[wp-trac] [WordPress Trac] #39309: Secure WordPress Against Infrastructure Attacks

WordPress Trac noreply at wordpress.org
Mon Jan 16 05:36:14 UTC 2017


#39309: Secure WordPress Against Infrastructure Attacks
------------------------------------------+------------------------------
 Reporter:  paragoninitiativeenterprises  |       Owner:
     Type:  enhancement                   |      Status:  new
 Priority:  normal                        |   Milestone:  Awaiting Review
Component:  Upgrade/Install               |     Version:  trunk
 Severity:  normal                        |  Resolution:
 Keywords:  has-patch                     |     Focuses:
------------------------------------------+------------------------------

Comment (by rmccue):

 I haven't reviewed the content of the patch, but in terms of structure: we
 don't usually bring in the entire library source, just the useful bits. In
 this case, it looks like we only need `sodium_compat/src`, not the tests
 and Composer file. Likewise, the license should be incorporated into the
 credits page (`wp-admin/credits.php`) instead.

 That's probably more of a thing for a later patch as it seems this is
 still under development, but something to be aware of for a final patch.

 (See also the other external libraries we include: Requests, SimplePie,
 Text_Diff, random_compat)

--
Ticket URL: <https://core.trac.wordpress.org/ticket/39309#comment:7>
WordPress Trac <https://core.trac.wordpress.org/>
WordPress publishing platform


More information about the wp-trac mailing list