Alpha, beta, release candidate and production releases

We haven’t really made a line-in-the-sand release announcement of version 2.0-alpha. This was partly because we didn’t really have a good definition of what we mean by an alpha release and how it’s different from a beta release. This post is intended to clarify this and to ensure that our community has the right expectations of our various releases. The related pages at www.filesender.org will be updated shortly. We would appreciate community feedback on this blog post: please let us know whether our definitions match your expectations via the filesender-dev mailing list.

A release goes from “a bucket of code”, through “alpha”, “beta” and “release candidate”, to production “release”.

Characteristics of a FileSender alpha:

  • Draws a line-in-the-sand from where development will move from “adding to a bucket of code” towards “getting code and documentation to a production release state”.
  • Has adequate installation documentation but may require more installation and configuration effort from a system administrator than a production release will.
  • Has not undergone structured client-side workflow testing.
  • Must be assumed to have unknown issues.
  • The feature list is mostly stable but can change.
  • Documentation is typically incomplete.
  • Has been through some basic tests by developers: usually this means automated unit tests on software components, and verification by the developer and verification on an independent installation installed from Subversion (SVN) that at least the most basic functionality (uploading and downloading of a file) proceeds as intended with at least one browser.
  • Is released through SVN. We want the community to be able to update their alpha release based installation as soon as new code is available and without too much hassle. Inserting a packaging step before releasing alpha versions would delay and further complicate the alpha release procedure.
  • Release announcement includes the SVN branch name and revision number – it is that specific SVN checkout that is considered to be the specific alpha release.
  • There can be multiple alpha releases. They will be labelled alpha-1, alpha-2 etc..

Characteristics of a FileSender beta:

  • Has undergone some structured client-side workflow testing.
  • Should be easy to install and the tested features should simply work.
  • Feature list is being stabilised. This implies a new-feature freeze when releasing the first beta. It also implies a documented understanding of the feature list by the last beta release.
  • A summary of structured client-side workflow tests conducted per beta release typically indicates which features have been tested and with which browser(s).
  • You should not encounter unknown issues in tested features. Note that not all features may be tested for a particular beta release.
  • Is at a minimum released as a tarball.
  • There can be multiple beta releases. They will be labelled beta-1, beta-2 etc..

Release candidate:

  • At some point in the release cycle, the list of all features that we wish to ship in a functional state should be documented and collectively present in one single beta release. After that particular beta has undergone structured client-side workflow testing and been released, and has also proven itself stable in field testing, this beta release can become a release candidate.
  • This is the release where we are confident that we have identified the important known issues and that there are no show-stopping issues.
  • Small bug fixes since the last beta release can be added to the release candidate.
  • Is at a minimum released as a tarball.
  • After release will be field-tested on at least two FileSender release candidate test sites:
    • Production sites with at least X transfers by X unique users per day.
    • The sites run with well-known configurations making what are considered standard features available to their user bases.

Release:

  • Once a release candidate has been running production traffic with live users for at least two weeks on at least two release candidate test sites and shown no significant issues impairing service for the users, it can become the production (major) release.
  • There are no code, database or configuration file changes between a release candidate and a release.
  • Is at a minimum released as a tarball.
  • At some point(s) prior to a production (major) release, the code has been subjected to at least one external code security audit.

 

The following pages will be updated as part of this policy clarification:

We would appreciate community feedback on this blog post: please let us know whether our definitions match your expectations via the filesender-dev mailing list.

FileSender 1.6.1 released!

We’re happy to announce that FileSender 1.6.1 is now available for download and in the FileSender package repositories.

This is a bugfix release correcting the Safari 9.0.x upload problem and a XSS-vulnerability in the admin page. It is recommended to update as soon as possible.

Changes since 1.6

  • Fix: upload problem with Safari 9.0.x (#1217)
  • Change: new HEAnet and UNINETT logo (#1218)
  • Security: escape PHP_SELF variable in admin page (#1240)

Download details

Documentation

https://www.assembla.com/spaces/file_sender/wiki/Documentation_v1-6

Upgrading from a previous (major) release

If you are upgrading from a previous (major) release be sure to read the important installation and upgrade notes:

 https://www.assembla.com/wiki/show/file_sender/Upgrade_notes

Feedback

Please use the filesender-dev mailinglist for feedback, bug reports and comments

 

 

 

Update status FileSender 2.0, end of March

A short update on where we are with version 2.0.

I guess the most important to mention is the 2nd security audit is done.  I haven’t seen the report yet but our lead developer Etienne has.  Three small issues were found, all without an active attack vector.  My conclusion so far is the 2.0 code is secure.  The report will find its way to my inbox in the next weeks after which we’ll publish a similar response document as we did for the 1st security audit.

