You're right - let's not argue this anymore. We'll work on something and if it makes it into contrib, great, if not - well I guess we're no worse off than we are right now.
In the interim I propose that we add a note to http://docs.djangoproject.com/en/dev/topics/auth/ to let users know that brute-force prevention doesn't come out of the box. Does that sound fair? On Mar 8, 4:10 am, Michael Radziej <[email protected]> wrote: > On Mon, 7 Mar 2011 18:11:19 -0800 (PST), Rohit Sethi <[email protected]> > wrote: > > Luke, I guess the real question is what's the risk of not including it > > out-of-the-box? > > Well, it *is* not included out-of-the-box. The universe has not collapsed. > > While I appreciate your proposal, I don't see the immediate necessity to > stop all other django development. As Russell wrote: Nothing will happen > until somebody gets their hands dirty and writes some code. And the > past has proved that this happens much better independently from the > release cycle of the django core. When a good solution has been found, > it might go into the core. > > It's simply easier to try out various concepts out of the core. > > Kind regards > > Michael -- You received this message because you are subscribed to the Google Groups "Django developers" group. To post to this group, send email to [email protected]. To unsubscribe from this group, send email to [email protected]. For more options, visit this group at http://groups.google.com/group/django-developers?hl=en.
