[theme-reviewers] Guidance on theme security
Chip Bennett
chip at chipbennett.net
Wed Oct 20 16:32:01 UTC 2010
Perhaps if, as Nacin indicates, we let the uploader script fail Themes that
use deprecated functions (regardless of whether or not that use is part of
backward-compatibility code), we can avoid any real issues on the subject?
I agree that one of my primary concerns is the use of deprecated functions.
But I'm equally concerned about the Repository giving the appearance of
facilitating the use of outdated versions of WordPress.
Chip
On Wed, Oct 20, 2010 at 11:21 AM, Edward Caissie
<edward.caissie at gmail.com>wrote:
> On Wed, Oct 20, 2010 at 11:37 AM, Andrew Nacin <wp at andrewnacin.com> wrote:
>
>> If this is about deprecated functions, then they should be surrounding
>> things in function_exists checks, so proper functions get run when they are
>> available. If the upload script catches such functions, then it's still not
>> our problem. That's the solution, really... Don't worry about it, and let
>> the upload script bark at them.
>
>
> I would say my only real concern with backward compatibility is the use of
> deprecated functions, and as far as that goes, I would agree to let the
> theme uploader script take the heat for not allowing a Theme into the review
> queue versus it being "not-approved" for using them ... with the proviso the
> most current and correct function is used first as suggested with
> 'function_exists' wrappers.
>
> But does this alleviate the Theme Reviewer from having to check the
> deprecated function being called?
>
>
> Cais.
>
> _______________________________________________
> theme-reviewers mailing list
> theme-reviewers at lists.wordpress.org
> http://lists.wordpress.org/mailman/listinfo/theme-reviewers
>
>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.wordpress.org/pipermail/theme-reviewers/attachments/20101020/2818ca77/attachment.htm>
More information about the theme-reviewers
mailing list