We’ve also been fixing various bugs, simplifying code and in general making things more robust.  Right now Etienne is looking into making the uploads more robust without resorting to hashing for file integrity protection.  The latter is too slow given currently available functionality in browsers so we need to settle for next-best: be able to detect exactly which chunks we did and did not receive.  Sounds like TCP all over again doesn’t it😉

With its required security audit almost out of the way the French NREN Renater plans to launch its public beta based on version 2.0 next week.  After some weeks of public beta the plan is to move their production site to version 2.0.  From the project’s point of view this means field testing will start🙂

Before the project can release a beta we first need to get quite a number of things out of the way.  Client-side testing, documentation, defining an upgrade path from 1.6 to 2.0, robust installation etc.

Are you curious to see what’s in version 2.0?  Interested in trying it out?

Do you want the 2.0 release to progress faster?  Help out with documenting!  Send me an email on jan dot meijer at uninett dot no.

FileSender BoF at TNC 2015!

Are you planning to attend this year’s TERENA conference (TNC 2015)?  Then don’t miss out on the FileSender BoF!  This birds of a feather session offers an excellent opportunity to meet others working with or interested in FileSender and to meet some of the people behind the project.

What we discuss during the BoF depends largly on you, the participants, and the questions you have.  We’ll at the very least go through the current development status and roadmap.  For those new to FileSender we can easily throw in background information about the project and the software.

From the FileSender project both myself and Guido Aben will be present to answer all your FileSender questions and take in your feedback. If there is anything you’d like us to address please drop me an email at jan.meijer@uninett.no.

The FileSender BoF is scheduled for Tuesday 16 June, 19:15 – 20:30.  If you plan to attend the BoF, please register using the link below.

BoF registration: https://eventr.terena.org/events/2136

BoF information: https://tnc15.terena.org/core/event/10

Status FileSender 2.0, March 2015

A brief update on where we are with version 2.0.

The 1st security audit has been executed and the results were good.  No structural security issues were found.  All but one of the issues that were identified have been addressed.  The remaining issue is not difficult but requires some further investigtion to get it right.  For details read the blog article about the 1st security audit

The 2nd security audit is underway and a report is expected some weeks from now.

In addition to the work on the security audit results we’ve been testing and trying which again lead to discovering and fixing a number of smaller bugs.  Documentation is not progresing as fast as we’d like and it’s that lack of documentation which is keeping us from releasing an alpha tarball.

We’re working on planning the client-side workflow testing but it’s too early to be able to say anything useful about when this is expected to start.

Meanwhile both RENATER and UNINETT are planning to offer a “FileSender 2.0 beta service” to their users based on the current 2.0 code base, in the next couple of months.  That would be the start of larger scale field testing of version 2.0.

Are you curious to see what’s in version 2.0?  Interested in trying it out?

Do you want the 2.0 release to progress faster?  Help out with documenting!  Send me an email on jan dot meijer at uninett dot no.

Results 1st security audit of FileSender 2.0

FileSender software is entrusted with user’s files and hence needs to be secure.  To ensure an adequate level of security is achieved each major release of FileSender is subject to at least one code security audit.  While we don’t expect FileSender to hold out against a determined state-funded attacker we do expect the software to follow all publicly known security best current practices and have no “oops” security holes.

Using funding provided by HEAnet the FileSender project hired Pine Digital Security to execute a code security audit of the FileSender 2.0 development code.  The audit was executed on revision 3390 of the SVN branche branches/filesender-2.0 and done in the timeframe 12 January 2015 – 3 February 2015.  Pine sent the report with its findings on 3 February 2015.  The report was discussed on 4 February in a meeting between Jan Meijer (FileSender project lead), Etienne Meleard (FileSender development lead) and in a conference call between the two aforementioned and Daan Keuper from Pine Digital Security.

Based on these discussions an assessment was made of each of the identified issues and the appropriate response from the project decided.  The general impression was that the code improved significantly compared with version 1.6.  No structural security issues were found.

A total of 10 issues were identified.  Two of these were of type “oops” and were fixed without discussion.  Five were of type “defence in depth” and have been addressed.  Two items identified as a vulnerability are considered by the project as a feature. The last item considers insufficiently secure random number generation which is an issue for download URL protection.  This has been addressed.

We’ve documented the issues found, our assessment and response as well as our follow-up including ticket numbers.  You find all details in this document:

FileSender project’s response to the 1st security audit of FileSender 2.0

As I write this, a second and more extensive security audit funded by RENATER and executed by French security firm Amossys. This audit is expected to report at the end of March.  As part of the contract, any significant findings would be reported promptly.  After 2 weeks of audit no significant findings have been reported.

Are you curious to see what’s in version 2.0?  Interested in trying it out?

Do you want the 2.0 release to progress faster?  Help out with documenting!  Send me an email on jan dot meijer at uninett dot no.

filesender.org (Assembla) down 24 Febraury 2015

The FileSender project uses the Assembla project hosting service to host its documentation, code and tickets.  Assembla was down for 10 hours on 24 February 2015 and as a consequence both www.filesender.org and it’s redirection target https://www.assembla.com/spaces/file_sender/ were unavailable.

Assembla has published an outage report:

“for about 10 hours starting at 03:15 UTC on 24 February.  All services are restored with no data loss. – See more at http://blog.assembla.com/assembla-was-down-here-is-the-explanation

New systems do generate new problems, but sometimes also old and well-known problems😉