[development] Slight API change in 4.6.10 and 4.7.4

inkfree press inkfree at gmail.com
Fri Oct 20 15:02:21 UTC 2006


On 19 Oct 2006, at 16:59, inkfree press wrote:

>> That would really seem like information which should have been prepared
>> before the release, and then submitted or posted along with the update.  I
>> know this is the 'dev' list, and so converting modules and such is important
>> for readers of this list.  However, from a "user"/"administrator" point of
>> view, "converting" modules is not on the radar.

"Dries Buytaert" wrote:

> We spent quite a bit of time preparing these patches, and debating the pro and
> cons.  Heine et al have been a godsend.  Sometimes, stuff like this happens,
> and when it happens, the reaction should not be to bash the security team, but
> to collaboratively focus on fixing the affected modules.

No bashing here, Dries.  No bashing at all.  I said, with real appreciation:

>>> Thanks to the security team for keeping things safe.  We all _really do_
>>> appreciate the work and the effort.  (My mild complaints or observations
>>> about the announcement do not discount this work or the appreciation.)

I do take your point, however, and quite understand that these decisions
were made with thoughtfulness and with concern.  Small gripes about things
aside, it appears that the affected list of modern modules is rather small
(from what I read as posted here.)

> That said, we're open for suggestions, and we'll take these into account in
> future.  Also, if you want to play an active role in the security team, you
> can sign up by sending us an e-mail.

I don't know about "active role", but I do know about "passive role", which
I addressed by subscribing to that list.  I am not skilled at securing PHP
or SQL, but I do have an interest in keep abreast of the issues and of the
discussions as they happen.  (Just prudence, so that I don't feel torn again
between applying an update or breaking a slew of sites.)

>>> I did (just now) subscribe to the security announcement list, so that if I
>>> have any comments I can make them in a more appropriate place.

So...I subscribed to the Security Announcement list (no posts since Thu, 19
Oct 2006 07:31:02 -0700 (PDT), however).


Thanks for your reply.

-- 
inkfree



More information about the development mailing list