Commit Graph

262 Commits

Author SHA1 Message Date
Serge Latyntcev
f185dfb2c5 DOC Clarify that Security release is a SilverStripe Core release 2019-09-18 11:19:55 +12:00
Robbie Averill
66ca1c925f
Merge pull request #9217 from silverstripe/doc-node10
Update recommended node version in contrib docs
2019-09-06 11:54:41 -07:00
Robbie Averill
23b40557e8
Reduce version for Node 10 to SilverStripe 4.4
[ci skip]

Co-Authored-By: Garion Herman <garion@silverstripe.com>
2019-09-06 11:54:14 -07:00
Ingo Schommer
e3f06c4468 DOCS Remove uservoice mentions
See https://forum.silverstripe.org/t/a-new-way-to-manage-feature-ideas/2264
2019-09-06 16:01:30 +12:00
Sam Minnée
614e99a899
Update recommended node version in contrib docs 2019-09-04 18:55:47 +12:00
Aaron Carlino
a21bd9eff8 MINOR: Ensure minor releases follow security release steps 2019-06-12 10:57:09 +12:00
Robbie Averill
e948c5eb1e DOCS Update "release numbering" to document the fact that lock step releases are not required (#9000)
* DOCS Update "release numbering" to document the fact that lock step releases are not required

[ci skip]

* DOCS Update "making a SilverStripe core release" to clarify recipe versus module without lock step

Also adds note about peer reviewing the plan before release

[ci skip]
2019-05-22 10:16:24 +12:00
Ingo Schommer
71e9f2faad DOCS Clarify CVE process
[skip ci]
2019-05-15 13:30:59 +12:00
Federico Jaramillo Martínez
207cf75dc4
Fix link to npmjs 2019-05-14 07:20:49 -05:00
Federico Jaramillo Martínez
08e08160c1
Fix link to es6features 2019-05-14 07:18:09 -05:00
Ingo Schommer
af7e055574 DOCS Limited "critical security fixes" release lines
We're adopting CVSS (https://nvd.nist.gov/vuln-metrics/cvss/v3-calculator),
which allows us to classify the impact of security issues
based on industry standard metrics.

While there is still a lot of room for interpretation,
it is more objective than our previous system of "critical/high/medium/low",
with one sentence descriptions on how we interpret that "severity rating".

This effectively changes our process to only apply
security fixes to release lines in "limited support" (currently 3.6 and 3.7)
if they're considered "critical" (CVSS > 9.0).

We've already limited preannounces to CVSS >7.0 in these docs.
2019-04-01 17:08:13 +13:00
Ingo Schommer
62bd6ff334 DOCS Clarify security process, introduce CVE and CVSS
Moved the guts to "making a core release", since it's only really relevant to that audience.
There's more work to do around making security and non-security releases the same (less special handling),
but I think this is a good start.

[ci-skip]
2019-02-26 13:48:07 +13:00
Juan Molina
b02fd13766
Correct 13_CSS_Coding_Conventions.md
Correct two broken links and the syntax of a third one
2019-02-21 15:32:45 +01:00
Robbie Averill
7c96feef37 Merge branch '4.3' into 4 2019-01-08 12:27:48 +01:00
Robbie Averill
937d73fefc Merge branch '4.2' into 4.3
# Conflicts:
 #	docs/en/05_Contributing/05_Making_A_SilverStripe_Core_Release.md
 #	lang/en.yml
2019-01-08 12:25:48 +01:00
Robbie Averill
280222abbe Merge branch '4.1' into 4.2
# Conflicts:
 #	docs/en/05_Contributing/05_Making_A_SilverStripe_Core_Release.md
2019-01-08 12:22:20 +01:00
Robbie Averill
802261aa4b Merge branch '4.0' into 4.1
# Conflicts:
 #	docs/en/05_Contributing/05_Making_A_SilverStripe_Core_Release.md
2019-01-08 12:21:27 +01:00
Ingo Schommer
f80e16adde DOCS clarified release EOL process 2019-01-08 12:20:17 +01:00
Ingo Schommer
9bdd5fb162 DOCS Replaced references to core mailinglist with forum 2018-12-19 10:20:46 +13:00
Ingo Schommer
8b601b8ecc DOCS Further wording changes to pre announce release docs 2018-12-19 09:41:59 +13:00
Ingo Schommer
cc51ffea68 DOCS Minor wording changes on release process docs 2018-12-18 16:39:32 +13:00
Daniel Hensby
1644765a9f Rebase against satis changes (#8298) 2018-12-13 16:49:12 +13:00
Damian Mooyman
22314de559 DOCS Update security release docs / satis instructions (#7681)
* DOCS Update security release docs / satis instructions

