[gentoo-dev] News Item: GnuCash 2.7+ Breaking Change

[gentoo-dev] News Item: GnuCash 2.7+ Breaking Change

[Aaron W. Swenson]

[-- Attachment #1.1: Type: text/plain, Size: 911 bytes --]

Please review.

Title: GnuCash 2.7+ Breaking Change
Author: Aaron W. Swenson <titanofold@gentoo.org>
Posted: 2018-01-11
Revision: 1
News-Item-Format: 2.0
Display-If-Installed: >=app-office/gnucash-2.7.0

Along with changes to updates to use modern libraries, GnuCash 2.7+ has
changed the schema [1] it uses for both databases and files.

It is imperative that you back up any files or databases that GnuCash
uses in case you run into an issue with 2.7+ and want or need to revert
back to 2.6.

Instructions for backing up are as follows:

For XML (plain files):
$ cp /path/to/file.gnucash /path/to/file.gnucash.bak

For MySQL:
$ mysqldump gnucash_db | mysql gnucash_db_bak

For PostgreSQL:
$ createdb -U dbadmin -T gnucash_db -O gnucash_user gnucash_db_bak

For SQLite:
cp /path/to/gnucash/sqlite.file.gnucash /path/to/gnucash/sqlite.file.gnucash.bak

[1] https://github.com/Gnucash/gnucash/releases/tag/2.7.0a

[-- Attachment #1.2: 2018-01-08-GnuCash-Breaking-Change.en.txt --]
[-- Type: text/plain, Size: 895 bytes --]

Title: GnuCash 2.7+ Breaking Change
Author: Aaron W. Swenson <titanofold@gentoo.org>
Posted: 2018-01-11
Revision: 1
News-Item-Format: 2.0
Display-If-Installed: >=app-office/gnucash-2.7.0

Along with changes to updates to use modern libraries, GnuCash 2.7+ has
changed the schema [1] it uses for both databases and files.

It is imperative that you back up any files or databases that GnuCash
uses in case you run into an issue with 2.7+ and want or need to revert
back to 2.6.

Instructions for backing up are as follows:

For XML (plain files):
$ cp /path/to/file.gnucash /path/to/file.gnucash.bak

For MySQL:
$ mysqldump gnucash_db | mysql gnucash_db_bak

For PostgreSQL:
$ createdb -U dbadmin -T gnucash_db -O gnucash_user gnucash_db_bak

For SQLite:
cp /path/to/gnucash/sqlite.file.gnucash /path/to/gnucash/sqlite.file.gnucash.bak

[1] https://github.com/Gnucash/gnucash/releases/tag/2.7.0a

[-- Attachment #2: Digital signature --]
[-- Type: application/pgp-signature, Size: 376 bytes --]

Re: [gentoo-dev] News Item: GnuCash 2.7+ Breaking Change

[Kristian Fiskerstrand]

[-- Attachment #1.1: Type: text/plain, Size: 518 bytes --]

On 01/10/2018 07:31 PM, Aaron W. Swenson wrote:
> It is imperative that you back up any files or databases that GnuCash
> uses in case you run into an issue with 2.7+ and want or need to revert
> back to 2.6.

This seems to imply that upgrading from 2.6 to 2.7+ does not require any
changes / auto-upgrades schema, maybe it should be stated explicitly
early on?

-- 
Kristian Fiskerstrand
OpenPGP keyblock reachable at hkp://pool.sks-keyservers.net
fpr:94CB AFDD 3034 5109 5618 35AA 0B7F 8B60 E3ED FAE3


[-- Attachment #2: OpenPGP digital signature --]
[-- Type: application/pgp-signature, Size: 488 bytes --]

Re: [gentoo-dev] News Item: GnuCash 2.7+ Breaking Change

[Aaron W. Swenson]

[-- Attachment #1: Type: text/plain, Size: 478 bytes --]

On 2018-01-10 19:33, Kristian Fiskerstrand wrote:
> On 01/10/2018 07:31 PM, Aaron W. Swenson wrote:
> > It is imperative that you back up any files or databases that GnuCash
> > uses in case you run into an issue with 2.7+ and want or need to revert
> > back to 2.6.
> 
> This seems to imply that upgrading from 2.6 to 2.7+ does not require any
> changes / auto-upgrades schema, maybe it should be stated explicitly
> early on?

Good point. Added explicit statement.

[-- Attachment #2: Digital signature --]
[-- Type: application/pgp-signature, Size: 376 bytes --]

Re: [gentoo-dev] News Item: GnuCash 2.7+ Breaking Change

[Kristian Fiskerstrand]

[-- Attachment #1.1: Type: text/plain, Size: 498 bytes --]

On 01/10/2018 07:31 PM, Aaron W. Swenson wrote:
> Display-If-Installed: >=app-office/gnucash-2.7.0

And we might want to display it before users actually upgrades if it is
for backing up an auto migrated change?

