[TYPO3-dev] Review process nuisances

[Christian Lerrahn (Cerebrum)]

Hi,
I really appreciate the introduction of the review process. As somebody
with a strong security background, I do see the need for that,
particularly because I realise how hard it sometimes is to judge where
TYPO3 will do the security checks for you and where it doesn't.
However, this whole idea can also be a great nuisance which actually
devalues the whole process again. Too often the reviewed versions even
of rather widespread extensions are immature while the major bug fix
releases have not been reviewed, yet. I had this issue a while ago with
templavoila where the reviewed version was still beta while the stable
version was not reviewed. Today I stumbled over such a problem again.
The version of newloginbox which is currently available as "reviewed"
does not have the storagePID TS override for the "General Root Storage
Pid". This means that the reviewed version is unusable with TV. As I
use it on a TV site, I therefore have to introduce an unreviewed
extension because otherwise this bug will affect me.

I understand that the problem with the process is that there are not
enough people around to do the reviews. I also understand that you need
some kind of reference for new reviewers to ensure quality. However, if
this cannot be fixed within a short time frame people will get used to
using unreviewed extensions and you will either have to re-educate them
once the reviewing process works out or all the effort will be in vain.

I hope this won't start a flame war but this is just my two cents
worth...

Cheers,
Christian