* Update based on testing
2018-12-13 15:50:50 +13:00
Scott Hutchinson
70897495d6
Add new core committers 2018-11-14 23:06:17 +13:00
Sacha Judd
f5b6ce01cf DOCS Add docs for CMS help menu links
[ci skip]
2018-10-04 10:50:57 +13:00
Ingo Schommer
7f05c7c6d4 DOCS Clarified latest vs. next 2018-09-13 08:11:07 +12:00
Ingo Schommer
793d6615eb DOCS Don't mention 5.3, its unsupported 2018-09-13 08:09:27 +12:00
Ingo Schommer
1f881f5c3f DOCS Clarify sec release process 2018-09-13 08:09:27 +12:00
Ingo Schommer
dd4bcac3a7 DOCS Release support clarification
See https://github.com/silverstripe/silverstripe-framework/issues/8189
2018-09-13 08:09:24 +12:00
Ingo Schommer
e5371091fa DOCS Simpler description on pull request target 2018-09-05 13:54:31 +12:00
Ingo Schommer
b4d5d9f1ff DOCS Clarified issue labelling 2018-09-05 13:54:17 +12:00
Ingo Schommer
2e1e8e07b9 DOCS Consistent app/ folder and composer use
- Stronger wording around "use composer"
- Consistent domain and email address naming
- Removed example for publishing non-composer modules (those shouldn't be encouraged)
- Removed instructions for installing modules from archives

[ci skip]
2018-06-25 10:40:19 +12:00
Sam Minnée
4ccacf509f
Add semver reference in core committers guide 2018-05-21 14:08:52 +12:00
Robbie Averill
fe5a271634
Merge pull request #8048 from open-sausages/pulls/4/docs-release-proc
Release process docs improvements
2018-05-08 11:25:15 +12:00
Ingo Schommer
10328a8970 Less conflicting statement on security fix release lines 2018-05-07 21:20:39 +12:00
Ingo Schommer
27ec9724cb Document contributing committers
See https://github.com/silverstripe/silverstripe-framework/pull/8021#issuecomment-386423095
2018-05-07 20:07:13 +12:00
Robbie Averill
53938f3bde
DOCS Update references to open source JIRA > GitHub, minimum PHP version update 2018-05-07 14:27:43 +12:00
Ingo Schommer
63b1f0153d Clarify roadmap and change releases location for docs 2018-05-03 15:19:45 +12:00
Ingo Schommer
4ccfa94132 Removed docs about pre-semver times
We no longer support those versions, so it's just noise.
2018-05-03 14:52:52 +12:00
Daniel Hensby
33a17d8dd2
Merge pull request #7925 from open-sausages/pulls/4/youve-been-committed
Add Paul to core designers team
2018-03-13 11:36:15 +00:00
Christopher Joe
f437d52255 Add Paul to core designers team 2018-03-13 17:55:43 +13:00
Ingo Schommer
9a85e4d6e8 Remove Jono from Core Committers :( 2018-03-13 10:25:02 +13:00
Ingo Schommer
e71a70217f Remove Stig/Sean from Core Committers :( 2018-03-13 10:23:55 +13:00
Ingo Schommer
c2ac52c271 Remove Hamish from core committers :( 2018-03-13 10:12:41 +13:00
Ingo Schommer
13c9372a1d Clarify docs around security releases on supported modules 2018-03-07 11:07:17 +13:00
worikgh
1fe1d9a822
Remove deprecated @package and @subpackage
On Slack #General at 11:17 nightjarnz maintains that @package is deprecated.
2018-02-28 11:45:44 +13:00
Ingo Schommer
d4fc08b206
Closing bracket 2018-02-14 10:14:44 +13:00
Ingo Schommer
6fab007138
Link to UX issues 2018-02-14 10:14:22 +13:00
Robbie Averill
ef6b03a35a
Merge pull request #7843 from open-sausages/pulls/4/docs-blog-release
DOCS Blog on release process
2018-02-07 18:29:32 +13:00
Ingo Schommer
b5987b68c6 DOCS Blog on release process 2018-02-07 16:02:27 +13:00
Scott Hutchinson
496ca4457a
Update 09_Core_committers.md 2018-02-05 14:45:50 +13:00
Ingo Schommer
26c3e224db Remove module-specific docs instructions
We have too many docs to list these out now,
even in 3.x this was a bit of a stopgap solution.
Point to a centrally managed URL on silverstripe.org
instead, where we can update the list of "core modules" regularly
without breaking URLs in the docs etc

