[wp-hackers] Code reviews for plugins?
Mark E
mark at simplercomputing.net
Mon Aug 23 03:49:23 UTC 2010
On 08/22/2010 09:24 PM, Lynne Pope wrote:
> On 23 August 2010 15:08, Mark E<mark at simplercomputing.net> wrote:
>> My opinion, if it isn't clear already, is to forget about screening the
>> repo. That's not the responsibility of Automattic.
>
>
> Nobody is suggesting it is. Unless I've really missed the point here, its
> about the community setting up a community-based review process.
>
> If enough people want to get involved and do this then it should, IMO, be
> encouraged. It's a huge task to undertake but with enough hands& eyes its
> not unachievable.
I'm seeing a big issue centered around delivering a false sense of
security to numerous millions of innocent people.
One might think that through before proceeding. And if one proceeds then
it ought to be made crystal clear and glaringly obvious exactly what the
review means - in the most basic of layman's of terms. Otherwise an
entirely new and more dangerous risk will be created as a result of
trying to eliminate other risks - ironically enough.
I've seen it happen so many times already over the past decade and a
half that I've lost count.
Mark
More information about the wp-hackers
mailing list