https://bugzilla.wikimedia.org/show_bug.cgi?id=21602
Markus Krötzsch <[email protected]> changed: What |Removed |Added ---------------------------------------------------------------------------- Status|NEW |ASSIGNED --- Comment #1 from Markus Krötzsch <[email protected]> 2009-12-30 11:41:20 UTC --- The SMW core developers are well aware of the guidelines at http://www.mediawiki.org/wiki/Security_for_developers and bugs in third-party extensions should not be mixed up with SMW. There is of course always a possibility of human error, and more should be done to make the SMW code more readable/reviewable. The main tasks I see for this bug are: * Organise independent code review by a developer who did not write SMW and generate an first assessment of readability/security based on this. Volunteers are welcome, but we will also proactively recruit some people to do this. * Define which core features are actually required for the first SMW version to run on mediawiki.org. SMW is very modular, and features can be removed to reduce reviewing effort. I am not sure who to approach for this; maybe we should develop a proposal. * Improve readability of the SQL access code. It is currently the longest piece of code (due to many similar but different ways of reading data of various types), and I see that it will be hardest to review. The current structure of SMW's code and the associated lines of code can be seen at http://semantic-mediawiki.org/wiki/SMW_source_code_structure -- Configure bugmail: https://bugzilla.wikimedia.org/userprefs.cgi?tab=email ------- You are receiving this mail because: ------- You are on the CC list for the bug. _______________________________________________ Wikibugs-l mailing list [email protected] https://lists.wikimedia.org/mailman/listinfo/wikibugs-l