Note that these URLs are also used internally by the
Open Sourcerers team.
2018-01-30 09:08:49 +13:00
Ingo Schommer
bf8790a893 Docs: Remove forum and IRC references 2017-12-19 11:45:27 +13:00
Saophalkun Ponlu
e0e50c79fd Update CSS conventions doc 2017-12-18 16:01:52 +13:00
Ingo Schommer
58da8c47cb Moved security process from JIRA to Github
JIRA isn't fully under the OSS team's control,
and played up in the past (Dan couldn't move issues).
Since Github has project boards now, and we're paying
for private repos on github.com/silverstripe-security already anyway,
there's no reason to introduce another tool (JIRA) into our workflows.

No need to move existing issues, the JIRA board hasn't been used in a while.
Which leads to unclear ownership and status of security issues,
and is exactly the reason for this change ;)
2017-11-15 07:44:17 +13:00
Damian Mooyman
cdfb413395
Code block whitespace / formatting cleanup 2017-10-27 15:38:27 +13:00
Aaron Carlino
50c8a02bff remove tabs 2017-08-07 15:11:17 +12:00
Aaron Carlino
84feab5a68 Yeah psr2 functions 2017-08-07 14:01:38 +12:00
Aaron Carlino
2414eaeafd Yay, clean arrays 2017-08-07 14:01:38 +12:00
Aaron Carlino
eb1695c03d Replace all legacy ::: syntax with GFMD tags 2017-08-07 14:01:38 +12:00
Saophalkun Ponlu
63ba092765 FIX Add namespaces in markdown docs (#7088)
* FIX Add namespaces in markdown docs

