On Tue, Jul 3, 2012 at 5:32 PM, Alex Harui <aha...@adobe.com> wrote: > On 7/3/12 1:10 AM, "Bertrand Delacretaz" <bdelacre...@apache.org> wrote: >> ...how about >> ./frameworks/projects/flash-integration/FLA/ContentHolder.fla? How can >> people check that file in order to trust it?...
> ...A FLA file is a source project for Flash Professional. If you are a user > of > Flash Professional and want to use it to create components for Flex, you can > start with some plug-ins that involve this file. In general, how does a > project that allows for integration from other paid-for proprietary projects > provide sample projects or other integration files?... thanks for the explanation - IMO such files could be distributed as convenience binaries, outside of the release. My question about trusting that file amounts to "how can people check that an fla file does not contain harmful content" - that's the whole point about source vs. binary releases. If there's a reasonable way to validate that particular fla, and it's only optional and not required to use Apache Flex anyway, it can probably stay in the release IMO, but Incubator PMC members might think differently. -Bertrand
