Google is shutting down Google Code on January 25th, 2016.
We have several whitelisted libraries that either only exist or also exist on Google Code. Any distribution using Google to pull in 3rd party code will fail to make.
These existed only on Google Code. There are no longer whitelist entries for them:
- Google Code Prettify - Apache 2.0-should not have been whitelisted.
- Fancybox jQuery - deprecated, replaced by http://fancyapps.com/fancybox/3/
- IE7-js - deprecated
If you use any of those in your distro, you probably should stop using it.
These was on Google Code, but also available from another repo. The whitelist entries still exist:
- css3-mediaqueries.js
- DOMPDF
- Flot
- jQuery autopager
- jQuery ScrollTo
- JQuery UI
- JSONPath
- Quail Library
- SIMILE Timeline
- Solr PHP Client
- SpyC
- swfobject
We have not approved any new whitelist requests for Google Code since the shutdown (obviously).
Question:
Should the LWG review the existing entries that only include Google Code and add an additional repo if one is available; or:
Should the LWG wait for someone to request an update? (But that can cause a delay in a distribution being able to package a security update)
Solution
- The LWG will wait for someone to request an update.
- The bogus entries need to be removed from the whitelist.
Remaining tasks
None.
Comments
Comment #1
gisleGoogle code is gone so it too late to make plans. We still may have to deal with it. Changing title.
Also updated issue summary to make clear what is to be decided.
IMHO, there is nobody around to review the existing entries that only include Google Code to add an additional repo (if one is available).
The only realistic option is to wait for someone to request an update.
There hasn't been a lot of engagement in this, so I moving to "Fixed".
Anyone objecting have two weeks to reopen before is is automatically closed.
Comment #2
gisleReopening. We need to remove the bogus entries from the whitelist.
Comment #3
gisleComment #5
mglamanThis broke Commerce Kickstart, without notice or checking if any distributions still used the URLs. It would be great if this was checked next time, instead of leaving maintainers in a bind.
Comment #6
greggles@mglaman what library is the problem and what would be a good solution? Happy to do what I can to help.
Comment #7
mglamanThe problem is
I'll see if we can remove. I think it is required by the Omega theme.
Comment #8
mglamandon't bother fixing the URL. The library used to be loaded in
commerce_kickstart_theme_preprocess_html
but someone removed its drupal_add_library from there. So the library existed for no reason.Comment #9
gregglesWell, good to be able to get rid of some cruft even if the way you learned of it was not ideal ;)
Comment #10
gisleI am not aware of any way a whitelist maintainer can check whether any distributions still use a particular URL without going through all of them. IMHO, that is a too time-consuming exercise for unpaid work. AFAIK, I am currently the sole active maintainer of whitelist.
If someone can point to a rational way to check, I will of course do it the next time a particular whitelisted URL cease to exist.
I will also point out that the URL that is complained about has never been whitelisted:
https://storage.googleapis.com/google-code-archive-downloads/v2/code.goo...(beta4).zip
The whitelisted API that was removed started with something like this:
http://ie7-js.googlecode.com/