* FIX Convert doc [link] to [link-text](link-uri)
2017-07-03 13:22:12 +12:00
Damian Mooyman
3e0b7bde9c
DOCS Add link to silverstripe npm account 2017-06-29 13:37:17 +12:00
Daniel Hensby
e7df10dc52
Merge branch '3' 2017-06-28 18:59:08 +01:00
3Dgoo
1e887c0631 Future proofing api link 2017-06-19 07:09:41 +09:30
Damian Mooyman
dd4eb6ce44 Merge pull request #6960 from open-sausages/pulls/4.0/security-process-docs
Internal security process docs
2017-06-16 13:50:58 +12:00
3Dgoo
a128941d66 Documentation link fixes
Removing defunct silverstripe-labs github link. Fixing up some broken links. Making links https if they can be https.
2017-06-16 06:38:53 +09:30
Ingo Schommer
b137e91998 Internal security process docs 2017-06-02 11:30:12 +12:00
Ed Linklater
f007fca51f Docs: Correct Stevie's name on committers page 2017-05-31 12:27:06 +12:00
Christopher Joe
e327bf3c70 Enhancement add contribution notes about releasing to NPM 2017-05-24 17:07:05 +12:00
Damian Mooyman
2548bfba1e API Replace SS_HOST with SS_BASE_URL
API Remove Director::$test_servers / $dev_servers
API Remove MODULES_PATH / MODULES_DIR constants
ENHANCEMENT Injector backtick syntax now supports environment variables as well as constants
Fixes #6588
2017-04-20 22:28:57 +12:00
Damian Mooyman
23b92c8187
Documentation and linting updates 2017-03-10 11:59:38 +13:00
Christopher Joe
466c50b302 API Switch from npm4 and shrinkwrap to npm6 and yarn 2017-03-10 11:38:26 +13:00
Ingo Schommer
97a29c1ee2 Add Chris to core committers list 2017-03-08 14:50:24 +13:00
Ingo Schommer
06ec59b4f2 Sort core committers alphabetically 2017-03-08 14:50:24 +13:00
Daniel Hensby
8c8231c03e
NEW Director::host() to determine host name of site 2017-01-31 21:36:04 +00:00
Daniel Hensby
6e096f6172
DOCS Updated environment management docs to use .env file 2017-01-31 21:28:51 +00:00
Daniel Hensby
a5da085cc7
Merge branch '3' 2017-01-31 17:03:53 +00:00
Ingo Schommer
d9e8b37ac4 Remove WebPI references
SQL Server is still community supported, and we have IIS 7+ in our “server requirements”, which won’t change.
But the WebPI installer is rarely used in practice, and doesn’t provide the best user experience for Windows users
compared to other installation options. Given it sucks up time on every release process. this should be removed.
2017-01-18 11:37:11 +13:00
Ingo Schommer
d34b33c733 Remove module list from release docs
We have more modules now, it's a bit unmaintainable to list them.
2017-01-18 11:06:24 +13:00
Ingo Schommer
9a9a82460d Release docs pointers around checking doc.ss.org 2017-01-18 11:06:19 +13:00
Daniel Hensby
c8d95cb558 Merge pull request #6521 from open-sausages/pulls/4.0/improve-release-docs
Release docs improvements
2017-01-17 11:13:17 +00:00
Ingo Schommer
7635f0f5f7 Docs: Update release cmds to match cow 2.0 2017-01-17 17:29:28 +13:00
Ingo Schommer
2bcbddc476 Docs: Release link to aws and transifex credential setup 2017-01-17 17:29:11 +13:00
Ingo Schommer
a584083476 Docs: Mention release issues with python on OSX
Also removed listing of modules, since that tends to change with newer releases
2017-01-17 17:28:25 +13:00
Ingo Schommer
020a4dc81e Removed "release maintainer" from docs
The role moves around based on current availability.
@tractorcow has done most of the last releases,
but a separate team (headed by @dhensby) will be
responsible for 3.x releases.

There's not really much point to declaring a release maintainer,
unless there's disagreements in the core team where we need
an arbitrator. So far those conflicts have been resolved
on individual tickets (e.g. what should go into a release),
and the process for that seems to work well.
2017-01-17 11:51:20 +13:00
Damian Mooyman
fd9ee8aed3 Merge pull request #6379 from open-sausages/pulls/4.0/psr-coding-conventions
Updated coding conventions for PSR-2
2016-12-19 09:41:02 +13:00
Damian Mooyman
534d0f16a3 Merge pull request #6314 from chillu/pulls/4.0/contributing-composer-install
Composer contributing docs
2016-12-19 09:40:02 +13:00
Damian Mooyman
8e08eb04ce Merge branch 'master' into pulls/4.0/psr-coding-conventions 2016-12-14 19:29:35 +13:00
Damian Mooyman
55a9496ad7 Merge pull request #6378 from open-sausages/pulls/4.0/english-coding-conventions
Clarify UK-english in coding conventions
2016-12-12 10:29:46 +13:00
Damian Mooyman
6e589aac75
API Updates to Form, ValidationResponse, ValidationException
API Implement form schema "errors" handling
2016-12-09 14:24:11 +13:00
Ingo Schommer
e1b84b3c8d Updated coding conventions for PSR-2
See https://github.com/silverstripe/silverstripe-framework/pull/6340
See https://github.com/silverstripe/silverstripe-framework/issues/6376
2016-12-09 11:59:01 +13:00
Ingo Schommer
ad99da1c2e Clarify UK-english in coding conventions 2016-12-09 11:44:19 +13:00
Ingo Schommer
1ae2709cca Use "composer update" in contrib docs
The "repositories" key makes "composer update" ridiculously slow with the amount of tags and branches we have in core,
so unfortunately we can't rely on it. I've also removed the thinkapp-based instructions about working with git,
since it's now fairly widespread knowledge, and better documented elsewhere.

