[serialization] boost 1.45. I did not find any information about serios flaw in 1.44

I am reporter of bug #4660 (https://svn.boost.org/trac/boost/ticket/4660). I am glad this bug was fixed in 1.45 version. But I did not find any information in release notes (http://www.boost.org/users/download/version_1_45_0) and in library documentation (http://www.boost.org/doc/libs/1_45_0/libs/serialization/doc/index.html) about what was fixed in 1.44 version. There are not any recommendations or comments about using version 1.44 with binary archives. I think that the absence of such information is very dangerous for the future of the serialization library, since this is a serious indicator of the quality of maintenance of the library. (I have no complaints about the quality of the library and its design) Should I reopen this bug, or open a new one, or this letter would be sufficient to restore order to the documentation of serialization library?

I am reporter of bug #4660 (https://svn.boost.org/trac/boost/ticket/4660). I am glad this bug was fixed in 1.45 version. But I did not find any information in release notes (http://www.boost.org/users/download/version_1_45_0) and in library documentation (http://www.boost.org/doc/libs/1_45_0/libs/serialization/doc/index.html) about what was fixed in 1.44 version. There are not any recommendations or comments about using version 1.44 with binary archives. I think that the absence of such information is very dangerous for the future of the serialization library, since this is a serious indicator of the quality of maintenance of the library. (I have no complaints about the quality of the library and its design) Should I reopen this bug, or open a new one, or this letter would be sufficient to restore order to the documentation of serialization library? I just read up on this issue and I agree with Sergey that users of or potential upgraders to 1.44 must be warned about this bug. This is particularly dangerous for users of system-distributed boost. At the very least, the "News" section on boost.org should mention serialization as updated (preferably with some kind of emphasis, like red text) and the release notes in both 1.44 and 1.45 should be amended as well (again, with emphasis). And I didn't actually look at the code fix, but was it done in a way that both <1.44 and 1.44 archive compatibility was
On 11/21/2010 11:25 PM, Sergey Voropaev wrote: maintained? I.e. check one byte to see if it's 6, if not read the next byte (which will break at version 1537 if I'm thinking straight). By that time the hack can be removed since anybody still using 1.44 can safely be slapped. ;) -Matt

Sergey Voropaev wrote:
I am reporter of bug #4660 (https://svn.boost.org/trac/boost/ticket/4660). I am glad this bug was fixed in 1.45 version. But I did not find any information in release notes (http://www.boost.org/users/download/version_1_45_0) and in library documentation (http://www.boost.org/doc/libs/1_45_0/libs/serialization/doc/index.html) about what was fixed in 1.44 version. There are not any recommendations or comments about using version 1.44 with binary archives. I think that the absence of such information is very dangerous for the future of the serialization library, since this is a serious indicator of the quality of maintenance of the library. (I have no complaints about the quality of the library and its design) Should I reopen this bug, or open a new one, or this letter would be sufficient to restore order to the documentation of serialization library?
I'll add some information to the documentation. Robert Ramey

On 22 November 2010 17:31, Robert Ramey <ramey@rrsd.com> wrote:
I'll add some information to the documentation.
If we're having a point release, can you include it in that? We can add something to the release notes if you want, they can still be changed after a release. Daniel

Robert Ramey <ramey <at> rrsd.com> writes:
Sergey Voropaev wrote:
I am reporter of bug #4660 (https://svn.boost.org/trac/boost/ticket/4660). I am glad this bug was fixed in 1.45 version. But I did not find any information in release notes (http://www.boost.org/users/download/version_1_45_0) and in library documentation (http://www.boost.org/doc/libs/1_45_0/libs/serialization/doc/index.html) about what was fixed in 1.44 version. There are not any recommendations or comments about using version 1.44 with binary archives. I think that the absence of such information is very dangerous for the future of the serialization library, since this is a serious indicator of the quality of maintenance of the library. (I have no complaints about the quality of the library and its design) Should I reopen this bug, or open a new one, or this letter would be sufficient to restore order to the documentation of serialization library?
I'll add some information to the documentation.
Robert Ramey
There are some reports (HTTPS://svn.boost.org/trac/boost/ticket/4660) about the lack of information and misunderstanding of the status of this bug in version 1.45. So I decided to reopen this bug. Sergey Voropaev P.S I think it is common problem for boost, but not only serialization library. We have good quality and good design library (any library from boost). This library is quite popular and many people use it. But the author is now engaged in other projects and did not have the time to support the library. It is very likely and expected on a time scale of 10 years. But so many people around the world use this code and depend on it... I do not know the solution to this problem.
participants (4)
-
Daniel James
-
Matt Chambers
-
Robert Ramey
-
Sergey Voropaev