direct from foswiki.org. The packages have as many dependencies as I was able to coerce my build scripts to work out – but there is more work needed.
In just 10 weeks, the Foswiki project has re-built the project infrastructure, fixed an additional 100 bugs over and beyond those we fixed in the TWiki source repository before the fork, moved to a new web application architecture (FSA) and undertaken a detailed security audit, fixing at their roots a large number of potential exploits.
Windows installer, Debian packages including Extensions, OSX installer, Virtual machine.
In just 10 weeks, the Foswiki project has re-built the project infrastructure, fixed an additional 100 bugs over and beyond those we fixed in the TWiki source repository before the fork, moved to a new web application architecture (FSA) and undertaken a detailed security audit, fixing at their roots a large number of potential exploits.
Additionally, we already have the following easy installers:
So given the over 1800 commits in 10 weeks, a release, and much much more, It seems to me that Foswiki is a success..
Yesterday I uploaded the first Foswiki Installer for windows to Foswiki Downloads. It will install Apache 2.2 (if you don’t already have it) and Strawberry Perl and then configure and install Foswiki v1.0.0 beta 3.
On the 26th of December 2008, Kenneth built Foswiki v1.0 Beta 1, and then Foswiki v1.0 Beta 2 on the 28th. Since then we’ve been busy testing and fixing things that are side effects of the Secure by default policy we’ve instigated.
I’ll be releaseing a Windows installer using Apache 2.2 and Strawberry Perl when Beta 3 is released – we’re still working through some Windows oddities.
its pretty amazing what has been achieved in the 2 months since the project forked.
Happy new year, and a happy new Data Wiki release.
In a clear example of TWiki.NET’s new no-testing policy [1], Their star worker has yesterday un-necessarily uploaded over 300 plugins from the wrong branch in Subversion.
Rather than testing each contrib before uploading, as has been the policy on TWiki.org since the Plugins web was created, TWiki.org is now full of buggy, outdated or just plain wrong packages. The only stable option they have is to revert the uploads using rcs – as many plugins are either not up to date in subversion, or worse, are works in progress in Subversion.
Adding that to the latest TWiki 4.2.4 release, which was released with failing unit tests, and some very dubious changes:
we have already submitted to them an updated exploit that is present in 4.2.4 for the CVE-2008-5304 XSS exploit
– presumably they will release 4.2.5 in the next week?
Its a pretty sad time for those of us with users on TWiki (as Foswiki hasn’t released yet), but it has certainly spurred us along, now we need it more than we ever expected.
[1] Tom Barton: issues … impeding progress: an excessively rigorous approach to testing that actually inhibited less experienced developers from contributing code; …