[wp-hackers] Community Views on Now and the Future
apakuni at gmail.com
Sun Mar 5 05:54:17 GMT 2006
Initially, I thought the narrow commit funnel was a bad idea. But having
worked on 2 major OSS CMS projects with wide-open commit policies, I have to
say I see the wisdom of the narrow funnel. Loose control leads to spaghetti
code and flame wars over inconsequential issues.
As for the comments on Matt's leadership in the linked post, I've never had
that experience. Granted, I am not in the code the way Scott seems to be,
but Matt has always been gracious and available to me. That said, if folks
are unwilling to write docs themselves, they need to be supportive of those
who are willing.
Also, one of the great things about open source is ... if you think the
project is going in a direction you do not like, you are free to take the
code and, dare I say it, start a "fork" that you control. Pissing on the
leg of the leadership is not likely to get you anything but ignored.
As for the the commercial interests at play, I disagree with the assertion
that they are hurting the project. I personally do not like Askimet and the
whole wp.com key structure. I've said so on this list. However,
alternatives are readily available and disabling Askimet is as simple as
deleting it from my plugins directory. If/when commercial tie-ins are
buried deep in the code and their removal cripples WP, then we have a
problem. Until that day, the exposure and stability provided by the
underlying commercial enterprises hurt more than they help.
WP is very extensible and this is it's strength. The core should always
remain lean and contain only essential and relevant core modules. From
there, we can, and should, "roll our own" custom distros with all of our
favorite plugins in place. And, if there is functionality which does not
exist but you think is critical, write it as a plug-in. If it becomes
ubiquitous and everyone screams for it in the core (like back up) it will
find its way in there.
Finally, I'll agree that WP could benefit from an independent security
audit. But I'll disagree with the idea that Matt and company need to pay
for it. Their only obligation to pay is for the code that runs their
commercial businesses, and even then it is their call.
If the community wants an independent audit, we need to come out of pocket
to get it. If someone wants to lead that effort, tell us how much it is,
set up a paypal or other account to pay for it and I will gladly donate.
On 3/4/06 2:48 PM, "Robert Deaton" <false.hopes at gmail.com> wrote:
> --Robert Deaton
> wp-hackers mailing list
> wp-hackers at lists.automattic.com
More information about the wp-hackers