Since it doesn't require user changes I'm not entirely sure news item is
correct approach, seems like an elog could satisfy this

-- 
Kristian Fiskerstrand
OpenPGP keyblock reachable at hkp://pool.sks-keyservers.net
fpr:94CB AFDD 3034 5109 5618 35AA 0B7F 8B60 E3ED FAE3


[-- Attachment #2: OpenPGP digital signature --]
[-- Type: application/pgp-signature, Size: 488 bytes --]

Re: [gentoo-dev] News Item: GnuCash 2.7+ Breaking Change

[Ciaran McCreesh]

On Wed, 10 Jan 2018 19:35:52 +0100
Kristian Fiskerstrand <k_f@gentoo.org> wrote:
> On 01/10/2018 07:31 PM, Aaron W. Swenson wrote:
> > Display-If-Installed: >=app-office/gnucash-2.7.0  
> 
> And we might want to display it before users actually upgrades if it
> is for backing up an auto migrated change?

Yes, this header is backwards. It's a message to be displayed to users
who have the old version, not a message to be displayed to users who
install the new version for the first time ever and who have never used
the old version.

-- 
Ciaran McCreesh

Re: [gentoo-dev] News Item: GnuCash 2.7+ Breaking Change

[Aaron W. Swenson]

[-- Attachment #1: Type: text/plain, Size: 857 bytes --]

On 2018-01-10 19:07, Ciaran McCreesh wrote:
> On Wed, 10 Jan 2018 19:35:52 +0100
> Kristian Fiskerstrand <k_f@gentoo.org> wrote:
> > On 01/10/2018 07:31 PM, Aaron W. Swenson wrote:
> > > Display-If-Installed: >=app-office/gnucash-2.7.0  
> > 
> > And we might want to display it before users actually upgrades if it
> > is for backing up an auto migrated change?
> 
> Yes, this header is backwards. It's a message to be displayed to users
> who have the old version, not a message to be displayed to users who
> install the new version for the first time ever and who have never used
> the old version.

Perhaps the version restriction should be removed.

People could install GnuCash for the first time ever, then use it to
open files previously handled by 2.6.

If we’re not terribly concerned about that, I can flip the comparison.

[-- Attachment #2: Digital signature --]
[-- Type: application/pgp-signature, Size: 376 bytes --]

Re: [gentoo-dev] News Item: GnuCash 2.7+ Breaking Change

[Peter Volkov]

[-- Attachment #1: Type: text/plain, Size: 469 bytes --]

On Wed, Jan 10, 2018 at 9:31 PM, Aaron W. Swenson <titanofold@gentoo.org>
wrote:

> Title: GnuCash 2.7+ Breaking Change
>

Aaron, but why do we need this news item? 2.7 version is a development
version that is not supposed to be used by end users. As far as I
understand this backup is a temporary measure until stable release will be
out. It's much better to have this version package masked. Then in package
mask comment we could note the need for backup.

--
Peter.

[-- Attachment #2: Type: text/html, Size: 834 bytes --]

Re: [gentoo-dev] News Item: GnuCash 2.7+ Breaking Change

[Mart Raudsepp]

On Wed, 2018-01-10 at 22:38 +0300, Peter Volkov wrote:
> On Wed, Jan 10, 2018 at 9:31 PM, Aaron W. Swenson <titanofold@gentoo.
> org> wrote:
> > Title: GnuCash 2.7+ Breaking Change
> 
> Aaron, but why do we need this news item? 2.7 version is a
> development version that is not supposed to be used by end users. As
> far as I understand this backup is a temporary measure until stable
> release will be out. It's much better to have this version package
> masked. Then in package mask comment we could note the need for
> backup.

2.6 is insecure by 400+ ancient webkit-gtk security vulnerabilities, we
can't responsibly wait anymore. 2.7.3 was tested by Aaron (who uses it
daily) to work quite nicely.
I want to last rite gnucash-2.6 used webkit-gtk before the month is
over, as the maintainer of webkit-gtk, and if 2.7 isn't there, 2.6 will
simply be fully masked as well along it.

Regarding the Display-If-Installed, it should indeed be shown before
upgrade, in my opinion; otherwise so easy to already get things
migrated to new format before any backups are made. Then again, as 2.6
will go away soon anyway, the usefulness of these backups is limited,
without some local overlay. I didn't quite understand Ciaran mail; if
the header actually means "display when an upgrade to 2.7 is possible",
then that's best.

Regarding elog vs news, please keep in mind that this is limited to
ONLY those that have gnucash installed, so this isn't one of these
"will be shown forever in 5 years for fresh stage3 install starts". We
should be able to use per-package news items much more freely for leaf
packages.


Mart

Re: [gentoo-dev] News Item: GnuCash 2.7+ Breaking Change

[Róbert Čerňanský]

On Wed, 10 Jan 2018 22:46:04 +0200
Mart Raudsepp <leio@gentoo.org> wrote:

> On Wed, 2018-01-10 at 22:38 +0300, Peter Volkov wrote:
> > On Wed, Jan 10, 2018 at 9:31 PM, Aaron W. Swenson
> > <titanofold@gentoo.  
> > org> wrote:
> > > Title: GnuCash 2.7+ Breaking Change  
> > 
> > Aaron, but why do we need this news item? 2.7 version is a
> > development version that is not supposed to be used by end users. As
> > far as I understand this backup is a temporary measure until stable
> > release will be out. It's much better to have this version package
> > masked. Then in package mask comment we could note the need for
> > backup.  
> 
> 2.6 is insecure by 400+ ancient webkit-gtk security vulnerabilities,
> we can't responsibly wait anymore. 2.7.3 was tested by Aaron (who
> uses it daily) to work quite nicely.
> I want to last rite gnucash-2.6 used webkit-gtk before the month is
> over, as the maintainer of webkit-gtk, and if 2.7 isn't there, 2.6
> will simply be fully masked as well along it.

