Skip to main content

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index] [List Home]
Re: [cross-project-issues-dev] Making SimRel Great Again

I don’t think that excluding these projects would be a wise choice. Then immediately a large set of project had to leave SimRel, and clients are used to find many of them in the SimRel.
Of course the projects that are failing to fulfil the required constraints should know that they have to do something to do. For me the right point would be the SimRel aggregation validation build. If there could be more checks performed there the contributing projects will immediately recognise a task when they can’t get a successful build when contributing to SimRel. These restrictions could be added one by one, starting with most urgent ones, e.g. invalid license, missing signing.


Am 18.11.2019 um 15:02 schrieb Greg Watson <g.watson@xxxxxxxxxxxx>:

Hi Ed,

Thanks for your effort to try to improve the quality of the simrel. I was wondering why we don’t simply exclude all non conforming projects from the simrel until these issues have been corrected? This would seem to be particularly important for projects contributing content that is signed with expired certificates. Also, as far as I can see, the Simultaneous Release Requirements page [1] does not go to the level of detail that your email is suggesting, so it would be good to update this with more specific requirements, such as with version of Orbit projects should be building with. Ideally however, these requirements would be checked automatically and the project excluded if non conforming.



On Nov 18, 2019, at 4:57 AM, Ed Merks <ed.merks@xxxxxxxxx> wrote:

SimRel Participants,

While we're making progress on improving the state of the SimRel repo for 2019-12, without the active involvement of the ~80 teams contributing content, we're still going to fall far short of an acceptable quality benchmark.

Many projects simply need to do a new build to use the proper and correct version of SUA 2.0 from CBI and to use the latest Orbit dependencies. 

Roland Grunberg has been kind enough to publish a new Orbit I-build to ensure that there are no bundles signed  with expired root certificates:

The Orbit dependencies that you contribute to the train should come from there, and not some antiquated older version.  You should also look closely at whether your contributed or Orbit dependencies  align those contributed by other projects.  Currently 55 bundles are contributed as duplicates which is something we ought to avoid.  But at this point, duplicates is the least of my concern.  Just don't contribute old versions of and org.antlr.runtime_3.0.0.v200803061811.

That mean the ATL teams needs to pay attention;_org.antlr.runtime_[3.0.0,3.1.0)

Also the GEF team:;[1.3.0,1.4.0)

These dependency ranges will force the old problematic version.

What concerns me most is that some teams are completely unresponsive:

So it heartens me to see  others who have taken active steps:

Out of respect for all those many active participants who work tirelessly to contribute high quality results, please consider that your inaction reflects poorly on all of us.  In the end, the user doesn't care or know where things come from, they are faced with dialogs displaying many "duplicate" licenses, they see dialogs asking them to accept expired (root) certificates, and dialogs to accept the installation of  unsigned content.   It just doesn't give the user a warm fuzzy feeling that they're about to install something really great and that undermines the effort of hundreds of us who are working hard to give a great first impression and well as a lasting good impression.

This is is the future state for M3 if no further action is taken:

That state is a result of your contributions:

I believe there are a significant number of contributions that have simply died long ago but their input lingers on in a limbo zombie state.  Those will need to be removed...  And when one sees contributions coming from, or with neon, oxygen, and photon in the name, or ending with "snapshots", you know that's likely questionable and is likely old crap or totally unstable in terms of content.


cross-project-issues-dev mailing list
To change your delivery options, retrieve your password, or unsubscribe from this list, visit

cross-project-issues-dev mailing list
To change your delivery options, retrieve your password, or unsubscribe from this list, visit

Back to the top