Tuesday, 2016-01-26

« Monday, 2016-01-25 Index Wednesday, 2016-01-27 »
*** jhfeng has quit IRC00:01
brownetmcpeak: yep, i'm here00:12
tmcpeakbrowne: hmm, nevermind (sorry) am trying to come up with a good way to get a Bandit version released with this .bandit feature that won't move backwards in current functionality00:16
tmcpeakseems like blacklist doesn't allow selective enabling/disabling right now which is a regression00:16
browneok np00:16
*** salv-orl_ has quit IRC00:17
tmcpeakwas debating the merits of maybe going to 0.17.0, cherry picking .bandit change, and rolling a 0.17.1 from that, but let me see how far Tim is from getting selective blacklist running first00:17
brownei'm fine wth a 0.17.100:17
browneor a 0.1800:17
tmcpeakthe only strange part about it would be that it's literally just 0.17.0 with the .bandit change, so we'd be leaving off all other new changes00:18
tmcpeakor maybe 0.17.0 + docs and other non-functionality modifying stuff00:18
browneoh i see00:18
tmcpeakwe haven't really done that before00:18
tmcpeakwe also haven't really been in a halfway state before, but we're trying to do a bunch of big stuff to get config fixed, so I dunno00:18
browneso the 0.17.1 to avoid a breaking change?00:18
brownein any case, any newer version would get picked up by all other projects00:19
*** jmckind has joined #openstack-security00:20
tmcpeakbrowne: right, so basically the 0.17.1 is exactly what's on PyPI now with that one piece of new non-breaking functionality00:21
tmcpeakis that janky or reasonable? or somewhere in between00:21
brownei think that might be fine, but let's get input from the other cores00:22
tmcpeakok cool, sounds like a plan00:22
*** jmckind_ has quit IRC00:23
*** jmckind_ has joined #openstack-security00:25
*** jmckind has quit IRC00:28
*** tmcpeak has quit IRC00:29
*** yuanying has joined #openstack-security01:10
*** yuanying_ has quit IRC01:11
*** salv-orlando has joined #openstack-security01:17
*** salv-orlando has quit IRC01:20
*** bpokorny has quit IRC01:38
*** austin987 has quit IRC01:41
*** austin987 has joined #openstack-security01:53
*** salv-orlando has joined #openstack-security01:54
*** salv-orlando has quit IRC01:59
*** yuanying has quit IRC02:00
*** yuanying has joined #openstack-security02:03
*** salv-orlando has joined #openstack-security02:19
*** yuanying has quit IRC02:25
*** salv-orlando has quit IRC02:27
*** yuanying has joined #openstack-security02:27
*** salv-orlando has joined #openstack-security02:41
*** salv-orlando has quit IRC02:48
*** superflyy has joined #openstack-security02:50
*** jmckind has joined #openstack-security03:04
*** jmckind_ has quit IRC03:07
*** jmckind_ has joined #openstack-security03:10
*** jmckind has quit IRC03:13
*** browne has quit IRC03:15
*** yuanying_ has joined #openstack-security03:19
*** yuanyin__ has joined #openstack-security03:20
*** yuanying has quit IRC03:22
*** yuanying_ has quit IRC03:23
*** yuanyin__ has quit IRC03:29
*** yuanying has joined #openstack-security03:29
*** ccneill has quit IRC03:44
*** yuanying has quit IRC03:57
*** yuanying has joined #openstack-security03:58
*** superflyy has quit IRC04:01
*** yuanying has quit IRC04:02
*** browne has joined #openstack-security04:05
*** yuanying has joined #openstack-security04:08
*** dave-mccowan has quit IRC04:50
*** redrobot has left #openstack-security06:26
*** redrobot has joined #openstack-security06:27
*** salv-orlando has joined #openstack-security06:38
*** austin987 has quit IRC06:39
*** austin987 has joined #openstack-security06:41
*** salv-orlando has quit IRC06:42
*** rcernin has joined #openstack-security06:53
*** salv-orlando has joined #openstack-security06:56
*** jmckind_ has quit IRC06:58
*** salv-orlando has quit IRC07:46
*** liverpooler has joined #openstack-security07:54
*** austin987 has quit IRC08:06
*** austin987 