FileSender space on Assembla phased out

Since we started FileSender back in 2009 we’ve used the Assembla platform to host all important data for the project in a central place: documentation, tickets, files, source code.

As of today the FileSender project space on assembla.com no longer exists. All existing data (wiki, tickets) has been captured and made available (read-only) on Github in a separate repository: https://github.com/filesender/assembla-export

We believe the data that still was on the Assembla space all pertained to version 1.x releases, which we are no longer maintaining. We will keep the old data on Github for historical reference. If there is anything you’re missing from the old Assembla space, please let us know on filesender-dev@filesender.org. If you believe it needs to be put on the current docs.filesender.org website, the fastest way forward is to create a markdown (.md) file with the content and submit it as a pull request.

Why the Assembla phase-out?

Those of you following the FileSender programme know we have been moving away from Assembla for quite some time. We moved the code from Assembla’s SVN to Github in September 2016. We then moved all version 2.0 documentation and the main project landing page to Github and publish both through github.io. s well and publish it through github.io on docs.filesender.org. and www.filesender.org. Last but not least we have been using the Github issue tracker for all v2.0 development since we moved the code.

Until recently there was no cost associated with keeping the old Assembla project space alive. Assembla changed this in August this year when they introduced their new subscription model where free spaces for open source projects were no longer an option. When this happened we decided to fast-track the shut down of our Assembla space. It served us well but it’s now time to move on.

Announcing Filesender 2.0 beta 1

The Filesender team is pleased to announce the release of Filesender 2.0 beta 1.  We welcome feedback from the community via github or on the Filesender mailing lists.

Version 2.0 is a new baseline release support the Filesender Roadmap, as recently announced at TNC17.  This latest work has been made possible by contributions received through the Filesender Programme in the Commons Conservancy – with specific thanks to HEAnet.

All details of the new release can be found on the Filesender github repository.

What’s New?

Much of the code base was rewritten, a new database design adopted, many configuration directives have been added and existing directives changed.

There is now support for secondary indexes in both database backends. There is also initial movement to greater resilience to 4 byte character encodings and index implementations in MySQL implementations.

Guest implementation has been tested. Specifically how the UI presents itself given various default options in the configuration and situations that are confusing or do not allow the guest to easily progress have been addressed.

The about and help text are now pages instead of dialogs in the web UI. There is also a new provision for sites to present custom content for these pages in specific languages where FileSender updates will not override that content.

Filesender Future Directions at TNC17 BoF

Thanks to all of of you that joined the Filesender Board for the BoF at TNC this year.   The slides presented by Jan are available and we appreciate on-going feedback.   20 organisations were represented at the meeting with a range of involvement in Filesender – from those with an initial interest in deploying Filesender to organisations that have been using the software in production for a number of years.

The Filesender Board (Jan Meijer, Guido Aben, Nicole Harris and Rogier Spoor) gave an update on the current status of Filesender 2.0 and presented the future Filesender roadmap for the first time.  These are the main areas that have been identified as useful for the community, but delivery of features will be determined by funding that the project can attract and priorities for funding organisations.

Questions from the room revolved around Filesender 2.0 and the desire to have this available – now please!  Due to the success of moving to the Commons Conservancy, Filesender has recently been able to hire a new developer and work is underway to release 2.0 as soon as possible. You can keep an eye on our commits on github to see the work as it happens.  A lot of the features requested in the room – theming, crypto, more control of notifications, email bounce handling, multi-file transfer – are on the feature list for Filesender 2.0.

The audience was interested in the work of the Commons Conservancy, not only as a mechanism to donate to Filesender but as a future home for other software projects. The MoU signed between GÉANT, NLnet and the Commons Conservancy is designed to recognise this growing need in our community and provide support for projects that wish to make the move to a more sustainable framework.  the GÉANT Greenhouse SIG provides opportunities for projects to prepare for such a move, as well as being a forum for discussion on all issues around NREN use of open source.

Finally, Filesender can only continue to grow with your contributions.  If you use Filesender, want to use Filesender or want the project to improve so that it has the features you need please do visit the Commons Conservancy website and donate!  If you have any questions, please reach out to the Filesender team.

 

Join the Filesender team @TNC17

Filesender will be at TNC17 in Linz and welcomes you to join us for a BoF on Tuesday evening from 18:00 – 19:00.

This Birds of a Feather session offers an excellent opportunity to meet others working with or interested in FileSender and to meet some of the people behind the project. All the members of the Filesender Board will be in the room and ready to answer your questions.

Agenda

  1. Round room introductions, who are you, why are you interested in Filesender?
  2. Update on the current and upcoming Filesender releases.
  3. Update on the Filesender development roadmap.
  4. Update on Filesender @ Commons Conservancy and how to donate.
  5. Discussion.

Please let us know if you will be attending by registering for the session.  You might also like to attend the Open Source Collaboration session during TNC, where the Commons Conservancy will be discussed in more detail.

Alpha, beta, release candidate and production releases

We haven’t really made a line-in-the-sand release announcement of version 2.0-alpha. This was partly because we didn’t really have a good definition of what we mean by an alpha release and how it’s different from a beta release. This post is intended to clarify this and to ensure that our community has the right expectations of our various releases. The related pages at www.filesender.org will be updated shortly. We would appreciate community feedback on this blog post: please let us know whether our definitions match your expectations via the filesender-dev mailing list.

