Keith Casey (caseydk)

Browsing Posts published by Keith Casey (caseydk)

v2.0 Release Notes

July 1, 2010 Keith Casey (caseydk) 2 comments

web2project homepage As of 29 June 2010, web2project v2.0 is officially released! You can download it from SourceForge now.

Although this release had lots of bug fixes, the primary focus was on a few specific new features and major pieces of functionality. You can read the full v2.0 Release Notes, but in my opinion, the six most important items are:

User-based Timezones: Everywhere a time is used or displayed within the system, it’s now stored in GMT/UTC and presented in the user’s local timezone. If you set a meeting for 5pm America/New_York, someone with America/Chicago timezone will automatically see it at 4pm. If you have team members spread across timezones, this is vital. Lots of thanks to Derick Rethans – the master of all things time-related in PHP – on his numerous presentations on DateTime and Timezones. His information made it possible.
Unit Tests have come a long way since the v1.0 release. We had zero at that time but Trevor Morse – founder of the Halifax, NS PHP Group and core web2project member – has led the way to 240+ tests focused on the Tasks and Projects classes.
Subprojects are now Useful: Previously you could denote one project as a subproject as another but it didn’t really do anything, it was just presented a bit differently. With this release, when you assign a project as a subproject, now it creates a token task within the parent project. This token task takes on the start/end dates, duration, hours worked, and percent complete of the subproject. As the subproject updates, the token task updates. Even more usefully, you can use the Token Task as a dependency for other tasks in the parent project. That all sounds complicated, so just try it out.
The class structure has been completely restructured: While this won’t be relevant to 99% of our users, it makes it much easier to add standalone frameworks – like the Zend Framework or whatever – to the system for other functionality. On a related point, web2project now supports the naming conventions put forth in the Framework Interoperability Group. This will also allow easier third-party authenticators for systems like Drupal, Joomla, or WordPress.
Audit Logs – We cleaned up the core system objects to provide historical logging of all CRUD operations. Any Add On modules that use the core objects will get this functionality by default.
Added an ‘update checker’ – This is a regular script which runs to notify the System Administrator that a new release is available and collects basic system information. This was modeled after Drupal’s update functionality. No sensitive information is collected and this can be opted out of via the System Configuration.

A number of community members stepped up and did a great job in reporting issues, helping test fixes and release candidates, and generally being insightful. Special thanks goes to opto, adolfo, zbyszek, and egemme. Without them, v2.0 would not be as solid, useful, and generally as bug-free as it is.

In summary, we closed about 79 items with ranging from 15 crash-level issues to 42 minor bugs. Once again, those are just the formally reported issues. If you want to explore everything of interest, check out the web2project v2.0 Release Notes on our wiki. And of course, if you’re looking for ways to share your code more easily, you should check out our web2project git repository.

You can download web2project v2.0 from SourceForge now.

* And yes, I always wait a few days to announce the releases in case we have to make a patch release. 😉

Development Blog audits, Development, namespaces, Releases, subprojects, timezones, update checker

v1.3 Release Notes

April 1, 2010 Keith Casey (caseydk) Comments off

As of 01 April 2010, v1.3 of web2project is live.

This release was focused almost entirely on bug fixing and preparation for the coming v2.0 release in June. Since the v1.2.2 release in January:

First, we added another 35 Unit Tests covering core functionality in the Tasks module. While there are still lots fo things that need tests, Trevor has does some amazing work and should be applauded for it.
Next, we’ve done quite a bit of cleanup to the Tasks module itself. Now moving a Task from one project to another will cause both projects’ percent complete to be recalculated.
Next, the upgrade process has been moved out of the /install folder and into the System Admin. Further, the System Admin page notifies administrators if database updates should be applied. This ensures that only properly permissioned users can apply upgrades.
Next, we added “minification” to the Javascipt and CSS which reduced the corresponding filesizes by 80% and 33% respectively.
Next, we created a number of Views Helpers. These helpers handle auto-linking fields that have url’s or even email fields. On the other side of things, we’ve added validation for email and url fields. If something is supposed to be a url, it will be. Further, description fields will respect character sets including umlauts and other non-English characters.
Finally, we added deprecation warnings to a number of methods and functions that will be removed in later releases.

In summary, we closed about 25 items with ranging from 3 crash-level issues to 14 minor bugs. Once again, those are just the formally reported issues. If you want to explore everything of interest, check out the web2project v1.3 Release Notes on our wiki. And of course, if you’re looking for ways to share your code more easily, you should check out our web2project git repository.

This release came a little later than planned, but due to conflicting schedules, it just had to happen. Regardless, we’ve already sketched out v2.0 and plan to get back on track with the September v2.1 release.

Development Blog deprecation warnings, Development, Javascript minification, Releases, Unit Testing, validations, views helpers

web2project Security Vulnerability

January 29, 2010 Keith Casey (caseydk) Comments off

Late last month, I received some bad news about web2project…

It turns out that web2project was vulnerable to a handful of select Cross Site Scripting (XSS: definition) vulnerabilities. While the attack vector was pretty specific to being an already authenticated user, it had the potential to be a major problem in a poorly configured system.

On the positive side, I say “was” because within 10 days of being notified of the problem – and the same day the vulnerability became public – we had a patched release out the door and available to users. We’ve spent the past month since encouraging them to upgrade. Of course, we further benefit from the fact that although the vulnerability does affect us, we’re not named in the report.