has joined #openstack-security08:10
*** salv-orlando has joined #openstack-security08:47
*** salv-orlando has quit IRC09:01
*** salv-orlando has joined #openstack-security09:03
*** browne has quit IRC09:14
*** markvoelker has quit IRC09:23
*** salv-orl_ has joined #openstack-security10:06
*** salv-orlando has quit IRC10:08
*** jamielennox is now known as jamielennox|away10:15
*** markvoelker has joined #openstack-security10:23
*** jamielennox|away is now known as jamielennox10:25
*** markvoelker has quit IRC10:28
*** salv-orl_ has quit IRC10:45
*** salv-orlando has joined #openstack-security11:01
openstackgerritOpenStack Proposal Bot proposed openstack/security-doc: Updated from openstack-manuals  https://review.openstack.org/27248611:45
openstackgerritMerged openstack/security-doc: Updated from openstack-manuals  https://review.openstack.org/27248611:54
*** backendbeemo has joined #openstack-security11:57
*** backendbeemo has left #openstack-security11:57
*** salv-orlando has quit IRC12:11
*** salv-orlando has joined #openstack-security12:13
*** backendbeemo has joined #openstack-security12:16
*** backendbeemo has left #openstack-security12:16
*** markvoelker has joined #openstack-security12:25
*** markvoelker has quit IRC12:29
*** salv-orlando has quit IRC12:57
openstackgerritTim Kelsey proposed openstack/bandit: This permits blacklist data to be filtered by ID  https://review.openstack.org/27252013:15
*** edmondsw has joined #openstack-security13:18
*** markvoelker has joined #openstack-security13:25
*** markvoelker has quit IRC13:28
*** markvoelker has joined #openstack-security13:28
*** dave-mccowan has joined #openstack-security13:35
*** ninag has joined #openstack-security13:42
*** salv-orlando has joined #openstack-security13:58
*** salv-orlando has quit IRC14:03
openstackgerritTim Kelsey proposed openstack/bandit: This permits blacklist data to be filtered by ID  https://review.openstack.org/27252014:05
openstackgerritTim Kelsey proposed openstack/bandit: This permits blacklist data to be filtered by ID  https://review.openstack.org/27252014:17
*** yarkot has quit IRC14:35
*** edtubill has joined #openstack-security14:36
openstackgerritTim Kelsey proposed openstack/bandit: This permits blacklist data to be filtered by ID  https://review.openstack.org/27252014:38
*** salv-orlando has joined #openstack-security14:54
*** salv-orlando has quit IRC14:57
*** jhfeng has joined #openstack-security15:06
*** jmckind has joined #openstack-security15:08
*** salv-orlando has joined #openstack-security15:10
*** salv-orlando has quit IRC15:11
*** sigmavirus24_awa is now known as sigmavirus2415:11
*** salv-orlando has joined #openstack-security15:11
*** tmcpeak has joined #openstack-security15:13
*** jmckind_ has joined #openstack-security15:13
*** jmckind has quit IRC15:16
*** salv-orlando has quit IRC15:34
*** salv-orlando has joined #openstack-security15:35
*** salv-orl_ has joined #openstack-security16:06
*** salv-orlando has quit IRC16:09
*** austin987 has quit IRC16:11
openstackgerritTim Kelsey proposed openstack/bandit: Old config compatibility  https://review.openstack.org/27262016:18
*** avarner has quit IRC16:20
*** austin987 has joined #openstack-security16:27
openstackgerritTim Kelsey proposed openstack/bandit: Old config compatibility  https://review.openstack.org/27262016:28
