Quince

This page is now frozen! Don’t add new items here.

Quince was released on December 11th, 2023. It is the 17th Open edX community release.

Quince is based on branches cut two months earlier on Oct 10th, 2023. Changes made after that date will be part of the next release (Redwood) unless you also backport them to Quince.

Please add any new changes to Current Release: Redwood - Operator/Dev Notes

 

 

Information Radiators 💡

 

Risk Management 🚨

 

Work Plan 📅

 

Week

From

To

Task

Assignee

Week

From

To

Task

Assignee

38

September 18

September 24

Confirming working group roles:

  1. Chair

  2. Release manager

  3. Release testing coordinator

  4. Quality assurance manager

  5. Release documentation expert

  6. Bug triagers

  7. Security patcher

@Jorge Londoño

39

September 25

October 1

Backlog refinement guidelines

@Jorge Londoño

40

October 2

October 8

Testing plan announcement

  1. Creating testing plan

  2. Coordinating with @Régis B. the provisioning of the test instance

 

41

October 9

October 15

Branches cut

 

Testing start

 

50

December 11

December 17

quince.1 release

 

Quince release retrospective

@Jorge Londoño

 

Operational ⚙️

  • [@Tim McCormack] Deployers must ensure that for all of their IDAs, any JWT_PUBLIC_SIGNING_JWK_SET Django setting does not contain whitespace inside of the Base64 strings of the encoded keys.

    • This is related to edx-drf-extensions now using PyJWT instead of pyjwkest, which is overly permissive of spaces inside Base64. 2U discovered that several of their IDA configurations had a JWT_PUBLIC_SIGNING_JWK_SET setting that inadvertently contained whitespace inside the large Base64 strings. Before upgrading to Quince, ensure that there are no linebreaks or other whitespace inside Base64 strings in the JWT key settings. Otherwise, IDAs will produce 'Incorrect padding' errors.

    • For example broken/working configs see the edx-drf-extensions changelog for version 8.8.0; issue 346 has more detailed technical information.

  • [@Awais Qureshi] Django-storages upgraded to latest version and it has some breaking changes.

    • The constructor kwarg bucket is no longer accepted. Instead, use bucket_name.

    • define default_acl value explicitly in constructor kwarg e.g default_acl: public-read. in previous versions django-storages provides default value as public-read but now it is none. So it's important to mention it explicitly as per your use case.

  • [@Awais Qureshi] For Django 4.2 CSRF_TRUSTED_ORIGINS must include scheme. Update all urls there with schemes. e.g .edx.org changes to https://*.edx.org.

Deprecations and Removals ✖️

Based on estimated dates 2023-04-11 to 2023-10-01.

 

Other deprecations: