First, Thanks for the willingess to consider changes. I appreciate it. I'm on board too. I'd agree in starting small. Having an issue queue where code could be posted shared and tested does go a long way to alleviating my concerns. I could probably get by with the testing of an applied patch, or whole module file. We should factor in some way of bringing in the user that reported the problem. Particularly if they are doing so because they've been exploited. This has never happened to me yet, but seems like the prudent thing to do. I'm sure accommodations for bringing others into the issue queue can be made on a case by case basis at the security teams discretion. I think I would probably use the custom CVS repository, but I know that I'm different enough in my use of CVS, and deployment strategies, that it may not be worth the effort to develop just for me. Let's wait till we here more requests. Thanks again for listening. Dave On Jan 18, 2008, at 1:32 PM, Derek Wright wrote:
On Jan 18, 2008, at 12:14 PM, Angela Byron wrote:
I'm +1 to its removal, but defer to dww since he knows a lot better than me (or probably most of us ;)) what would be involved here, and how much work it would actually cost/save.