I assume that the motivation to get 2.7 stabilized early it to protect
users from potentional damages caused via webkit-gtk security
vulnerabilities.  However, provided that I use GnuCash to display only
local web data (generated reports) I feel much more comfortable
to entrust my data to the stable 2.6 version rather than unstable 2.7
about which the upstream says:

"Unstable (development) releases are for testing purposes only. They
contain the newest features and improvements, but may also contain
serious bugs still. Don't install these releases for everyday use." [1]

"Due to the possibility of data corruption, unstable releases should
only be used on a copy of live GnuCash data." [2]

I think generated reports are typical use of webkit in GnuCash.  Are
attack vectors so severe also in this case?

Thank you.

1. http://gnucash.org/download.phtml
2. https://wiki.gnucash.org/wiki/Development_Process

Robert


-- 
Róbert Čerňanský
E-mail: openhs@tightmail.com
Jabber: hs@jabber.sk

Re: [gentoo-dev] News Item: GnuCash 2.7+ Breaking Change

[Kristian Fiskerstrand]

[-- Attachment #1.1: Type: text/plain, Size: 692 bytes --]

On 01/16/2018 03:07 PM, Róbert Čerňanský wrote:
> I think generated reports are typical use of webkit in GnuCash.  Are
> attack vectors so severe also in this case?

Yes, as it would hinder upgrade / keep the vulnerable libraries on the
system that can possibly be used by other packages.

That said, I agree with the overall premise of discussion, and stability
guarantees for the stable keywords, have anyone been in contact with
upstream and discussed the issue of getting a stable release branch not
based on the old webkit?

-- 
Kristian Fiskerstrand
OpenPGP keyblock reachable at hkp://pool.sks-keyservers.net
fpr:94CB AFDD 3034 5109 5618 35AA 0B7F 8B60 E3ED FAE3


[-- Attachment #2: OpenPGP digital signature --]
[-- Type: application/pgp-signature, Size: 488 bytes --]

Re: [gentoo-dev] News Item: GnuCash 2.7+ Breaking Change

[Aaron W. Swenson]

[-- Attachment #1: Type: text/plain, Size: 2426 bytes --]

On 2018-01-16 15:07, Róbert Čerňanský wrote:
> On Wed, 10 Jan 2018 22:46:04 +0200
> Mart Raudsepp <leio@gentoo.org> wrote:
> > 2.6 is insecure by 400+ ancient webkit-gtk security vulnerabilities,
> > we can't responsibly wait anymore. 2.7.3 was tested by Aaron (who
> > uses it daily) to work quite nicely.
> > I want to last rite gnucash-2.6 used webkit-gtk before the month is
> > over, as the maintainer of webkit-gtk, and if 2.7 isn't there, 2.6
> > will simply be fully masked as well along it.
> 
> I assume that the motivation to get 2.7 stabilized early it to protect
> users from potentional damages caused via webkit-gtk security
> vulnerabilities.  However, provided that I use GnuCash to display only
> local web data (generated reports) I feel much more comfortable
> to entrust my data to the stable 2.6 version rather than unstable 2.7
> about which the upstream says:
> 
> "Unstable (development) releases are for testing purposes only. They
> contain the newest features and improvements, but may also contain
> serious bugs still. Don't install these releases for everyday use." [1]
> 
> "Due to the possibility of data corruption, unstable releases should
> only be used on a copy of live GnuCash data." [2]
> 
> I think generated reports are typical use of webkit in GnuCash.  Are
> attack vectors so severe also in this case?
> 
> Thank you.
> 
> 1. http://gnucash.org/download.phtml
> 2. https://wiki.gnucash.org/wiki/Development_Process
> 
> Robert

You are welcome to keep the insecure/outdated packages on your
machine. You do not have to update. We’re just working towards the long
overdue removal of a security risk from the tree.

Really, it isn’t so much that gnucash is at risk because it uses the old
insecure net-libs/webkit-gtk:2 (it may very well be, but there haven’t
been any reports that I’ve seen), but it is all the other packages that
use webkit-gtk to render HTML from untrusted sources that are at risk.

If we could have, we would have removed net-libs/webkit-gtk:{2,3} long
ago. This is nearly two years overdue. [1]

However, this removal will result in it being impossible for anyone to
build gnucash-2.6, so that must be removed as well.

Given the situation, we have a choice: Remove GnuCash altogether, or
press ahead with recommending a version upstream considers unstable.