On the negative side, it did take us 10 days to close the vulnerability. The patch itself was available a few days earlier via Subversion but it might not have been enough. Further, we didn’t explicitly notify our users of a need to upgrade but since it was rolled with a handful of other major fixes, it appears that many people have upgraded already. Once again, we benefit from the very specific attack vector.

To make this process easier and faster in the future, as of v1.3, we can already detect if upgrades have been uploaded but not applied. For an upcoming release, we’re implementing a Drupal/WordPress-style means of notifying existing administrators thatan upgrade is available. In the meantime, watch this space or web2project’s page on Sourceforge.

Development Blog Development, dotProject, Security

v1.2 is Released!

December 10, 2009 Keith Casey (caseydk) Comments off

As of this morning – 09 December 2009 – web2project v1.2 is live!

While there is not a huge amount of new user-facing functionality, the sheer number of fixes and amount of cleanup is staggering. Since the v1.1 release in September:

Pedro made some major updates to the iCal handling which added the Task Description and Links to the iCal entry for one-stop shop of information.
Pedro also added the Brazilian Portuguese translation to core. Rumor has it that there’s an Italian version on the way next.
Added some creative caching and pre-calculations to the Task Count, Total Hours, Percent Complete, and Worked Hours to speed up the system significantly.
Changed the PDF creation for reports to use a randomly generated filename.
Created a GanttRenderer class to centralize the Gantt chart creation with the goal of standardizing behavior and eventually replacing jpGraph completely.
We’ve created strong object validation that happens on save. Whenever you attempt to save a Project, Company, Link, etc, the system makes sure the required fields are actually filled in. Realistically, some would claim that the Javascript already did some of this on the front end, but that could be bypassed… and we needed something more solid for the API.
The method signatures – specifically for store(), delete(), check(), and a few other calls – have been standardized. This by itself isn’t incredibly useful yet… but we needed something more solid for the API.
We did some major refactoring of the core modules based on a code review we received at CodeWorks 2009. Sebastian Bergmann (phpUnit creator), Stefan Priebsch (OO guru), and Arne Blankerts (security guru) were kind enought to take a look at the code and shared feedback on a number of architectural concepts, OO improvements, and overall code clarity. These changes aren’t immediately visible to end users but we needed something more solid for the API.
Finally, Trevor and I (mostly him) added about 40 Unit Tests since the v1.1 release. While we don’t distribute them in the release – you have to get them via SVN – they’re useful for testing against the growing API.

Are you detecting the pattern here?

Further, we closed nearly 50 items ranging from 8 crash-level bugs to 20 minor bugs to 4 pre-defined feature requests. Of course, that only covers the things logged as issues. If you want to see everything of interest, check out the web2project v1.2 Release Notes on our wiki.

In accordance with our quarterly release schedule, this is our final release for 2009. The next release will be 1.3 in March 2010 with v2.0 scheduled for June 2010.

Development Blog API, Brazilian Portugese, code review, Development, iCalendar, object validation, Releases, translations, Unit Testing

v1.1 Getting Close

September 1, 2009 Keith Casey (caseydk) Comments off

Yes, you read that correctly, we’re getting close to our v1.1 release.

We’ve been working quietly behind the scenes to make a number of things happen. Some are big, some are tiny, but here’s a rough list of them:

Unfortunately, a number of bugs – most just annoying, one important – made it into the v1.0 release. These were our top priority and are therefore resolved. There will be a detailed list in the v1.1 Release Notes.
We had all kinds of problems with Special characters like Umalutes and a few other things. A few users – namely eureka, pacho, and egemme – have led the way in given us tips and tricks and the necessary code to make the system UTF-8 compatible. There are probably a number of places which still need work, but the majority of them are wrapped.
A number of major performance improvements have been made.
- Previously, there were a number of screens which would count/group all the Tasks in the entire system just to display a simple count. We’ve modified the flow so that Tasks are counted for a specific Project whenever one is saved or deleted. On average, this creates more database reads and writes but each read is a fraction of the size of the original read and the write is a single row. In initial testing, the performance on the Project List screen – url: ./web2project/index.php?m=projects – is faster by approximately 20% and uses 50% less peak memory.
- There was a similar function related to the Tasks and Task Logs. On every Task View – url: ./web2project/index.php?m=tasks&a=view&task_id={task_id} – the hours worked were calculated on the fly. This has been changed to total the hours for a given Task whenever a task log is saved. Once again, this makes quite a few more reads and writes, but they’re smaller and more focused. In initial testing, the performance of the Task View screen is faster by approximately 5% and uses 20% less peak memory.
Next, with some guidance and great examples from Trevor Morse leading the way, we’ve implemented some Unit Tests. We don’t have 100% coverage on anything yet but the Projects, Companies, and Tasks Modules and numerous supporting functions have high coverage and are steadily getting better. This will be an ongoing effort as we continue development.
Next, the classes have been converted to the PHP 5 equivalents. All methods and properties have been marked public/private/protected as necessary. While this is normally a major change, since we already required PHP5 at installation, it’s a much smaller change than you might think.
Finally, a search interface has been created.
- The previous version of the SmartSearch module – Pedro’s ingenious creation – had a couple minor weaknesses. The most difficult one required the creation of a SearchObject created for every module in the system that you wanted to be searchable. While this is fine for core modules, it makes Add On modules either unsearchable or someone has to hack core… both less than ideal.
- Therefore, we created a hook_search method – you can see the first version on the Projects class – which allows any module to become searchable.

Other than that, we haven’t done much in the past 80-couple days…

Development Blog Development, Releases

Page 6 of 9
Prev
1
...
4
5
6
7
8
9
Next

web2Project

Common Topics