[wp-hackers] Themes Being Unofficially Distributed with Security Vulnerabilities - Time for an Official Theme Repository?

Christine Davis christine at neato.co.nz
Thu Nov 29 03:51:23 GMT 2007


I have eleventy-billion things on my todo list already,  so adding an
eleventy-billiion-and-oneth seems like a way for this to not get done.
Although it seems like a fun thing to write.

If I was writing it, though (:  I'd probably have a server-based-thing which
accepts a theme,  and spits out some kind of risk rating.

That way, you could have a web interface where you could put
randomInternetTheme.zip into it, to see if it's sketchy;  it could be used
by a central theme repository for keeping an eye on the themes it has;  and
as a thing that a plugin that could send the theme to, for checking before
activating.

Oh!  And the magical rules wouldn't be available for general consumption,
since the service would have 'em.

The question is who will write this code, where will the code be located
> (probably not fit for core, but that is up to the core devs), and what
> steps will you take to ensure that people know about it?
>


More information about the wp-hackers mailing list