[Greasemonkey] 0.4.2 - last call before open beta

chris feldmann cfeldmann at gmail.com
Fri Jul 29 13:20:11 EDT 2005


I think Mark's right here; if you mention greasemonkey on the web, you'll 
get "Did you downgrade to 0.3.5 because of the vulnerability?" and I might 
answer, I'm using "0.4.2." But then I'd get, "you mean from before the 
exploit?" "No, that's the one from yesterday."

The point is that there is confusion concerning exactly which version is 
from when; this is especially exacerbated by the regression to 0.3.5 and 
later re-progression to 0.4.x. I think Marks is just suggesting the move to 
0.5 for *clarity's* sake. It removes all ambiguity to say, "now we're at 0.5
."

Also, if this rewrite doesn't deserve an increment in the second decimal 
place, nothing does. I mean, the underlying engine is totally rewritten. 
Heck, firefox is moving from 1.0.6 to 1.5 on a whim (probably for similar 
reasons of clarity, actually). Anyway, seems to me this release deserves a 
0.5 for its own sake and for the sake of users who don't care to have to 
think too hard about version numbers (but who can easily tell the difference 
between a 4 and a 5).

On 7/29/05, Aaron Boodman <zboogs at gmail.com> wrote:
> 
> > 0.4.2a1 moved the location of the scripts directory outside the
> > extensions tree and deleted everybody's scripts, re-introduced an old
> > problem with forward-defined functions, and introduced a new scope
> > chain (which, as it turned out, introduced a new security
> > vulnerability).
> 
> * The scripts were already getting deleted, on every reinstall, on
> Deer Park - this version didn't introduce it. This was due to a
> redesign of extension manager by Ben Goodger including a change to how
> uninstallation is handled. 0.4.2a1 moved the scripts directory outside
> the extension tree to *fix* this problem. Unfortunately it isn't
> possible to migrate the scripts directory on Deer Park, which is what
> my mail about manually moving was for.
> 
> * The scope chain change was trying to address some concerns that
> people on this list had, for compatibility.
> 
> * The change to scoping regressed the forward references inadvertently.
> 
> > 0.4.1a3 changed the scoping chain, which closed the security
> > vulnerability introduced in 0.4.2a1 but broke at least 2 of my scripts
> > which I had modified for Deer Park compatibility under 0.4.1a3 or
> > 0.4.2a1.
> 
> I'd like to know what specifically broke them.
> 
> > Please, for the love of God, let the 0.4.x.y.z line die a quiet and
> > well-deserved death, and call the next public release "0.5".
> 
> I don't really know what you mean by this. What difference does the
> number make? I only increased it so that versioning could work.
> 
> I'm sorry that stuff regressed for you but isn't that sorta what
> happens when you're trying trying to write a book against a piece of
> alpha software? I'm trying to fix bugs and respond to your guys'
> requests here, not tinker because I have nothing better to do.
> 
> If you give me the details on how stuff broke, I can fix it. Whinging
> is less productive.
> 
> Yeesh.
> _______________________________________________
> Greasemonkey mailing list
> Greasemonkey at mozdev.org
> http://mozdev.org/mailman/listinfo/greasemonkey
>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: http://mozdev.org/pipermail/greasemonkey/attachments/20050729/f3294eda/attachment.htm


More information about the Greasemonkey mailing list