[1]: https://bugs.gentoo.org/577068

[-- Attachment #2: Digital signature --]
[-- Type: application/pgp-signature, Size: 376 bytes --]

Re: [gentoo-dev] News Item: GnuCash 2.7+ Breaking Change

[Kristian Fiskerstrand]

[-- Attachment #1.1: Type: text/plain, Size: 437 bytes --]

On 01/16/2018 03:45 PM, Aaron W. Swenson wrote:
> Given the situation, we have a choice: Remove GnuCash altogether, or
> press ahead with recommending a version upstream considers unstable.

Or 3, discuss with upstream to see if they can release an updated
version as stable branch.

-- 
Kristian Fiskerstrand
OpenPGP keyblock reachable at hkp://pool.sks-keyservers.net
fpr:94CB AFDD 3034 5109 5618 35AA 0B7F 8B60 E3ED FAE3


[-- Attachment #2: OpenPGP digital signature --]
[-- Type: application/pgp-signature, Size: 488 bytes --]

[gentoo-dev] Re: News Item: GnuCash 2.7+ Breaking Change

[Duncan]

Kristian Fiskerstrand posted on Tue, 16 Jan 2018 15:58:11 +0100 as
excerpted:

> On 01/16/2018 03:45 PM, Aaron W. Swenson wrote:
>> Given the situation, we have a choice: Remove GnuCash altogether, or
>> press ahead with recommending a version upstream considers unstable.
> 
> Or 3, discuss with upstream to see if they can release an updated
> version as stable branch.

This reminds me very much of the long-time stability situation with 
grub-0.9x vs. 1.9x.  Upstream insisted 0.9x was unsupported, and indeed, 
had abandoned it, such that it was the distros carrying upstream-
unapproved patches, but at the same time, pre-2.0 as 1.9x was still very 
much development-only and not ready for prime-time, according to 
upstream.  Just what were distros and users /supposed/ to do?

Both that and this gnucash thing are bad situations all around, but 
perhaps some lessons can be had.  And agreed that surely the first must 
be to /just/ /ask/ upstream whether they can release something stable 
that's at least based on something still getting maintenance, security 
and otherwise.  Then go from there.  Maybe they'll refuse and we'll have 
to move ahead with the new version regardless of upstream's wishes, but 
we'll never know if we don't ask.

(Of course it can go the other way too, upstream insisting the new 
version is stable even when it's still broken for normal users every 
which way to Sunday.  The kde3/kde4 transition is a prime example of 
that.  I honestly don't know which is worse, but the obvious ideal is a 
sane upstream that doesn't veer to either extreme, or lacking that, at 
least cooperates and provides support when a new at least /semi-/stable 
release is needed as the old is just outdated and broken, security or 
otherwise.)

-- 
Duncan - List replies preferred.   No HTML msgs.
"Every nonfree program has a lord, a master --
and if you use the program, he is your master."  Richard Stallman

Re: [gentoo-dev] News Item: GnuCash 2.7+ Breaking Change

[Róbert Čerňanský]

On Tue, 16 Jan 2018 15:58:11 +0100
Kristian Fiskerstrand <k_f@gentoo.org> wrote:

> On 01/16/2018 03:45 PM, Aaron W. Swenson wrote:
> > Given the situation, we have a choice: Remove GnuCash altogether, or
> > press ahead with recommending a version upstream considers
> > unstable.  
> 
> Or 3, discuss with upstream to see if they can release an updated
> version as stable branch.

4. Mask the vulnerable webkit-gtk.  This way: A. User is informed.
B. Manual action is required to continue using such package.

I see this as the most obvious choice considering that I am still
unable to find any possible attack vector against GnuCash.  If it is me
and only me who enters data.  Webkit reports are generated from those
data.  How can anyone hack me through GnuCash?

In general, many times users use applications in a way that
vulnerabilities does not apply to their use cases.  I would prefer to
be informed and allowed to continue using such application as a part of
the distro.

Robert


-- 
Róbert Čerňanský
E-mail: openhs@tightmail.com
Jabber: hs@jabber.sk

Re: [gentoo-dev] News Item: GnuCash 2.7+ Breaking Change

[M. J. Everitt]

[-- Attachment #1.1: Type: text/plain, Size: 1409 bytes --]

On 16/01/18 21:56, Róbert Čerňanský wrote:
> On Tue, 16 Jan 2018 15:58:11 +0100
> Kristian Fiskerstrand <k_f@gentoo.org> wrote:
>
>> On 01/16/2018 03:45 PM, Aaron W. Swenson wrote:
>>> Given the situation, we have a choice: Remove GnuCash altogether, or
>>> press ahead with recommending a version upstream considers
>>> unstable.  
>> Or 3, discuss with upstream to see if they can release an updated
>> version as stable branch.
> 4. Mask the vulnerable webkit-gtk.  This way: A. User is informed.
> B. Manual action is required to continue using such package.
>
> I see this as the most obvious choice considering that I am still
> unable to find any possible attack vector against GnuCash.  If it is me
> and only me who enters data.  Webkit reports are generated from those
> data.  How can anyone hack me through GnuCash?
>
> In general, many times users use applications in a way that
> vulnerabilities does not apply to their use cases.  I would prefer to
> be informed and allowed to continue using such application as a part of
> the distro.
>
> Robert
>
>
Forgive my potential misunderstanding here .. but who's actively
preventing you from using GnuCash 2.6? You can take a copy locally to
/usr/local/portage so that When/If finally it gets removed from the
central package 'tree' it will run for you provided its requirements are
still met on your system ...


