[development] RFC: letting modules phone home to check for new releases
Earl Miles
merlin at logrus.com
Sat Nov 18 17:50:27 UTC 2006
Bèr Kessels wrote:
> Op zaterdag 18 november 2006 11:44, schreef Karoly Negyesi:
>
>>Huh? Last I checked drupal.org/security had an RSS feed and Drupal core had
>>an aggregator which can do blocks and we have excellent control over block
>>visibility.
>
> This is almost exactly what I mean. Its works now, needs no patches, no
> modules and no develoment/. It can be done now.
Two other points.
1) It's hard to argue that highly targeted security announcements are a bad
idea. If 1) drupal.org tracks what modules have security problems and the
solution, and 2) a site can ask drupal.org for this information an all its
modules, sites owners can be properly informed. We know that many people
continue to run with old versions of the software. We can reduce that number a lot.
2) This information can be given via drupal_set_message on /admin, not via
blocks which can be misconfigured due to user error. We can be certain that the
right messages are delivered to the right people.
More information about the development
mailing list