https://bugs.koha-community.org/bugzilla3/show_bug.cgi?id=23890
--- Comment #2 from Martin Renvoize <[email protected]> --- I've changed my mind on this one... whilst going through existing hooks and trying to pick which methods potentially exposed us to nefarious code I pretty much decided that they all could. + 'opac_online_payment' => '1', + 'opac_online_payment_end' => '1', + 'opac_online_payment_begin' => '1', + 'to_marc' => '1', + 'edifact_transport' => '1', + 'edifact_process_invoice' => '1', + 'edifact_order' => '1', + 'edifact' => '1', + 'opac_head' => '1', + 'opac_js' => '1', + 'intranet_head' => '1', + 'intranet_js' => '1', + 'intranet_catalog_biblio_enhancements_toolbar_button' => '1', As such, I think warning on some but not others could actually lead us to worse situation where inexperienced system administrators are lulled into a false sense of security. In reality, I feel we need a cleaner delivery method for plugins as a community and perhaps a signing procedure to state a certain level of trust/quality. This is something I've wanted to work on for some time but not had a moment to implement to date. As such, I don't believe this should hold up bug 22706. -- You are receiving this mail because: You are the assignee for the bug. You are watching all bug changes. _______________________________________________ Koha-bugs mailing list [email protected] https://lists.koha-community.org/cgi-bin/mailman/listinfo/koha-bugs website : http://www.koha-community.org/ git : http://git.koha-community.org/ bugs : http://bugs.koha-community.org/
