[theme-reviewers] Embedded theme options frameworks and/or resources

Emil Uzelac emil at uzelac.me
Mon Oct 20 15:30:35 UTC 2014


If you need help, please request a mentor :)

On Mon, Oct 20, 2014 at 10:22 AM, Venkat Raj <venkat at webulous.in> wrote:

>  It is options framework, but it doesn't matter. I meant to say any
> "bundled resource"
> Checking everything makes sense and we should.
>
> My concern is that, say we have 2 embedded resource then 1 theme review =
> 1 theme code + 2 plug-in code review?
> I think admins can make a rule for this, because
> 1) We're already atleast 6 week behind
> 2) New comers like me, don't have much experience in reviewing plugin code
> and security issues.
>
>
>
> On Monday 20 October 2014 08:34 PM, Emil Uzelac wrote:
>
>  If you are referring to http://wptheming.com/options-framework-plugin/ I
> don't think that phoning home is involved.
>
>  Now, it does not matter if the code was integrated as-is, or has been
> modified, we still need to check everything :)
>
> On Mon, Oct 20, 2014 at 8:59 AM, Jasin S. <jasins at wphoot.com> wrote:
>
>>  ^ what tskk said.
>>
>>  A good starting point would be using diff to check if the Options
>> framework has been inserted "as-is" in the theme, or if its a modified
>> version (maybe even malicious code)
>>
>>  I find Sublimerge to be an awesome tool for this (available on Sublime
>> Text editor)
>>
>>  cheers,
>>  Jasin S.
>>
>>  Is that framework included in the theme zip? If it is then you have to
>>> review it.
>>> Sent from BlackBerry® on Airtel
>>>
>>> -----Original Message-----
>>> From: Venkat Raj <venkat at webulous.in>
>>> Sender: "theme-reviewers" <theme-reviewers-bounces at lists.wordpress.org>Date:
>>> Mon, 20 Oct 2014 11:55:24
>>> To: theme >> Discussion list for WordPress theme reviewers.<
>>> theme-reviewers at lists.wordpress.org>
>>> Reply-To: "Discussion list for WordPress theme reviewers."
>>>  <theme-reviewers at lists.wordpress.org>
>>> Subject: [theme-reviewers] Embedded theme options frameworks and/or
>>> resources
>>>
>>> I'm reviewing a theme which embeds options framework.
>>> My question is, since it is bundled resource, I don't need to go through
>>> it line by line, right?
>>> Plugin reviewer can take care of that. But how can I make sure, it is
>>> not modified version of original
>>> and/or not containing any malicious code such as dialling home which we
>>> encountered few days back!
>>>
>>> _______________________________________________
>>> theme-reviewers mailing list
>>> theme-reviewers at lists.wordpress.org
>>> http://lists.wordpress.org/mailman/listinfo/theme-reviewers
>>> _______________________________________________
>>> theme-reviewers mailing list
>>> theme-reviewers at lists.wordpress.org
>>> http://lists.wordpress.org/mailman/listinfo/theme-reviewers
>>>
>>
>>
>> _______________________________________________
>> theme-reviewers mailing list
>> theme-reviewers at lists.wordpress.org
>> http://lists.wordpress.org/mailman/listinfo/theme-reviewers
>>
>>
>
>
> _______________________________________________
> theme-reviewers mailing listtheme-reviewers at lists.wordpress.orghttp://lists.wordpress.org/mailman/listinfo/theme-reviewers
>
>
>
> _______________________________________________
> theme-reviewers mailing list
> theme-reviewers at lists.wordpress.org
> http://lists.wordpress.org/mailman/listinfo/theme-reviewers
>
>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.wordpress.org/pipermail/theme-reviewers/attachments/20141020/af6316c8/attachment-0001.html>


More information about the theme-reviewers mailing list