[theme-reviewers] Guidance on theme security

Andrew Nacin wp at andrewnacin.com
Wed Oct 20 15:37:49 UTC 2010

On Wed, Oct 20, 2010 at 11:15 AM, Edward Caissie
<edward.caissie at gmail.com>wrote:

> On Wed, Oct 20, 2010 at 11:07 AM, Chip Bennett <chip at chipbennett.net>wrote:
>> So you're leaning toward no backward-compatibility support beyond one
>> prior major version?
>> I can live with that. It's probably the best we'll be able to do.
> In a perfect world, yes, but we all know the world is imperfect. How we
> implement a minimal to no backward-compatibility approach is going to be the
> real challenge; more so than the actual time-frame we work out.

That's the exact opposite of our core philosophies though. If they want to
support back to the end of time, I don't see why we need to prevent them
from doing so. Not our problem and it should not make theme reviews harder.

If this is about deprecated functions, then they should be surrounding
things in function_exists checks, so proper functions get run when they are
available. If the upload script catches such functions, then it's still not
our problem. That's the solution, really... Don't worry about it, and let
the upload script bark at them.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.wordpress.org/pipermail/theme-reviewers/attachments/20101020/7369c2c7/attachment.htm>

More information about the theme-reviewers mailing list