[TYPO3-ect] Extension Rating System and Reviews Status
Patrick Rodacker
patrick.rodacker at the-reflection.de
Thu Aug 3 10:39:49 CEST 2006
Hi Michael,
Michael Scharkow wrote on 02.08.2006 13:54:
> The security team works behind closed doors because we're not really
> interested in 0-day exploits. Since the security team has been in charge
> of security reviews, those discussions happened to be non-public, which
> was IMHO not our intention but evolved out of the discussion.
... which is not too bad, but decision made and actions rolled out after
those discussion could have been more transparent.
>> That is Patricks part, who is our officail coordinator of the Ratings and
>> Revisions.
>
> Sorry, just as you might feel offended but not being consulted on these
> issues, I don't like you calling any official coordinator of ratings and
> revisions. Who has appointed Patrick?
I agree on this point and I don't give a damn about the titles. When the
question was raised within ECT who would do the job and nobody was there
I raised my hand. Thats all.
> What about Robert, myself and lots of volunteers who have worked in
> this area for a long time. The reviewing and ratings have been public in
> svn ever since, and the ratings were even publicly beta-tested.
Well, the formerly existing extension review team didn't succeed, though
they left some publicly documents about their vision and approaches,
which are definitely useful. I never heard about the review and ratings
system before a) the announce of security reviews by the security team
and b) the announce of the almost finished rating system. But this is my
own fault, I could have asked more aggressively if there are running
projects related to reviews.
My main problem seems to be that my programming skills are limited and I
can't keep up with your work or the work of other core or closed core
developers to come up with an own acceptable solution. So I have to rely
on open discussions where I can argue about my thoughts and visions and
try to convince the people developing the different systems. Regarding
the rating system I couldn't find a discussion about the approach, only
the beta testing, which results naturally only in minor changes and fine
tuning. Please don't get me wrong on this, I really appreciate your work
and the the development of such a system, though I am still waiting on
the roll out on typo3.org ;-)
> I very much support Patrick taking over these issues, but helping is
> about getting work done, not about official titles.
Well, I will try to communicate the thougts of others on this issues and
make the whole process as transparent as possible. When it comes to
coding I can try as well, if there aren't other more skilled developers
at hand.
So far
Greetings
Patrick
More information about the TYPO3-team-extension-coordination
mailing list