[-- Attachment #2: OpenPGP digital signature --]
[-- Type: application/pgp-signature, Size: 819 bytes --]

Re: [gentoo-dev] News Item: GnuCash 2.7+ Breaking Change

[Róbert Čerňanský]

On Tue, 16 Jan 2018 22:19:15 +0000
"M. J. Everitt" <m.j.everitt@iee.org> wrote:

> On 16/01/18 21:56, Róbert Čerňanský wrote:
> > On Tue, 16 Jan 2018 15:58:11 +0100
> > Kristian Fiskerstrand <k_f@gentoo.org> wrote:
> >  
> >> On 01/16/2018 03:45 PM, Aaron W. Swenson wrote:  
> >>> Given the situation, we have a choice: Remove GnuCash altogether,
> >>> or press ahead with recommending a version upstream considers
> >>> unstable.    
> >> Or 3, discuss with upstream to see if they can release an updated
> >> version as stable branch.  
> > 4. Mask the vulnerable webkit-gtk.  This way: A. User is informed.
> > B. Manual action is required to continue using such package.
> >
> > I see this as the most obvious choice considering that I am still
> > unable to find any possible attack vector against GnuCash.  If it
> > is me and only me who enters data.  Webkit reports are generated
> > from those data.  How can anyone hack me through GnuCash?
> >
> > In general, many times users use applications in a way that
> > vulnerabilities does not apply to their use cases.  I would prefer
> > to be informed and allowed to continue using such application as a
> > part of the distro.
> >
> > Robert
> >
> >  
> Forgive my potential misunderstanding here .. but who's actively
> preventing you from using GnuCash 2.6? You can take a copy locally to
> /usr/local/portage so that When/If finally it gets removed from the
> central package 'tree' it will run for you provided its requirements
> are still met on your system ...

That's correct, nobody is preventing me and I already have copies of
several packages.  But with each additional package Gentoo becomes less
and less valuable.  You can say the same thing about every package.  But
what would be the point of linux distribution then?

I worked with assumption that there is a motivation in Gentoo to provide
a value in a form of stable GnuCash and I merely presented a way which I
see as most pragmatic.  It allows to continue to provide that value and
raises awarenes about webkit-gtk security vulnerabilities.

Of course there is also a possibility that maintainters may have lost
interest/motivation to maintain old webkit-gtk.  Which would be normal
and prefectly fine but completelly different matter than security.

Robert


-- 
Róbert Čerňanský
E-mail: openhs@tightmail.com
Jabber: hs@jabber.sk

Re: [gentoo-dev] News Item: GnuCash 2.7+ Breaking Change

[Aaron W. Swenson]

[-- Attachment #1: Type: text/plain, Size: 811 bytes --]

On 2018-01-10 22:38, Peter Volkov wrote:
> On Wed, Jan 10, 2018 at 9:31 PM, Aaron W. Swenson <titanofold@gentoo.org>
> wrote:
> 
> > Title: GnuCash 2.7+ Breaking Change
> >
> 
> Aaron, but why do we need this news item? 2.7 version is a development
> version that is not supposed to be used by end users. As far as I
> understand this backup is a temporary measure until stable release will be
> out. It's much better to have this version package masked. Then in package
> mask comment we could note the need for backup.

GnuCash 2.6 relies on net-libs/webkit-gtk:2 which will be removed from
the tree soon. If GnuCash doesn’t make the jump to 2.7, then it’ll be
removed from the tree as well. [1]

We’re going to try to introduce it a bit sooner.

[1]: https://bugs.gentoo.org/629114

[-- Attachment #2: Digital signature --]
[-- Type: application/pgp-signature, Size: 376 bytes --]

Re: [gentoo-dev] News Item: GnuCash 2.7+ Breaking Change

[Aaron W. Swenson]

[-- Attachment #1.1: Type: text/plain, Size: 1327 bytes --]

Modified a bit. This should show for anyone who has GnuCash installed.

The 2.7.3 ebuild I have in my overlay does have a postinst note about
this as well, but I think this is important enough to tell them as soon
as possible and on systems that may never have had GnuCash installed but
will be working with files/databases that are made by GnuCash 2.6.

Title: GnuCash 2.7+ Breaking Change
Author: Aaron W. Swenson <titanofold@gentoo.org>
Posted: 2018-01-10
Revision: 1
News-Item-Format: 2.0
Display-If-Installed: app-office/gnucash

Along with changes to updates to use modern libraries, GnuCash 2.7+ has
changed the schema [1] it uses for both databases and files. GnuCash
will automatically modify the file or database in place upon open.

Therefore, it is imperative that you back up any files or databases
before using GnuCash 2.7 in case you run into an issue and want or need
to revert back to 2.6.