*** avarner has joined #openstack-security16:28
*** avarner_ has joined #openstack-security16:34
*** avarner__ has joined #openstack-security16:36
*** avarner has quit IRC16:36
*** avarner_ has quit IRC16:39
*** avarner has joined #openstack-security16:41
*** avarner__ has quit IRC16:43
*** diazjf has joined #openstack-security16:44
*** browne has joined #openstack-security16:44
*** cjschaef has joined #openstack-security16:58
*** ccneill has joined #openstack-security16:58
*** diazjf has quit IRC17:03
*** diazjf1 has joined #openstack-security17:03
*** bpokorny has joined #openstack-security17:06
*** tmcpeak has quit IRC17:08
*** openstackgerrit has quit IRC17:17
*** openstackgerrit has joined #openstack-security17:17
*** c00p3r has quit IRC17:28
*** c00p3r has joined #openstack-security17:34
*** hockeynut is now known as hockeynut_otr17:51
*** diazjf1 has quit IRC17:52
*** hockeynut_otr is now known as hockeynut17:52
*** sigmavirus24 is now known as sigmavirus24_awa17:59
*** hockeynut_afk has joined #openstack-security18:00
*** sigmavirus24_awa is now known as sigmavirus2418:03
*** sigmavirus24 is now known as sigmavirus24_awa18:04
*** hockeynut_afk has quit IRC18:05
*** hockeynut_otr has joined #openstack-security18:06
*** tmcpeak has joined #openstack-security18:06
*** hockeynut_otr has quit IRC18:28
*** jmckind_ has quit IRC18:46
tmcpeakbrowne: ok, after talking with Tim I think we'll go with 0.17.1 with just the new .bandit function in it18:46
tmcpeaksound reasonable?18:46
tmcpeakthere's too much in flight right now to do a half way release I think, and these teams I'm working with really need .bandit18:47
browneok sounds good18:47
tmcpeakcool18:47
tmcpeakI'm doing some sanity checking now, should be releasing very soon18:47
*** jmckind has joined #openstack-security18:48
*** avarner has quit IRC18:49
*** browne has quit IRC18:50
*** sigmavirus24_awa is now known as sigmavirus2418:57
*** diazjf has joined #openstack-security18:58
*** ninag has quit IRC18:59
*** ninag has joined #openstack-security19:02
sigmavirus24tmcpeak: semantically speaking, if we're going to support the new .bandit config file, that should be 0.18.019:13
sigmavirus24unless we were advertising support for that in 0.17.0 and that support was broken19:13
tmcpeaksigmavirus24: hmm, yeah, solid point19:13
tmcpeakhowever… I already pushed 0.17.1 :#19:14
sigmavirus24tmcpeak: oh well19:14
sigmavirus24:P19:14
sigmavirus24Don't let our release overlords know :P19:14
tmcpeaksigmavirus24: I do want to do proper numbering so I'll bounce off you next time19:14
sigmavirus24tmcpeak: also, speaking of release overlords, they want all projects (even ones they don't manage releases of) tracked in the releases repository19:14
sigmavirus24We should probably send a change (or however many) with release info for that19:14
tmcpeakwhat's that entail?19:15
* sigmavirus24 doesn't know19:15
* sigmavirus24 just saw Doug's email to [all] on -dev19:15
sigmavirus24I suspect that dhellman could answer in #openstack-release tmcpeak19:15
tmcpeakcool19:15
tmcpeakI'll read it too19:15
tmcpeakwhy isn't my annotated tag automatically causing upload of 0.17.1 to PyPI19:16
tmcpeakthat's the question of the day19:16
Ryan_Laneso, with the unreleased version of bandit, it won't run checks that don't have a test id, right?19:18
Ryan_Lanebut the older version doesn't have the decorator needed to add test ids19:18
Ryan_Lanemaybe for one version it would be a good idea to not require test ids, so that there's at least one release of compatible plugins19:19
*** ccneill has quit IRC19:19
Ryan_Laneor backport the decorator19:19
*** ninag has quit IRC19:21
*** ninag has joined #openstack-security19:21
*** ninag has quit IRC19:22
tmcpeakRyan_Lane: solid point19:22
*** ninag has joined #openstack-security19:22
tmcpeakRyan_Lane: would you mind filing that on Launchpad? I don't want that to get dropped19:22
Ryan_Laneideally backport the decorator :)19:22
Ryan_Lanesigh launchpad19:22
tmcpeakahh come on, everybody loves launchpad19:22
Ryan_LaneI can't believe you folks are _still_ using launchpad for bugs19:22
Ryan_LaneI hate logging into it so much19:22
tmcpeakwhat are you using?19:23
Ryan_Lanejira, github, phabricator (depending on the project)19:23
tmcpeakfeels speedier to me than Jira19:24
Ryan_Laneit isn't :(19:24
tmcpeakPyPI what can't I haz 0.17.1?!19:26
