[wp-hackers] Code reviews for plugins?

Mark E mark at simplercomputing.net
Mon Aug 23 03:49:23 UTC 2010

On 08/22/2010 09:24 PM, Lynne Pope wrote:
> On 23 August 2010 15:08, Mark E<mark at simplercomputing.net>  wrote:
>>   My opinion, if it isn't clear already, is to forget about screening the
>> repo. That's not the responsibility of Automattic.
> Nobody is suggesting it is. Unless I've really missed the point here, its
> about the community setting up a community-based review process.
> If enough people want to get involved and do this then it should, IMO, be
> encouraged. It's a huge task to undertake but with enough hands&  eyes its
> not unachievable.

I'm seeing a big issue centered around delivering a false sense of 
security to numerous millions of innocent people.

One might think that through before proceeding. And if one proceeds then 
it ought to be made crystal clear and glaringly obvious exactly what the 
review means - in the most basic of layman's of terms. Otherwise an 
entirely new and more dangerous risk will be created as a result of 
trying to eliminate other risks - ironically enough.

I've seen it happen so many times already over the past decade and a 
half that I've lost count.


More information about the wp-hackers mailing list