Instructions for backing up are as follows:

For XML (plain files):
$ cp /path/to/file.gnucash /path/to/file.gnucash.bak

For MySQL:
$ mysqldump gnucash_db | mysql gnucash_db_bak

For PostgreSQL:
$ createdb -U dbadmin -T gnucash_db -O gnucash_user gnucash_db_bak

For SQLite:
$ cp /path/to/gnucash/sqlite.file.gnucash /path/to/gnucash/sqlite.file.gnucash.bak

[1] https://github.com/Gnucash/gnucash/releases/tag/2.7.0a

[-- Attachment #1.2: 2018-01-08-GnuCash-Breaking-Change.en.txt --]
[-- Type: text/plain, Size: 972 bytes --]

Title: GnuCash 2.7+ Breaking Change
Author: Aaron W. Swenson <titanofold@gentoo.org>
Posted: 2018-01-10
Revision: 1
News-Item-Format: 2.0
Display-If-Installed: app-office/gnucash

Along with changes to updates to use modern libraries, GnuCash 2.7+ has
changed the schema [1] it uses for both databases and files. GnuCash
will automatically modify the file or database in place upon open.

Therefore, it is imperative that you back up any files or databases
before using GnuCash 2.7 in case you run into an issue and want or need
to revert back to 2.6.

Instructions for backing up are as follows:

For XML (plain files):
$ cp /path/to/file.gnucash /path/to/file.gnucash.bak

For MySQL:
$ mysqldump gnucash_db | mysql gnucash_db_bak

For PostgreSQL:
$ createdb -U dbadmin -T gnucash_db -O gnucash_user gnucash_db_bak

For SQLite:
$ cp /path/to/gnucash/sqlite.file.gnucash /path/to/gnucash/sqlite.file.gnucash.bak

[1] https://github.com/Gnucash/gnucash/releases/tag/2.7.0a

[-- Attachment #2: Digital signature --]
[-- Type: application/pgp-signature, Size: 376 bytes --]

Re: [gentoo-dev] News Item: GnuCash 2.7+ Breaking Change

[Ciaran McCreesh]

On Wed, 10 Jan 2018 17:48:32 -0500
"Aaron W. Swenson" <titanofold@gentoo.org> wrote:
> Modified a bit. This should show for anyone who has GnuCash installed.

For anyone who has any version of GnuCash installed, either now or at
any point in the future. (See the recent thread on expiring news
items...) Are you sure you don't just want to target this at people who
have the old version installed, instead?

-- 
Ciaran McCreesh

Re: [gentoo-dev] News Item: GnuCash 2.7+ Breaking Change

[Aaron W. Swenson]

[-- Attachment #1: Type: text/plain, Size: 743 bytes --]

On 2018-01-10 22:53, Ciaran McCreesh wrote:
> On Wed, 10 Jan 2018 17:48:32 -0500
> "Aaron W. Swenson" <titanofold@gentoo.org> wrote:
> > Modified a bit. This should show for anyone who has GnuCash installed.
> 
> For anyone who has any version of GnuCash installed, either now or at
> any point in the future. (See the recent thread on expiring news
> items...) Are you sure you don't just want to target this at people who
> have the old version installed, instead?

As mentioned, the concern is that someone will try to use a new version
and old version simultaneously.

How about “<app-office/gnucash-4"? It would allow it to "expire" after
quite some time. At least past the point that we'd be concerned about,
I'm sure.

[-- Attachment #2: Digital signature --]
[-- Type: application/pgp-signature, Size: 376 bytes --]

Re: [gentoo-dev] News Item: GnuCash 2.7+ Breaking Change

[Mart Raudsepp]

On Wed, 2018-01-10 at 20:00 -0500, Aaron W. Swenson wrote:
> On 2018-01-10 22:53, Ciaran McCreesh wrote:
> > On Wed, 10 Jan 2018 17:48:32 -0500
> > "Aaron W. Swenson" <titanofold@gentoo.org> wrote:
> > > Modified a bit. This should show for anyone who has GnuCash
> > > installed.
> > 
> > For anyone who has any version of GnuCash installed, either now or
> > at
> > any point in the future. (See the recent thread on expiring news
> > items...) Are you sure you don't just want to target this at people
> > who
> > have the old version installed, instead?
> 
> As mentioned, the concern is that someone will try to use a new
> version
> and old version simultaneously.
> 
> How about “<app-office/gnucash-4"? It would allow it to "expire"
> after
> quite some time. At least past the point that we'd be concerned
> about,
> I'm sure.

That sounds good to me. The background here is, that once 2.7 is
released as stable, it'll be released as version 3.0, so 4 is after
that.
And then if they keep doing 3.2, 3.4 and so on for a long time instead,
you can try to remember to tweak the news item to expire before, e.g to
a version that drops forward migration support from 2.6.

This is all on the premise, that it's a leaf package and only kept
shown to those that have it.


Mart

Re: [gentoo-dev] News Item: GnuCash 2.7+ Breaking Change (v3)

[Aaron W. Swenson]

[-- Attachment #1.1: Type: text/plain, Size: 1062 bytes --]

This time with a version constrain that should allow this to expire at
some point in the future.

Title: GnuCash 2.7+ Breaking Change
Author: Aaron W. Swenson <titanofold@gentoo.org>
Posted: 2018-01-11
Revision: 1
News-Item-Format: 2.0
Display-If-Installed: <app-office/gnucash-4

Along with changes to use modern libraries, GnuCash 2.7+ has changed the
schema [1] it uses for both databases and files. GnuCash will
automatically modify the file or database in place upon open.

