Request for Comments: new QIF Importer

Christian Stimming stimming at tuhh.de
Fri Jan 9 02:21:41 CST 2004 

(sorry for not replying to list)

-------- Ursprüngliche Nachricht --------
Betreff: Re: Request for Comments: new QIF Importer
Datum: Thu, 08 Jan 2004 11:35:56 -0500
Von: Derek Atkins <warlord at MIT.EDU>
An: Christian Stimming <stimming at tuhh.de>
Referenzen: <sjmn08z7d06.fsf at dogbert.ihtfp.org> <3FFD2198.8000704 at tuhh.de>

Did you mean to send this to me personally instead of replying to the
list?  If not, please feel free to forward this reply back to the
list.

Christian Stimming <stimming at tuhh.de> writes:

> Sounds good to me.
>
> Derek Atkins schrieb:
>> QUESTION: If the user provides multiple files at once and each file
>> has internal ambiguities (e.g. the date format), should the user be
>> asked for each file, or can we assume that all the files have the same
>> format?  Perhaps the UI should allow the user to "make this choice for
>> all files"?
>
> The ideal dialog would probably be
>
>    "Choose date format [choicebox]
>    [x] Use this choice for all files"

I like this idea....

> It doesn't make much sense if a user imports QIF files from different
> sources, but it is still possible.

OTOH if a user is importing from multiple sources you have the problem
that QIF accounts might not map to each other, so you've already got
other issues.

>   Alternatively, the dialog could
> have a big warning
>
>    "Choose date format for all files [choicebox]
>    If some files have a different date format, please go back, unselect
>    them in the file list, and import them in a separate step"
>
> but such a warning doesn't look quite nice...

Agreed.

> BTW I haven't noticed your ihtfp.com email addresse
> before... Interesting. 

Strange.  I've been using it for a while..  I swap back and forth when
I actually send email, but my commit messages have been using my ihtfp
address for over a year.

>  BTW the other day someone asked why we don't
> offer MD5's and signatures for our gnucash and openhbci packages, as
> they (especially with HBCI) are in fact money-critical applications. I
> replied that we would need some audit trail which we don't have. But
> to be honest I have no idea about what we would need to do to provide
> meaningful signed source packages. Do you have some ideas and/or
> pointers to documents that describe the required steps for this?

Well, supplying MD5s for the packages just implies running md5sum over
the package and publishing the number.  We could also create a pgp
detached signature over the packages and put those on the web site.
Neither of these are a tremendous amount of work, but they do add
overhead to the packaging system.  I've never actually used the RPM
PGP feature so I don't know how to do that.

> Christian

-derek

-- 
        Derek Atkins, SB '93 MIT EE, SM '95 MIT Media Laboratory
        Member, MIT Student Information Processing Board  (SIPB)
        URL: http://web.mit.edu/warlord/    PP-ASEL-IA     N1NWH
        warlord at MIT.EDU                        PGP key available

More information about the gnucash-devel mailing list