Hi, On 02-06-20, Lukas Fleischer wrote: > One thing I should have clarified much more in my first email in this > thread is that this is part of a dual stack solution, with most of the > code still being written in PHP and only specific pages being handled by > the new framework. Everything we do (including database access, user and > session management, ...) must be fully compatible with our PHP > implementation, hence we would almost certainly not be able to use any > of the more sophisticated features that these more comprehensive > frameworks provide.
Right, I had not understood this would be such a strong design constraint. In that case, yes, Django is clearly out of the loop. I understand the advantages of a gradual rollout. However there's a risk that the new code can end up being inconsistent, with possible security impacts. You will have to really double-check any code related to authentication, autorization, privilege, permissions, etc. "Heavyweight" frameworks usually take care of that for you in a consistent way, but here you will be mostly on your own. > As you may have noticed from some of the patches submitted to the ML, we > decided to use FastAPI over Flask. Indeed, I didn't know FastAPI. It looks like a more fancy/modern Flask, which is a good sign. Baptiste
signature.asc
Description: PGP signature
