21 May
2007
21 May
'07
9:33 p.m.
it isn't "very simple;" security patches are just one aspect of issue. What about the fact that Drupal, despite its breakneck pace, moves SLOWER than some other GPL projects? In those scenarios, we actually need to keep an older version for compatibility issues. --Jeff On May 21, 2007, at 2:08 PM, Karoly Negyesi wrote:
I don't understand what's so inconvenient in allowing external files.
It's very simple. When there is a security fix released for the 3rd party code then our repository necessarily will be some time behind -- if the maintainer is sloppy then seriously behind. I do not want Drupal distributing insecure code. Solve this problem and we can move on.