Thread

Last week’s build release, 20100805, introduced a bug that in some circumstances could result in guests being recognized as a logged in member.  We were able to identify and correct it quickly, and no database changes are involved.  For that reason, we’ve included this as a simple build update rather than incrementing the version.  If you downloaded and installed ExpressionEngine 2.1.0 between Friday the 6th and the morning of Tuesday the 10th, you should re-download and follow the simple build update instructions which will patch your system.

Never even heard of the 20100805 update - shouldn’t there be a notification in the EE control panel for updates like this? Or do we just need to keep checking the blog? So if I didn’t update to the 20100805 build, can I go straight to the 20100810 one?

Also, if I have an installation still running 20100430 - can I upgrade straight to the 20100810 one?

Sorry if these are stupid questions 😊

Hi, Dave -

We delay the CP notifications for a few days.  You can subscribe by RSS to the builds forum, or just wait for the CP notifications. 

Yes, you can go straight to 20100810.  =)  Not stupid questions at all!

Build (minor) updates actually do not have CP notifications, only version upgrades will prompt an alert.  For that reason, security releases are almost always version upgrades.  In this case though, less than 4 full days had transpired between one being available and the download being fixed.  Had this bug been in 2.1.0 for more than 4 days, we would have incremented the version.  But as it was, we looked at the number of downloads and concluded that a build update was sufficient.

Hey Derek,

I noticed that EE suddenly started displaying errors for deprecated Active Record functions like getwhere vs get_where and orderby vs order_by in the latest release (could have been the version previous though, I’m not sure).

I’ve just learned that they were depricated from CI back in January 30 2008 (Version 1.6.0). I’m confused because these functions worked fine in EE up until the latest couple of builds and the CI library I’m using had several instances of those two functions throughout that I didn’t know were there.

I guess its my own fault for not going through each function in the CI library, but would have been nice to have a CI update flagged if that is indeed what happened.

thanks

Iain

That deprecation notice was given to the CodeIgniter community simultaneous to CI 1.6.0’s release, and the current documentation is clear as well.  Two and a half years is enough advance notice to make those changes, no?

Ok, I’ll try and explain a little better…

Every time a new version of EE comes out, I immediately check the change log for anything that looks like it’ll break any software I’ve written.

In the last 2 releases, there has been northing in the change log to suggest any concern. I’m just surprised, when folks are emailing saying something that was depricated 2years ago has been working, and now isn’t.

Something related to inner workings changed, and it wasn’t documented Derek. That’s all I’m saying.

If you don’t deem it to be change log worthy, then so be it.

Fair enough, Iain, I thought you meant that it wasn’t enough notice to change over to the new methods.

The changes are logged, but CI changes do not belong in EE’s change log.  However, what would be simple for us and helpful for you is that in EE’s change log, we can point to what revision of CI that EE is shipping with, and you can look at the corresponding linked change log at BitBucket or the User Guide, as appropriate.

Thanks Derek, that would be helpful.

Much appreciated.

Why is your version numbering so needlessly obfuscated? What is achieved by calling it something like “2.1.0 Build 20100810 Security Update” it just makes it harder to see whether or not I have the latest version in “My Purchases”. For instance mine says the current version is 20100810 which is manifestly untrue if it now includes this update. If it doesn’t then you are letting me download a faulty version, which is insane.

How about doing what everybody else does and just have versions 2.1.0, 2.1.1, 2.1.2 and so on. That way downloads all have different names and it is trivial to see at a glance whether or not you have the latest version. Any change, any rebuild for any reason, just increment the final part of the version number.

We do have point releases, eduqate, and those are updates that require an update script.  Build updates are much simpler as they only replace files; no database changes occur in build updates.

For instance mine says the current version is 20100810 which is manifestly untrue if it now includes this update.

That is the current version, and the version you have access to download, how is this untrue?

Any change, any rebuild for any reason, just increment the final part of the version number.

I appreciate your feedback, and we’re not opposed to giving that consideration.  But for some explanation: ExpressionEngine has for years operated that version number increments represent larger changes to the software, including changes to the database.  Build updates are primarily for bug fixes for the current version.  This has made choosing when to upgrade simpler for many of our users which is why we have kept that nomenclature for so long.

You do have an (optional) minor version number which you increment, you just call it a build date and don’t make it part of the version number or part of the filename.

This means I have to remember not only what version of EE I use but when I last downloaded it. How is this easier than incrementing the final part of a version number?

To me a product has different versions when different downloads have different contents. The filename should reflect the version so that downloads of different versions can exist in parallel and be distinguished.

Otherwise e.g. some download managers will tell you you already have the file when you try to download it despite it being a different file with different contents or worse will overwrite a known working version by a new untried version without warning.

My preference is for 2.1.0, 2.1.1 etc. Using 2.1.0-20100810 is equivalent but more difficult to read at a glance.

What I need in summary is for some way in which multiple downloaded versions can coexist without any renaming effort by myself. I also want a instant way to tell if the version I have is current or not. For me the current scheme fails on both points.

I also want a instant way to tell if the version I have is current or not.

The version and build number can be found at the bottom of any control panel page.  You would want to trust what that says vs. any file naming that you are using for archived zips, since that is what is actually represented by your installation.

Thanks for the other feedback, eduqate, I appreciate what you’re saying.