SquirrelMail  
Donations
News
About
Support
Screen shots
Download
Plugins
Documentation
Sponsors
Bounties













Security Notice
Phishing campain
Version 1.4.15
Security Upgrade

SquirrelMail 1.5.x version roadmap and todos

NOTE: This page hasn't been updated in a while and some information herein does not reflect the current state of development. Please help update this page (but please confer with the team before doing so so you know what you're writing about).

On the road to 2.0

(or: how to prevent our rodent from becoming roadkill)

  • Finish Templating Phase 1 (see TemplatesInSquirrelMail)
  • Make sure this works for an average user;
  • Finish up plugins API refactoring
  • Add any small-scale features, refactorings at this point;
  • Release 1.5.2 DEVEL
  • Stop accepting new features, only bugfixes
  • No more plugins API changes, unless unavoidable
  • Finish Templating Phase 2
  • Fix bugs according to feedback on 1.5.2.
  • Fix more bugs.
  • Chance for plugin authors to start to adapt.
  • Release 1.5.3 DEVEL
  • fix bugs
  • Release candidate 2.0 RC1
  • fix bugs
  • Release 2.0

Maybe in SquirrelMail 1.5.2

This would also be nice to have in 1.5.2. Anyone interested in having it, should work on it soon and make sure it's done before the templating/plugins stuff is finished. Any of this missing will not delay the release of 1.5.2.

  • Calendar plugin (add sql support or move to shared_calendars)
  • Change Password plugin (agree on plugin format) [link] [link2]
  • Move core plugin options to widgets
  • PHP Pspell extension support in SquirrelSpell
  • Generate all fabricated URLs with a single function in order to achieve that at a later stage we can add the SID to it.
  • Cut down on the number of globals we use. -- CONTROVERSIAL, since plugins make use of many of them - PLEASE CONSULT the team before making such changes
    • Assigned to everyone, while working on some code reduce or eliminate the globaling of variables.
  • (see previous point) stop passing $username and $data_dir to all getPref/setPref calls -- CONTROVERSIAL, should leave the API alone so plugins do not break - core is free to use a NEW get/set Pref API
    • Assigned to Thijs Kinkhorst

Under discussion:

  • session.use_trans_sid
  • Add SASL authentication patch. gssapi authentication is unstable. Patch is not clean. SMTP auth is not implemented (really? this may be incorrect). Login changes will cause issues in other authentication methods.

Under testing:

  • Create a single sm_init.php include file and cleanup all the circular include_once() and require_once() calls.
  • session_regenerate_id() to avoid session hijacking.
  • HttpOnly cookies.
  • Load the default configuration before main configuration file in order to make sure that expected configuration variables are set.
  • Deprecate direct access to password information. sqauth_read_password() and sqauth_save_password() functions must be used instead of reading key cookie and onetimepad session variable. $key and $onetimepad should not be globalized, if scripts don't need them.

Finished:

  • Globalize error handler and template code
  • Remove all development documentation from tarball.

The Marc Groot Koerkamp project list

(Not decided when to be released.)

Current projects of mine inside SquirrelMail:

  • Creating base utility classes;
  • Creating a generic messages class for different backends (IMAP, NNTP);
  • Creating IMAP backend for the messages class.

To Do list SquirrelMail:

  • Rewrite of configuration system;
  • Creating a Persistor class;
  • Creating a compose class;
  • Creating a generic SquirrelMail Contacts class;
  • Implementing Mime base class where mime-handlers/content-type can be hooked in.

Personal Wishlist:

  • Adding support for Kroupware and/or opengroupware.org in order to add (i/v)Calendar support and Contact support. Requirement for this is a working Mime-base class;
  • Advanced SquirrelMail frontends that retrieves data throught XML-RPC or SOAP.
© 1999-2010 by The SquirrelMail Project Team