Bill Keese | 18 Mar 14:32 2015

instrumentation breaking core intern tests

I spent today trying to fix the "dojo/parser - parseOnLoad + declarative require" test failure on Chrome that started with the Intern conversion.

This test file is using dojo in the traditional async=false mode, and it runs fine standalone. The problem only happens when the test file is loaded through Intern.  I reduced the problem down to:

<script src="../../../dojo.js"></script>
<script>
dojo.ready(function(){
...
});
</script>
Although the <script> which loads dojo.js correctly synchronously loads all the implicitly included modules (mainly the files in dojo/_base), their factories don't run until too late. Specifically, when the second script runs, dojo.ready() is not yet defined, even though dojo/ready.js has been loaded and the define() call inside that file has run.

I finally realized that it's the instrumentation that is screwing things up, although I don't know any further details.  So if no one has a proper fix to this problem, I'll just disable the instrumentation (by default) for the dojo core test run.

PS: This is not the only problem w/the test conversion.  A bigger issue is that it just hangs on the "dojo/text - no X-Requested-With header" test.
--

-- 
dojo-contributors mailing list
L Bodzak | 26 Feb 00:58 2015
Picon

js-doc-parse and doc utils status

Hi, I raised this on irc after seeing another weird bug with js-doc-parse and the outcome seems to be I'll end up being the maintainer for the project if no one else volunteers.

Whilst I'm not overly excited by the prospect, it'll at least provide an opportunity to clarify the status of the project; the current status of js-doc-parse has been unclear for many years now. 

Currently, IMO, documentation how to use the doc generation utilities are flawed and not easily understood by end users. There are 3 github repo's for js-doc-parse, the "real" master is https://github.com/wkeese/js-doc-parse, then there are https://github.com/SitePen/js-doc-parse and https://github.com/csnover/js-doc-parse.
Bill's repo is closed to issues, though not PR's, this was forked from colin's repo.


Those ref guide docs need to be cleaned up to demarcate them clearly as legacy. There's also the sitepen blog http://www.sitepen.com/blog/2013/01/18/generating-and-viewing-custom-api-docs/ 

It seems to me, anyone other than contributors or committers would have no idea how to easily generate their own API documentation. For me, this feels like another documentation failure considering documentation for Dojo has been an major issue in the past. 

I said on irc I'd take ownership of this repo as long as the previous committers i.e. colin (and Bill) would help me out when needed and as long as the supporting documentation is also updated (whether that's from me or others).

I'm posting this because Dylan said he wanted to be reminded and also because personally, I feel it's an issue that needs to be resolved for our end users
Lee

--

-- 
dojo-contributors mailing list
Dylan Schiemann | 16 Feb 18:40 2015

Starring your favorite dojo projects

It was pointed out to me recently that Dojo may be perceived to be less
popular than it really is because so few users and contributors have
actually done the simple step of starring the various Dojo projects via
GitHub.

While popularity really doesn't matter, it can often be a factor in
people choosing to contribute time and effort to a project, using that
project, etc.

Here are a list of projects you may wish to star, as a way to show you
have an interest in them:

https://github.com/dojo/dojo
https://github.com/dojo/dijit
https://github.com/dojo/dojox
https://github.com/dojo/util
https://github.com/dojo/dojo
https://github.com/dojo/dojo2
https://github.com/SitePen/dgrid
https://github.com/SitePen/dstore
https://github.com/SitePen/dijit-claro-stylus
https://github.com/SitePen/dojo-smore
https://github.com/theintern/intern
https://github.com/theintern/leadfoot
https://github.com/theintern/digdug
https://github.com/oria/gridx/
https://github.com/ibm-js/deliteful
https://github.com/ibm-js/delite

Thanks for taking a moment to quickly star the projects you like.

Regards,
-Dylan

-- 
Dylan Schiemann
SitePen, Inc.
Dojo workshops in the US, Canada, and Europe:
http://www.sitepen.com/workshops/
SitePen Insider: http://sitepen.com/insider/
http://www.sitepen.com/

--

-- 
dojo-contributors mailing list

Karl Tiedt | 9 Feb 23:12 2015
Picon

[GSOC] GSOC 2015 Is upon the open source community again, Dojo should be there!

    It has been awhile since y'all have heard from me, but I got the email notice that registrations are open and it sounds like 2015 is the year to get the Dojo Foundation involved in this amazing movement again. I spoke with Dylan and he is in the process of getting some ideas written up, however that is only a fraction of what it takes to pull off this endeavor from an organization level. We have until 20 Feb <at> 19:00 UTC to get all of these resources pulled together. We've done it in the past, we can pull this off again!

    If we are accepted, we will need mentors to help guide the students and provide meaningful feedback on the progress. These mentors can be anyone from the Dojo community (contributor, or community member) that has sufficient knowledge of the project, specifically relating to the tasks you end up mentoring for (TBD).


    Additionally, if anyone out there has ideas for tasks that would make great projects for a student to work as part of GSOC, please respond and I'll update our potential list of ideas so that we can discuss them as needed and see what will fit best into the project this year. 

Examples of previous ideas submitted:
    http://ktiedt.dojotoolkit.org/gsoc/2010/ideas.html (used, but not finding my notes on which we used and how they turned out, but it was a positive end result save for 1 student if I remember correctly)

    NOTE: This email was BCC'd to the dojo-contributor list, so if you are responding from there, your respond should end up on the dojo-interest list (I hope). I wanted to be sure to reach the widest audience of contributors as well and I know not all of them monitor dojo-interest.

