[development] RFC: drupal as a moving target

Jose A. Reyero drupal at reyero.net
Mon Apr 28 16:07:00 UTC 2008

Moshe Weitzman wrote:
> So, now we are getting down to specifics which is good. The official
> security team policy is that we support the current release and the
> prior one. If we want to add a release to that list, then we need to
> think of a way to fund it. The volunteer fire dept approach of
> security team cannot possibly accept more work as it currently stands.
> We already review patches and issue advisories for hundreds of contrib
> modules on top of drupal core.
> IMO, It is time to fund the position of "Security Team lead". That
> person can then focus on optimizing the volunteers and can then decide
> if supporting another version is feasible. If anyone wants to fund
> this position, or donate their employees' time toward this, then
> please talk to the Drupal Association. We dont' really need more
> volunteers on the team IMO- coordination costs start to overwhelm the
> benefits.
I think if we could find the way to fund such a position it would be
great, even if we are not supporting more than the current number of

(Maybe open a new thread for this issue? as I think this proposal
deserves more visibility)

More information about the development mailing list