Node.js is not Java. Passport is less than a year old, hence updates. And compared to other packages like jade the updates are rather infrequent. All in all passport is an exemplary package (or actually collection of packages).
On Sun, Jan 13, 2013 at 9:05 AM, Harald Hanche-Olsen <[email protected]>wrote: > [quahada <[email protected]> (2013-01-13 06:14:53 UTC)] > > > I'm in the process of switching over to passport. Maintenance of > passport is > > Much more frequent, so it's a solid long term, production solution. > > That's a non sequitur, I think. Mind you, I have no idea how good > passport is or isn't. But in the security domain, I would worry that > frequent updates indicate the authors keep finding bugs, and that does > not inspire confidence. Also, you might wish to audit the code > yourself if security is important, and that is more work if the code > keeps getting new updates. > > Frequency of updates alone is a bad metric for quality. Infrequent > updates could mean that the code is solid and bugfree, but it could > also mean the authors have abandoned it or just don't care. > > - Harald > > -- > Job Board: http://jobs.nodejs.org/ > Posting guidelines: > https://github.com/joyent/node/wiki/Mailing-List-Posting-Guidelines > You received this message because you are subscribed to the Google > Groups "nodejs" group. > To post to this group, send email to [email protected] > To unsubscribe from this group, send email to > [email protected] > For more options, visit this group at > http://groups.google.com/group/nodejs?hl=en?hl=en > -- Job Board: http://jobs.nodejs.org/ Posting guidelines: https://github.com/joyent/node/wiki/Mailing-List-Posting-Guidelines You received this message because you are subscribed to the Google Groups "nodejs" group. To post to this group, send email to [email protected] To unsubscribe from this group, send email to [email protected] For more options, visit this group at http://groups.google.com/group/nodejs?hl=en?hl=en
