[Zope] Ruling from the bench regarding 'Hotfixes' :)

Brian Lloyd brian.lloyd@zope.com
Fri, 24 Aug 2001 13:59:40 -0400 

> The issue, is that people already expect HotFixes to be things you must
> apply. DC/ZC has been using HotFixes for Security Fixes that can not wait
> for  anew version. As a result, I have had several people come to
> me and ask
> just what all the problems are now, as people start seeing 'hotfixes', and
> automatically associating them with the ones from ZC/DC.
>
> As far as credibility, that is one of the issues. The dilution of the term
> HotFix, into various patches by third parties, causes a loss fo
> credibility
> to authentic HotFixes.

Hi all.

When we came up with the "hotfix" term, we chose it specifically
over other possibilities like "service pack" because it conveyed
the intended sense of urgency. We do not make "hotfix" releases
lightly, and they are almost always made to address a specific
security issue so that users aren't forced to upgrade the software
of a site immediately. So the official definition of a hotfix is
a product that fixes a (generally security-related) problem and
that we feel is imperative for Zope users to apply for security
reasons.

Things that do not have that purpose are not hotfixes and should
not be called hotfixes.

I have a feeling that the root of this is a jargon problem. The
approach of (ab)using Python's dynamism to insert or replace
functionality (which we generally refer to lovingly as a "monkey
patch") is something that is totally separate from the term
"hotfix". The fact that this is the approach often used in hotfixes
is irrelevant.

A product that happens to use the "monkey patch" approach to
change the behavior of some existing thing (that is not fixing
a specific security issue) is simply a product. A product is
simply a packaging of some functionality that people want,
whether that is functionality expressed in new kinds of objects
or by changing the functionality of existing objects.

Shane's Reload product is an example of a product that added
functionality to existing objects. It happened to take a "monkey
patch" approach but it is definitely not a "hotfix". The fact
that such a product will change the behavior of your existing
objects _is_ important to convey to users, but that should be
done through documentation, not by calling it a hotfix (which
does _not_ convey the right thing).



Brian Lloyd        brian@zope.com
Zope Corporation   www.zope.com