A release goes from “a bucket of code”, through “alpha”, “beta” and “release candidate”, to production “release”.

Characteristics of a FileSender alpha:

  • Draws a line-in-the-sand from where development will move from “adding to a bucket of code” towards “getting code and documentation to a production release state”.
  • Has adequate installation documentation but may require more installation and configuration effort from a system administrator than a production release will.
  • Has not undergone structured client-side workflow testing.
  • Must be assumed to have unknown issues.
  • The feature list is mostly stable but can change.
  • Documentation is typically incomplete.
  • Has been through some basic tests by developers: usually this means automated unit tests on software components, and verification by the developer and verification on an independent installation installed from Subversion (SVN) that at least the most basic functionality (uploading and downloading of a file) proceeds as intended with at least one browser.
  • Is released through SVN. We want the community to be able to update their alpha release based installation as soon as new code is available and without too much hassle. Inserting a packaging step before releasing alpha versions would delay and further complicate the alpha release procedure.
  • Release announcement includes the SVN branch name and revision number – it is that specific SVN checkout that is considered to be the specific alpha release.
  • There can be multiple alpha releases. They will be labelled alpha-1, alpha-2 etc..

Characteristics of a FileSender beta:

  • Has undergone some structured client-side workflow testing.
  • Should be easy to install and the tested features should simply work.
  • Feature list is being stabilised. This implies a new-feature freeze when releasing the first beta. It also implies a documented understanding of the feature list by the last beta release.
  • A summary of structured client-side workflow tests conducted per beta release typically indicates which features have been tested and with which browser(s).
  • You should not encounter unknown issues in tested features. Note that not all features may be tested for a particular beta release.
  • Is at a minimum released as a tarball.
  • There can be multiple beta releases. They will be labelled beta-1, beta-2 etc..

Release candidate:

  • At some point in the release cycle, the list of all features that we wish to ship in a functional state should be documented and collectively present in one single beta release. After that particular beta has undergone structured client-side workflow testing and been released, and has also proven itself stable in field testing, this beta release can become a release candidate.
  • This is the release where we are confident that we have identified the important known issues and that there are no show-stopping issues.
  • Small bug fixes since the last beta release can be added to the release candidate.
  • Is at a minimum released as a tarball.
  • After release will be field-tested on at least two FileSender release candidate test sites:
    • Production sites with at least X transfers by X unique users per day.
    • The sites run with well-known configurations making what are considered standard features available to their user bases.

Release:

  • Once a release candidate has been running production traffic with live users for at least two weeks on at least two release candidate test sites and shown no significant issues impairing service for the users, it can become the production (major) release.
  • There are no code, database or configuration file changes between a release candidate and a release.
  • Is at a minimum released as a tarball.
  • At some point(s) prior to a production (major) release, the code has been subjected to at least one external code security audit.

 

The following pages will be updated as part of this policy clarification:

We would appreciate community feedback on this blog post: please let us know whether our definitions match your expectations via the filesender-dev mailing list.

FileSender 1.6.1 released!

We’re happy to announce that FileSender 1.6.1 is now available for download and in the FileSender package repositories.

This is a bugfix release correcting the Safari 9.0.x upload problem and a XSS-vulnerability in the admin page. It is recommended to update as soon as possible.

Changes since 1.6

  • Fix: upload problem with Safari 9.0.x (#1217)
  • Change: new HEAnet and UNINETT logo (#1218)
  • Security: escape PHP_SELF variable in admin page (#1240)

Download details

Documentation

https://www.assembla.com/spaces/file_sender/wiki/Documentation_v1-6

Upgrading from a previous (major) release

If you are upgrading from a previous (major) release be sure to read the important installation and upgrade notes:

 https://www.assembla.com/wiki/show/file_sender/Upgrade_notes

Feedback

Please use the filesender-dev mailinglist for feedback, bug reports and comments

 

 

 

Update status FileSender 2.0, end of March

A short update on where we are with version 2.0.

I guess the most important to mention is the 2nd security audit is done.  I haven’t seen the report yet but our lead developer Etienne has.  Three small issues were found, all without an active attack vector.  My conclusion so far is the 2.0 code is secure.  The report will find its way to my inbox in the next weeks after which we’ll publish a similar response document as we did for the 1st security audit.

We’ve also been fixing various bugs, simplifying code and in general making things more robust.  Right now Etienne is looking into making the uploads more robust without resorting to hashing for file integrity protection.  The latter is too slow given currently available functionality in browsers so we need to settle for next-best: be able to detect exactly which chunks we did and did not receive.  Sounds like TCP all over again doesn’t it 😉

With its required security audit almost out of the way the French NREN Renater plans to launch its public beta based on version 2.0 next week.  After some weeks of public beta the plan is to move their production site to version 2.0.  From the project’s point of view this means field testing will start 🙂

Before the project can release a beta we first need to get quite a number of things out of the way.  Client-side testing, documentation, defining an upgrade path from 1.6 to 2.0, robust installation etc.

Are you curious to see what’s in version 2.0?  Interested in trying it out?

Do you want the 2.0 release to progress faster?  Help out with documenting!  Send me an email on jan dot meijer at uninett dot no.