On 2 August 2010 00:29, Aryeh Gregor <[email protected]> wrote: > On Sun, Aug 1, 2010 at 6:27 PM, K. Peachey <[email protected]> wrote:
>> So every-time someone that creates/modifies a extension wants to >> update its version number? which is why it was recommended to go wiki >> base, but that as well has it flaws. > I really don't think it would be a good idea to allow unvetted code to > be downloaded and installed automatically. That's too easy for an > attacker to abuse. But it's probably a reasonable tradeoff for some > people. I don't know, I'm probably not going to be working on this > anytime soon, so I don't make the decisions. That's how WordPress does it - pretty much everyone runs WP with a metric buttload of extensions, so they're in the phoning home and one-click update cycle too. MediaWiki tends to get festooned with extensions as well, so users would probably like this in there. A quick glance at the WP site docs didn't answer the question of how (or if) they secure this process. Asking would probably be good (whoever's doing the updater work). - d. _______________________________________________ Wikitech-l mailing list [email protected] https://lists.wikimedia.org/mailman/listinfo/wikitech-l
