-
Notifications
You must be signed in to change notification settings - Fork 51
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Roadmap for v2.0 #100
Comments
Sounds good! Ping me or rwjblue if you want us to review or merge something. You can also ask rwjblue for repo access, perhaps he can give you (but that would be totally up to him). However, even if you'd have repo access I still think it would be vice to have another pair of eyes look through any code before it's merged. |
OK, just merged #101 which I think ticks a couple of the boxes above. |
I think this will be a ember-cli-content-security-policy/index.js Lines 257 to 264 in 9cd237f
|
Sounds good, sorry for making things a bit more difficult here @jelhan |
OK, how are things looking now @jelhan? I think the only checklist item left is:
Is that right? |
Yes. We might also need some more testing on real world applications to avoid regressions. It was a major refactoring and the test coverage isn't that high. Maybe a beta release would be a good idea. |
Ya, totally makes sense. |
We should also update the Ember CLI docs which includes a section on Content Security Policy: https://cli.emberjs.com/release/basic-use/deploying/#contentsecuritypolicy It seems to miss the install step though. |
Ya, probably ignores the install step because it was originally authored when the addon was installed by default? |
Added #116 as another release blocker. Have a look at #113 (comment) for background. |
@rwjblue Everything should be ready for a |
FYI - Added @jelhan to npm... |
Any tentative date for this release? @jelhan |
Just released the first release candidate for upcoming 2.x: |
During the beta period I noticed some problems related to developer experience, which I would like to fix before the first stable release. I created a milestone to track the work needed to be done before a stable v2 release: https://github.com/rwjblue/ember-cli-content-security-policy/milestone/1 PRs are welcome as always. 😄 |
@jelhan I personally don't think any of the three issues listed under that milestone is a blocker for a v2 release. |
I'm very sorry that it takes so long until getting a stable release out. I agree that they aren't strictly necessary cause even without it's an improvement compared to latest v1 release. But I would consider #152 a blocker. Just added it to the milestone. To be honest I would prefer rather to wait a little bit longer and fix everything before doing a stable v2 release rather than doing the release after #152. Mostly cause it has already been such a long time. I would like to combine a stable release with some marketing. And therefore providing a good developer experience is required. I was rewriting the fragile test suite based on ember-cli-addon-tests in the last months. The unstable and slow tests slowed down development a lot. I hope that I land the changes within this week. Everything working locally. Just need to polish it a little bit. I expect to be able to finish the other open tasks in v2 milestone soon after. I hope that we can do a stable v2 release containing all of them within this month. Decided to focus my open source activities on this addon to finally get it done. |
Getting v2.0 out of the door is taking way too long. I also haven't had the time to follow up. And I guess plans were to ambitious for available time. I released v2.0.0-5 yesterday. All known bugs are fixed. Main target should be to get v2.0.0 out of the door. To ensure that I like to propose that v2.0.0-5 is released as v2.0.0 in two weeks unless a bug is reported. |
No new bugs were reported. Releasing |
Disclaimer: This is only a proposal as I'm not the maintainer of this repo.
As you might have noticed I'm working on an incremental refactoring of the configuration of this addon. It makes sense to ship all changes in one release to avoid unnecessary noice.
I would suggest that next release includes these features:
ember-cli-content-security-policy
namespace, introduce an explicitenabled
option and reword other options. (refactor configuration #92, Refactor configuration to use ember-cli-content-security-policy (instead of contentSecurityPolicy) #94)config/content-security-policy.js
. (options should not come from config/env, rather the brocfil. These are build-server concerns not run-time concerns #30, Allow configuration to be specified in ember-cli-build.js #97, move config to config/content-security-policy.js #104)There are some pending feature requests that could be implemented having sensitive defaults without introducing a breaking change if shiped together with configuration changes:
delivery
includesheader
. (set CSP header in FastBoot #113)I suggest shipping all of them with the next release.
Also there are some bugs/regressions introduced by refactoring that must be fixed before release:
config/content-security-policy.js
and fall back to legacyconfig/environment.js
config. #103)Steps to be done after release:
This would be a great foundation for jelhan/ember-style-modifier#11.
The text was updated successfully, but these errors were encountered: