Lutz Frommberger wrote:
Emmanuel Blot <[EMAIL PROTECTED]> wrote:
Upgrading from one minor release to another (ex: 0.9.2 -> 0.9.3)
should not break up plugin in most of the cases, but if plugins are
designed to work against the Trac trunk, there cannot be any warranty
about the external APIs.
That's totally ok: If you want to work with the trunk, you risk to get
into trouble. But you should not experience any trouble if you stick
to official releases.
"In most of the cases" ...
What happened in the 0.9.2 -> 0.9.3 upgrade was that we wanted to fix
XSS security issues,
and this involved a rather important change in the way the strings were
handed down from
the code to the template layer.
The tradeoff between security increase/inconvenience was in favor of the
security increase.
The "nice" thing about this incompatibility is that plugin writers
_will_ have to take notice
of the change and make their plugin robust against XSS attacks too :)
-- Christian
_______________________________________________
Trac mailing list
[email protected]
http://lists.edgewall.com/mailman/listinfo/trac
