[pmwiki-users] Why all this zapping?

[Neil Herber (nospam)]

On 2007-05-01 kjettil is rumoured to have said:
> I'd propose that, similarly, the Cookbook recipes be organized in two sets: 1 - One set for recipes which have been tested and proved to be stable, reliable and secure, and therefore can be recommended for safe use by serious web site developers. 2 - One set for recipes under development and testing, and which may be released to the first set, when further testing has shown their stability, reliability and security. Discussions on this set should take place in pmwiki-devel. 

I don't think this division is a realistic proposal, given the nature of 
Cookbook recipes. Writing recipes is not a simple task, and writing 
secure and stable ones is even more difficult.

Who, other than the author, would decide if a recipe was secure or stable?

For my own purposes, I assume that anything in the core is as secure and 
stable as it can be - but even that has not been true in the past. There 
was at least one instance I can dimly recall where a core security hole 
was identified (but quickly patched).

I also assume that for any recipe I use, the author has done the best 
job they could to make it secure and stable (unless they explicity label 
it as a beta of some sort). Whether I have confidence in that assessment 
depends (for me) on how well the author's other contributions have stood 
the test of time.

Even commercial software can be unstable and insecure (no name calling, 
please!) but you don't have the option of fixing the code yourself. As a 
gross level, to secure an insecure recipe, just disable it. Not too good 
a scenario if it makes up a large part of your site, but at least it is 
an option.

-- 
Neil Herber
Corporate info at http://www.eton.ca/