-Karl Tiedt
--

-- 
dojo-contributors mailing list
Bill Keese | 8 Feb 11:56 2015

dojo core test status

I tried running the dojo core tests against saucelabs (according to the instructions in test/README.md), and I'm getting many failures.

What results are other people seeing?
--

-- 
dojo-contributors mailing list
Dylan Schiemann | 7 Jan 20:52 2015

1.10.4, etc.

We'd like to run an updated set of releases, because
dojox/layout/ResizeHandle.js had a trailing comma in the most recent
release which is breaking builds for a number of users.

Unless I hear any objections, we'll plan to do a round of releases on
Friday.

Regards,
-Dylan

-- 
Dylan Schiemann
SitePen, Inc.
Dojo workshops in the US, Canada, and Europe:
http://www.sitepen.com/workshops/
SitePen Insider: http://sitepen.com/insider/
http://www.sitepen.com/

--

-- 
dojo-contributors mailing list

Colin Snover | 8 Dec 20:40 2014

[SECURITY] New Dojo releases, all versions 1.4 through 1.10

Hi,

Several cross-site scripting vulnerabilities have been discovered and
fixed in dojox/av, dojox/embed, and dojox/form.

These vulnerabilities only impact users that publish the dojox package.
Users that publish only the dojo and dijit packages are unaffected and
do not need to take any action.

The following new releases contain fixes for the discovered vulnerabilities:

http://downloads.dojotoolkit.org/release-1.4.6/
http://downloads.dojotoolkit.org/release-1.5.5/
http://downloads.dojotoolkit.org/release-1.6.3/
http://downloads.dojotoolkit.org/release-1.7.8/
http://downloads.dojotoolkit.org/release-1.8.9/
http://downloads.dojotoolkit.org/release-1.9.6/
http://downloads.dojotoolkit.org/release-1.10.3/

We recommend you upgrade your Dojo packages. Alternatively, out of an
abundance of caution, you may delete the following files if you do not
use any of these components:

dojox/av/resources/audio.swf
dojox/av/resources/video.swf
dojox/form/uploader.swf
dojox/form/fileuploader.swf

Dojo 1.2 and 1.3 are also impacted, but are end-of-life versions of the
Toolkit and will not receive updates for this or any other issue. Users
still running Dojo 1.2 or 1.3 should upgrade to a newer version of the
Toolkit.

A full announcement with additional details on the vulnerability will be
published to the Dojo Toolkit blog tomorrow.

Regards,

-- 
Colin Snover
http://zetafleet.com

--

-- 
dojo-contributors mailing list

Colin Snover | 8 Dec 06:35 2014

dojox repo freeze

Hi,

Until further notice (Monday), please don’t make any commits to the
dojox repository.

Thanks!

-- 
Colin Snover
http://zetafleet.com

--

-- 
dojo-contributors mailing list
Colin Snover | 4 Dec 16:56 2014

Dojo 2 core promoted to Dojo organization repository

Hi everyone,

I’m happy to announce that the Dojo 2 core repository previously at
csnover/core has been promoted to the main Dojo organization at
dojo/dojo2. Please let me know if you have any questions. As time
permits, I will be fixing things up to:

* Enable CI service
* Add automatic periodic builds for anyone that wants to be able to take
and use AMD or CJS modules directly from the repository without compiling
* Pull in the final set of contribution and code quality guidelines
* Introduce proposals in the issue tracker on GitHub to firm up the
goals and direction of the repository

If you would like to start hacking away at this code please just create
a brief ticket in the issue tracker that describes what you’re doing so
everyone is able to keep track.

The code from this repository is currently published to npm using the
dojo <at> beta tag and is in use by the Leadfoot and Dig Dug components of
Intern.

Best,

-- 
Colin Snover
http://zetafleet.com

--

-- 
dojo-contributors mailing list
Colin Snover | 4 Dec 16:46 2014

New weekly meeting time

Hi everyone,

(Apologies for not getting this announcement out in time for this week!)

I’ve received survey results on new preferred times for the weekly Dojo Meeting. Starting next week, the new meeting time moving forward will be Tuesdays at 9am PT (12pm ET, 5pm GMT).

For anyone that is not familiar, the Dojo Meeting is a weekly meeting where members of the Dojo Toolkit and some other related Dojo Foundation projects meet to discuss status updates, discuss plans for future releases, and address any outstanding issues in real-time on IRC at #dojo-meeting on irc.freenode.net. All interested parties are welcome to join to listen in, ask questions, and offer constructive suggestions.

I hope to see you there!

Best,
-- Colin Snover http://zetafleet.com
--

-- 
dojo-contributors mailing list
Bill Keese | 3 Dec 01:07 2014

signing DOH robot JAR

The DOH robot jar's certificate has expired, and the instructions at https://github.com/dojo/util/blob/master/doh/robot/README#L32 didn't work for me.

But I tried just following the much simpler procedure listed at http://www.jade-cheng.com/uh/ta/signed-applet-tutorial/#creating-self-signed-applets and (after preliminary testing) it seems to work fairly well, even with the latest version of java and the latest versions of FF, IE, and Chrome.   For FF and IE11, it only gives security prompts initially, not on every test.   For chrome, it gives the prompts occasionally (perhaps when robot is run after non-robot tests?).  Seems at least as good as before.

I'm far from an expert on signing applets, so if anyone has any insight, let me know.  I know that getting a real signature (from Verisign etc.) is better than self signing, and Christophe said he would try to get a real signature.   For the meantime, I may check this in.  One downside is that it says it expires "within 6 months", so the procedure needs to be repeated often.  Probably there's a flag to adjust that.

Bill
--

-- 
dojo-contributors mailing list

Gmane