[wp-hackers] Security at Wordpress
Elliotte Harold
elharo at metalab.unc.edu
Mon Apr 24 12:48:56 GMT 2006
Owen Winkler wrote:
> Strange that all of the POST proponents hadn't written a patch for this
> already - it might have been less overall work than the bluster they've
> created, and it might already have been committed by now.
Let me repeat myself: experience has taught me that writing patches for
design flaws is a complete waste of time until the maintainers recognize
the flaw. While simple fixes for obvious bugs are usually accepted, and
feature additions are sometimes accepted, architectural changes are
almost never accepted. This isn't WordPress specific by any means. This
is a general rule in most open source projects.
At such time as the maintainers decide they want to use POST where
appropriate, then it makes sense to invest time in creating a patch.
Until then, the question is not whether to submit a patch. It's whether
to live with the flaw or fork the project. I personally haven't decided
yet. Forking is a big step, but not out of the question. I've got a
growing list of problems with WordPress that can likely only be
addressed in a separate development branch. I'd certainly prefer not to
go to all the expense and trouble of maintaining a fork. It's not like I
don't have enough to unpaid work already; but if the list keeps growing
then forking may become inevitable.
I've already made a few changes in the code for my personal sites. The
more changes I make and the further my own codebase diverges from the
official codebase, the more sense it makes to publish the whole thing,
and make it official.
--
Elliotte Rusty Harold elharo at metalab.unc.edu
XML in a Nutshell 3rd Edition Just Published!
http://www.cafeconleche.org/books/xian3/
http://www.amazon.com/exec/obidos/ISBN=0596007647/cafeaulaitA/ref=nosim
More information about the wp-hackers
mailing list