.. and probably many others


You cannot download releases of distributions that fit into these use cases:
1) have at least one sub module that is marked as 'not secure' / 'needs updating'
2) is an 'other' release

Steps To Reproduce

Visit a distributions project page
Cannot download a 7.x recommended release

Annotated Screenshot(s)

PS, for some reason, commerce_kickstart does not link their modules in either the current d.o or the new one. Not sure why that is...


eliza411’s picture

Status:Active» Needs review

There might be an issue about this somewhere, but I can't locate it and I am able to see this, too.

drumm’s picture

Project:[Archive] Drupal.org D7 upgrade QA» Project
Version:» 7.x-2.x-dev
Component:Miscellaneous» Packages
Assigned:Unassigned» drumm
Status:Needs review» Active
drumm’s picture

Issue tags:+Drupal.org 7.1

There are a couple places project_package.module is using the old project_release_nodes table.

japerry’s picture

Left is the new 7.x site, Right is the old 6.x site.

drumm’s picture

Status:Active» Fixed

http://drupalcode.org/project/project.git/commit/dd382f1 fixes the view in the second screenshot. The relationship for the status column was configured incorrectly. I believe the D6 bug incorrectly marking things as security releases has been fixed. Re-saving the releases of Apache Solr Search, Features, etc snaps their status back into place.

http://drupalcode.org/project/project.git/commit/f2de556 fixes the calculation of distribution update status. It removes the last remnants of the project_release_nodes table and introduces an alter hook so project_package doesn't have to compete in the hook_node_update race. This will take a rebuild of git7site to get back into place.

tvn’s picture

Issue summary:View changes
Status:Fixed» Needs work

This is present on production now.

tvn’s picture

drumm’s picture

This is partially leftover bad data from D6. I re-saved the releases marked as not secure in the table at https://drupal.org/node/2114375, and now they are back to "Update available".

wadmiraal’s picture

Any news on this ? We're trying to switch our business from a service-provider (as a Drupal shop) to a product "publisher", which is a Drupal distribution (https://drupal.org/project/opigno_lms). Needless to say this bug is very bad for us :-(. It's crucial that people get to use it while we're in the "new and shiny" phase. If they think there's no production-ready release available, they will stick to Moodle and others...

tvn’s picture

drumm’s picture

japerry’s picture

Status:Fixed» Needs work

Both openatrium and cod 6.x distributions are still not showing as recommended releases. We shouldn't mark this as fixed until #2137095: Should supported releases be shown on downloads table even if it contains insecure modules? If so, how? is resolved.

drumm’s picture

Status:Needs work» Fixed

I believe #2137095: Should supported releases be shown on downloads table even if it contains insecure modules? If so, how? is the only remaining problem here. Let's keep the discussion there.

Some distros packaged before the D7 upgrade will have contents incorrectly listed as insecure, which is fixed by saving the release marked as insecure. This is leftover bad data from D6 bugs. I haven't seen this specific problem on a newly-packaged release.

Status:Fixed» Closed (fixed)

Automatically closed - issue fixed for 2 weeks with no activity.