Therefore, it is imperative that you back up any files or databases
before using GnuCash 2.7 in case you run into an issue and want or need
to revert back to 2.6.

Instructions for backing up are as follows:

For XML (plain files):
$ cp /path/to/file.gnucash /path/to/file.gnucash.bak

For MySQL:
$ mysqldump gnucash_db | mysql gnucash_db_bak

For PostgreSQL:
$ createdb -U dbadmin -T gnucash_db -O gnucash_user gnucash_db_bak

For SQLite:
$ cp /path/to/gnucash/sqlite.file.gnucash /path/to/gnucash/sqlite.file.gnucash.bak

[1] https://github.com/Gnucash/gnucash/releases/tag/2.7.0a

[-- Attachment #1.2: 2018-01-11-GnuCash-Breaking-Change.en.txt --]
[-- Type: text/plain, Size: 964 bytes --]

Title: GnuCash 2.7+ Breaking Change
Author: Aaron W. Swenson <titanofold@gentoo.org>
Posted: 2018-01-11
Revision: 1
News-Item-Format: 2.0
Display-If-Installed: <app-office/gnucash-4

Along with changes to use modern libraries, GnuCash 2.7+ has changed the
schema [1] it uses for both databases and files. GnuCash will
automatically modify the file or database in place upon open.

Therefore, it is imperative that you back up any files or databases
before using GnuCash 2.7 in case you run into an issue and want or need
to revert back to 2.6.

Instructions for backing up are as follows:

For XML (plain files):
$ cp /path/to/file.gnucash /path/to/file.gnucash.bak

For MySQL:
$ mysqldump gnucash_db | mysql gnucash_db_bak

For PostgreSQL:
$ createdb -U dbadmin -T gnucash_db -O gnucash_user gnucash_db_bak

For SQLite:
$ cp /path/to/gnucash/sqlite.file.gnucash /path/to/gnucash/sqlite.file.gnucash.bak

[1] https://github.com/Gnucash/gnucash/releases/tag/2.7.0a

[-- Attachment #2: Digital signature --]
[-- Type: application/pgp-signature, Size: 376 bytes --]

Re: [gentoo-dev] News Item: GnuCash 2.7+ Breaking Change (v3)

[Francesco Riosa]

[-- Attachment #1: Type: text/plain, Size: 1548 bytes --]

2018-01-11 17:27 GMT+01:00 Aaron W. Swenson <titanofold@gentoo.org>:

> This time with a version constrain that should allow this to expire at
> some point in the future.
>
> Title: GnuCash 2.7+ Breaking Change
> Author: Aaron W. Swenson <titanofold@gentoo.org>
> Posted: 2018-01-11
> Revision: 1
> News-Item-Format: 2.0
> Display-If-Installed: <app-office/gnucash-4
>
> Along with changes to use modern libraries, GnuCash 2.7+ has changed the
> schema [1] it uses for both databases and files. GnuCash will
> automatically modify the file or database in place upon open.
>
> Therefore, it is imperative that you back up any files or databases
> before using GnuCash 2.7 in case you run into an issue and want or need
> to revert back to 2.6.
>
> Instructions for backing up are as follows:
>
> For XML (plain files):
> $ cp /path/to/file.gnucash /path/to/file.gnucash.bak
>
> For MySQL:
> $ mysqldump gnucash_db | mysql gnucash_db_bak
>
> For PostgreSQL:
> $ createdb -U dbadmin -T gnucash_db -O gnucash_user gnucash_db_bak
>
> For SQLite:
> $ cp /path/to/gnucash/sqlite.file.gnucash /path/to/gnucash/sqlite.file.
> gnucash.bak
>
> [1] https://github.com/Gnucash/gnucash/releases/tag/2.7.0a
>

It could be wise to close GnuCash before backup, also the choice of
creating a copy of the database is a bit unusual, an offline backup may be
more appropriated, example for mysql:
mysqldump gnucash_db | xz > gnucash-2.6.sql.xz

It's ok to leave restore instruction out, since those are usually easy to
find and spending more time with it does not hurt

[-- Attachment #2: Type: text/html, Size: 2225 bytes --]

Re: [gentoo-dev] News Item: GnuCash 2.7+ Breaking Change (v3)

[Aaron W. Swenson]

[-- Attachment #1: Type: text/plain, Size: 613 bytes --]

On 2018-01-11 19:02, Francesco Riosa wrote:
> It could be wise to close GnuCash before backup

Good point. Added a line.

> also the choice of creating a copy of the database is a bit unusual,
> an offline backup may be more appropriated, example for mysql:
> mysqldump gnucash_db | xz > gnucash-2.6.sql.xz

I thought it’d be nice to have the backup online, but this is probably
better. I’ve change the PostgreSQL command as well.

> It's ok to leave restore instruction out, since those are usually easy to
> find and spending more time with it does not hurt

I’m glad we agree.

Thanks!

