[wp-hackers] Adding a plugins svn committer
Aaron Jorbin
aaron at jorb.in
Thu Oct 6 17:25:16 UTC 2011
I would reccomend putting filters and actions in place that allow these
other features to function properly and live as there own plugins then. It
should be easy enough to manage the pull requests or patches for filters and
actions.
http://aaron.jorb.in
twitter: twitter.com/aaronjorbin
On Thu, Oct 6, 2011 at 1:19 PM, Dan Phiffer <dan at phiffer.org> wrote:
> Yeah, just to explain my special situation...
>
> I've released a plugin, JSON API that we rely on for our website at
> MoMA.org. If it were compromised this wouldn't just be an inconvenience, we
> could lose our capacity to process credit card transactions. So I'm trying
> to err on the side of caution.
>
> That is balanced against a desire to support extensions to the plugin that
> I don't require and don't have time to implement. I've been contacted folks
> who certainly strike me as responsible, but who I haven't met in person. I
> have no reason to doubt their trustworthiness, and I'd like the plugin to
> accommodate as many varied use cases as possible.
>
> The plugin already has a GitHub presence, but managing pull requests and
> merging changes is something that doesn't take a high priority in my work
> day. So basically I'd prefer to accept commits on a single "primary repo"
> and be able to just review and release without feeling nervous imposing more
> risk. I realize all of this isn't a typical setup, so I definitely
> understand the limitations currently in place on the SVN repos.
>
> Thanks for all the replies!
>
> -Dan
>
>
> On Oct 5, 2011, at 2:00 PM, Mike Bijon wrote:
>
> > Agreed with Dion on SVN, having a trusted team is far better regardless
> of
> > the VC system in use. Even with GitHub, unless you're doing very thorough
> > code reviews on every pull ... then someone could slip bad/evil code in.
> >
> > Remember the WordPress plugin repo is that it's still a partly-manual
> > system, http://wordpress.org/extend/plugins/about/. Perhaps someone from
> > Automattic could convince their future Community Handyman,
> > http://automattic.com/work-with-us/community-handyman/ to update the
> > plugin/SVN interface. Maybe something with a more-automated signup, with
> an
> > 'owner' user, a separate "deploy" option, and more-granular permissions
> that
> > the plugin admin could control in a web UI.
> >
> > (admittedly, I'm applying to be that Handyman...)
> > _______________________________________________
> > wp-hackers mailing list
> > wp-hackers at lists.automattic.com
> > http://lists.automattic.com/mailman/listinfo/wp-hackers
>
> _______________________________________________
> wp-hackers mailing list
> wp-hackers at lists.automattic.com
> http://lists.automattic.com/mailman/listinfo/wp-hackers
>
More information about the wp-hackers
mailing list