Note that I've chosen to rename the "origin" remote to "upstream" in order to keep in line with
the contribution documentation on help.github.com (even if it's a bit more clumsy to explain upfront)
2016-11-15 17:36:43 +13:00
Ingo Schommer
56e9f7a627 Removed deprecated --dev flag in docs 2016-11-15 16:29:56 +13:00
Matt Peel
45048ae3b3 Update 14_PHP_Coding_Conventions.md (#6094)
Include a note preferring type-safe identical comparisons (===) over equality (==) where possible.
2016-11-01 18:12:11 +13:00
Ingo Schommer
a0c0a4ae4f Updated docs with sass-lint references 2016-09-18 16:25:16 +12:00
Sam Minnee
c2ebff5c19 NEW: Use sass-lint over scss-lint
SCSS linting now uses the node-based sass-lint tool, since we’re
shifting away from CodeClimate.

This has the benefit of not requiring a ruby gem on dev tools -
everything is provided as npm dev dependencies.

This was also necessary to run the linting inside travis.
2016-09-18 14:50:27 +12:00
Sam Minnee
1b527fca3f FIX Webpack handles images & fonts.
Responsibility for finding and referencing images and fonts is now
given to webpack. All the url references are now relative to the
component scss file, and point to font & images files in src/, rather
than assuming someone else will place them in dist.

This makes the source more modular, and makes it easier to, for
example, inline images are data URIs, or create a new build script that
builds several modules for a project in a single pass.

Workaround for bad font path in bundle.css:
ExtactTextPlugin didn’t work as well with a subfolder reference in the
filename. This is just a short-term fix and could probably be improved
to put bundle.css back in the styles subfolder.

Webpack handles images & fonts:
Responsibility for finding and referencing images and fonts is now
given to webpack. All the url references are now relative to the
component scss file, and point to font & images files in src/, rather
than assuming someone else will place them in dist.

This makes the source more modular, and makes it easier to, for
example, inline images are data URIs, or create a new build script that
builds several modules for a project in a single pass.

Clarify docs on spriting and webfonts:
We've decided to remove sprity since it comes with hundreds of dependencies,
and needs compilation within the "npm install" - dragging out the already overweight
install process, and making the resulting node_modules/ folder less portable between systems.
2016-09-15 22:19:09 +12:00
Sam Minnee
2e577ddb1d API Use Webpack
The bundle is generated by running “webpack” directly - gulp is no
longer needed as an intermediary. The resulting config is a lot shorter,
although more configuration is pushed into lib.js.

Modules are shared between javascript files as global variables.
Although this global state pollution is a bit messy, I don’t think it’s
practically any worse than the previous state, and it highlights the
heavy coupling between the different packages we have in place.
Reducing the width of the coupling between the core javascript and
add-on modules would probably be a better way of dealing with this than
replacing global variables with some other kind of global state.

The web pack execution seems roughly twice as fast - if I clear out my
framework/client/dist/js folder, it takes 13.3s to rebuild. However,
it’s not rebuilding other files inside dist, only the bundle files.

CSS files are now included from javascript and incorporated into
bundle.css by the webpack. Although the style-loader is helpful in some
dev workflows (it allows live reload), it introduces a flash of
unstyled content which makes it inappropriate for production.

Instead ExtractTextPlugin is used to write all the aggregated CSS
into a single bundle.css file. A style-loader-based configuration could
be introduced for dev environments, if we make use of the webpack live
reloader in the future.

Note that the following features have been removed as they don't appear to be
necessary when using Webpack:
 - UMD module generation
 - thirdparty dist file copying

LeftAndMain.js deps: Without it, ssui.core.js gets loaded too late,
which leads e.g. to buttons being initialised without this added behaviour.
2016-09-15 22:19:05 +12:00
Ingo Schommer
d38db31eb4 Added link to React coding conventions 2016-09-01 13:59:34 +12:00