*** browne has joined #openstack-security19:27
Ryan_Lanethe new version that requires the test decorator is going to be 0.17.1?19:30
Ryan_Laneand the one that doesn't is 0.17.0?19:30
*** bpokorny_ has joined #openstack-security19:30
Ryan_Laneif so, it should be 0.18.0, right?19:30
*** bpokorny_ has quit IRC19:31
*** bpokorny_ has joined #openstack-security19:31
*** ccneill has joined #openstack-security19:32
tmcpeakRyan_Lane: no, 0.17.0 has been released for a long time, 0.17.1 is a specific release just to support this one feature one of the teams I work with needs, 0.18.0/1.0 are future releases19:33
tmcpeakI suspect 0.18.0 will be where we can release forward looking things19:33
Ryan_Laneah. ok. so 0.17.1 won't have the breaking change?19:33
tmcpeaklike the test ID decorator19:33
Ryan_Lanecool19:33
tmcpeakyeah, 0.17.1 doesn't have anything except this *one* .bandit feature.  No breaking changes19:34
*** bpokorny has quit IRC19:34
tmcpeakRyan_Lane: thanks for LP bug19:37
Ryan_Laneyw19:39
Ryan_Lanewas there ever a bug opened about being able to disable specific test numbers?19:40
Ryan_Lanelike # no-sec-b10019:40
*** ninag has quit IRC19:44
*** ninag has joined #openstack-security19:45
Ryan_Lanewell, if not, there's one now :)19:46
*** salv-orl_ has quit IRC19:46
tmcpeakRyan_Lane: awesome19:49
tmcpeakI think Stan was working on some nosec stuff19:50
tmcpeakcan't remember how far he got19:50
*** edmondsw has quit IRC19:53
*** jmckind_ has joined #openstack-security19:53
*** ninag has quit IRC19:54
*** ninag has joined #openstack-security19:55
*** jmckind has quit IRC19:55
*** avarner has joined #openstack-security19:57
*** ninag has quit IRC19:58
*** rcernin has quit IRC19:58
*** ninag has joined #openstack-security19:59
*** ninag_ has joined #openstack-security20:01
*** ninag_ has quit IRC20:02
*** ninag_ has joined #openstack-security20:02
*** ninag has quit IRC20:03
*** jmckind has joined #openstack-security20:06
*** jmckind_ has quit IRC20:09
*** diazjf has quit IRC20:11
*** jhfeng has quit IRC20:21
*** jhfeng has joined #openstack-security20:29
*** jhfeng has quit IRC20:30
*** diazjf has joined #openstack-security20:31
*** rcernin has joined #openstack-security20:32
*** salv-orlando has joined #openstack-security20:47
*** jhfeng has joined #openstack-security20:48
*** zul has quit IRC20:52
*** diazjf has quit IRC20:54
*** bknudson has joined #openstack-security20:55
*** salv-orlando has quit IRC21:00
*** diazjf has joined #openstack-security21:06
*** bpokorny_ has quit IRC21:26
*** bpokorny has joined #openstack-security21:27
*** rcernin has quit IRC21:28
*** bpokorny has quit IRC21:28
*** bpokorny has joined #openstack-security21:29
*** salv-orlando has joined #openstack-security21:30
*** avarner_ has joined #openstack-security21:30
*** avarner has quit IRC21:34
*** avarner_ has quit IRC21:38
*** avarner has joined #openstack-security21:59
*** salv-orl_ has joined #openstack-security22:06
*** diazjf has quit IRC22:07
*** salv-orlando has quit IRC22:09
*** diazjf has joined #openstack-security22:10
*** cjschaef has quit IRC22:44
*** ninag_ has quit IRC22:48
*** ninag has joined #openstack-security22:48
*** ccneill has quit IRC22:50
*** ninag has quit IRC22:52
*** jhfeng has quit IRC23:06
*** jmckind_ has joined #openstack-security23:10
*** edtubill has quit IRC23:11
*** jmckind has quit IRC23:13
*** jmckind has joined #openstack-security23:16
*** jmckind_ has quit IRC23:19
*** avarner has quit IRC23:21
openstackgerritOpenStack Proposal Bot proposed openstack/anchor: Updated from global requirements  https://review.openstack.org/27163623:21
*** diazjf has quit IRC23:22
*** sigmavirus24 is now known as sigmavirus24_awa23:28
« Monday, 2016-01-25 Index Wednesday, 2016-01-27 »

Generated by irclog2html.py 2.14.0 by Marius Gedminas - find it at mg.pov.lt!