In theory you need to maintain a hotfixes.cfg for each of the latest Plone versions - at least for 4.3-latest, 4.2-latest etc. Many sites however don't run on the latest 4.x-latest version. In addition the latest hotfixes have seen significant bugfixes the days after the release and in some case the latest version of a hotfix caused additional trouble instead of solving problems. In this case we had to pin certain versions which did not represent the latest version of e.g. plone4.csrffixes.
Sorry to get late on the conversation... I saw others saying as well "it took us XX man hours to push" so spending some extra XX man hours on making that process even faster for everyone would be extra extra cool
While the starzel buildout is nice, i would love to have this hotfixes in collective, you might want to go for Products.CMFPlone instead of Plone but i'm not sure about that.
I use a products directory to install hotfixes rather than run buildout. For many older setups that might have old weird stuff in their buildouts, it just introduces more risk than I'd like to rerun buildout for a patch.
In an ideal world, it would be nice to go to a site setup, and click "apply hotfixes" and sit back and it happens.
I think it might be possible. Writing a view to download from a known source and unpack a zip into a products dir from within plone is not hard. Doing it such that zeo clients that, don't know about each other, do so one at a time, in a way that they can roll themselves back in the case of failure to start... interesting problem to solve.
Perhaps some zodb object that registers IP and dir for each zope instance that starts. Then a clock tick on each that works out if its this instance turn to download and restart?
@pcdummy. It's a calculated risk. Given it would be a fixed source, possibly fixed to an IP address the risk is moderate. And it could be explicitly disabled for those not willing to take the risk.
Having to login to lots of sites is much easier for those without much technical knowledge, yet they want to keep their site secure. For lots of sites, there is no one with enough experience left to run buildout, and deal with any failures.
We should be making plone "expensive consultant" proof.
We at the Webmeisterei have been talking about that, we will implement a buildout recipe: plone.recipe.hotfixes
It will do automatic version detection and will have the possiblity to give a a base_url where you have one or many JSON files hosted. We will create and maintain the JSON files with the recipe itself on: https://github.com/collective/plone.recipe.hotfixes
The schema of the JSON files is not yet finished, but we will implement a way that you can include/exclude certain Hotfix (like the CSRF Fixes) by giving/not giving that config as parameter.