[-- Attachment #2: Digital signature --]
[-- Type: application/pgp-signature, Size: 376 bytes --]

Re: [gentoo-dev] News Item: GnuCash 2.7+ Breaking Change (v4)

[Aaron W. Swenson]

[-- Attachment #1.1: Type: text/plain, Size: 1041 bytes --]

Revision number 4.

Title: GnuCash 2.7+ Breaking Change
Author: Aaron W. Swenson <titanofold@gentoo.org>
Posted: 2018-01-11
Revision: 1
News-Item-Format: 2.0
Display-If-Installed: <app-office/gnucash-4

Along with changes to use modern libraries, GnuCash 2.7+ has changed the
schema [1] it uses for both databases and files. GnuCash will
automatically modify the file or database in place upon open.

Therefore, it is imperative that you back up any files or databases
before using GnuCash 2.7 in case you run into an issue and want or need
to revert back to 2.6.

Close any open session of GnuCash including remote sessions, then
follow the relevant backup instructions as follows:

For XML (plain files):
$ cp /path/to/file.gnucash /path/to/file.gnucash.bak

For MySQL:
$ mysqldump gnucash_db | xz > gnucash-2.6.sql.xz

For PostgreSQL:
$ pg_dump -U gnucash_user -Z 5 gnucash_db > gnucash-2.6.sql.gz

For SQLite:
$ cp /path/to/sqlite.file.gnucash /path/to/sqlite.file.gnucash.bak

[1] https://github.com/Gnucash/gnucash/releases/tag/2.7.0a

[-- Attachment #1.2: 2018-01-11-GnuCash-Breaking-Change.en.txt --]
[-- Type: text/plain, Size: 1021 bytes --]

Title: GnuCash 2.7+ Breaking Change
Author: Aaron W. Swenson <titanofold@gentoo.org>
Posted: 2018-01-11
Revision: 1
News-Item-Format: 2.0
Display-If-Installed: <app-office/gnucash-4

Along with changes to use modern libraries, GnuCash 2.7+ has changed the
schema [1] it uses for both databases and files. GnuCash will
automatically modify the file or database in place upon open.

Therefore, it is imperative that you back up any files or databases
before using GnuCash 2.7 in case you run into an issue and want or need
to revert back to 2.6.

Close any open session of GnuCash including remote sessions, then
follow the relevant backup instructions as follows:

For XML (plain files):
$ cp /path/to/file.gnucash /path/to/file.gnucash.bak

For MySQL:
$ mysqldump gnucash_db | xz > gnucash-2.6.sql.xz

For PostgreSQL:
$ pg_dump -U gnucash_user -Z 5 gnucash_db > gnucash-2.6.sql.gz

For SQLite:
$ cp /path/to/sqlite.file.gnucash /path/to/sqlite.file.gnucash.bak

[1] https://github.com/Gnucash/gnucash/releases/tag/2.7.0a

[-- Attachment #2: Digital signature --]
[-- Type: application/pgp-signature, Size: 376 bytes --]

Re: [gentoo-dev] News Item: GnuCash 2.7+ Breaking Change (v4)

[Ulrich Mueller]

[-- Attachment #1: Type: text/plain, Size: 550 bytes --]

>>>>> On Thu, 11 Jan 2018, Aaron W Swenson wrote:

> 2018-01-11-GnuCash-Breaking-Change.en.txt

Since its last update, GLEP 42 strongly recommends using a very short
name, with at most 20 characters for the short-name identifier [1]
(whose main purpose is to keep the name unique if more than one news
item is posted on the same day). Also, the git hook will reject names
containing uppercase chars. So, could you use something like
2018-01-11-gnucash.en.txt for the name?

Ulrich

[1] https://www.gentoo.org/glep/glep-0042.html#news-item-identities

[-- Attachment #2: Type: application/pgp-signature, Size: 490 bytes --]

Re: [gentoo-dev] News Item: GnuCash 2.7+ Breaking Change (v4)

[Aaron W. Swenson]

[-- Attachment #1: Type: text/plain, Size: 718 bytes --]

On 2018-01-11 23:30, Ulrich Mueller wrote:
> >>>>> On Thu, 11 Jan 2018, Aaron W Swenson wrote:
> 
> > 2018-01-11-GnuCash-Breaking-Change.en.txt
> 
> Since its last update, GLEP 42 strongly recommends using a very short
> name, with at most 20 characters for the short-name identifier [1]
> (whose main purpose is to keep the name unique if more than one news
> item is posted on the same day). Also, the git hook will reject names
> containing uppercase chars. So, could you use something like
> 2018-01-11-gnucash.en.txt for the name?
> 
> Ulrich
> 
> [1] https://www.gentoo.org/glep/glep-0042.html#news-item-identities

I forgot about the lowercase bit, and I will shorten it up further.

Thanks!

[-- Attachment #2: Digital signature --]
[-- Type: application/pgp-signature, Size: 376 bytes --]

Re: [gentoo-dev] News Item: GnuCash 2.7+ Breaking Change

[Aaron W. Swenson]

[-- Attachment #1: Type: text/plain, Size: 60 bytes --]

Pushed via commit ed16527710bcde367ba3a4c7604c5aa6b2650034.

[-- Attachment #2: Digital signature --]
[-- Type: application/pgp-signature, Size: 376 bytes --]