MySQL Founder Warns 5.1 Not Ready
MySQL founder Michael "Monty" Widenius warns in his blog against putting the current version 5.1 of the popular database package into production. He's critical of the release policy and fears that the product's quality may suffer.
Pictured with the statue of an ostrich with its head in the sand, Monty Widenius's blog begins with "Oops, we did it again..." The statue was a gift to the MySQL 6.0 managers as a "reward" for their release planning. Widenius describes the version as not yet "ready to be declared" beta, RC or GA and lists a series of unresolved bugs as proof. The reason, he says, isn't the developers, but management: "...even an excellent team can't work if the conditions are not right." Even release of the 5.1 beta was too early and not signed off by developers. Because MySQL managers spread the software to a larger audience prematurely, developers didn't have time to get to their actual work. "MySQL developers have not been able to do any larger changes in the source code since February 2006," says Widenius.
His further criticism of the conflicting priorities of technicians and marketing forces should be familiar to all. It's the usual story: software quality takes second place to regularly spaced release cycles and new functionality takes precedence over bug fixes. He holds Mårten Mickos, chief of the database group at Sun Microsystems, responsible for this strategy: "Mårten's reasons for this is that he needs something he can sell and a release marked 'GA' [General Availability] is much easier to sell than a release marked 'RC' [Release Candidate]."
Widenius supports his thesis with the 20 "known and tagged crashing and wrong results" bugs in the product. Along with these are at least 180 "serious" and 300 somewhat less serious bugs that he points to from his blog. He also cites a few concrete examples, including the error with number 989 that’s been known and openly discussed since August 2003. He even finds the new 5.1 functionality lackluster, that it's not beta-ready and should have undergone further testing. One example: "If you get a server crash during ALTER TABLE of a partitioned table you may loose all your data for that table." The partitioning feature alone has 20 open bugs, and can become "unusable" with a large number of partitions. Even the much touted row-based replication feature isn't ready by his reckoning.
The MySQL errors he lists may just be the tip of the iceberg: "Note that this was just a short list of known bugs to prove a point. The real list of serious bugs is much longer." Part of the problem, he claims, is attrition on the core developer team and that too many tyros were put on it to replace the more experienced ones.
Widenius denies any relationship between Sun Microsystems’s acquisition of MySQL in February 2008 and the change in strategy. "The decisions to do a GA release was solely been made by the MySQL management in Sun," he says. In fact, he hopes Sun reorganizes the team, has more of a hand in development and allows the MySQL community more of a hand in testing.
In spite of all his criticism, Widenius welcomes the introduction of MySQL 5.1. "At least it's better than the MySQL 5.0 community version which has not been updated for some time." He encourages user feedback: "Install and test MySQL 5.1. If it works, feel lucky. If not, report a bug at http://bugs.mysql.com/."
New tool will look like GParted but support a wider range of storage technologies.
New public key pinning feature will help prevent man-in-the-middle attacks.
Carnegie Mellon researchers say 3 million pages could fall down the phishing hole in the next year.
The US government rolls new best-practice rules for protecting SSH.
Klaus Knopper announces the latest version of his iconic Live Linux system.
All websites that use these popular CMS tools could be vulnerable to denial of service attacks if users don't install the updates.
According to a report, many potential victims of the Heartbleed attack have patched their systems, but few have cleaned up the crime scene to protect themselves from the effects of a previous intrusion.
DARPA and NICTA release the code for the ultra-secure microkernel system used in aerial drones.
Should you trust an online service to store your online passwords?
New B+ board lets you build cool things without the complication of a powered USB hub.