Re: [Phplib-users] Ruminations on the Situation
Brought to you by:
nhruby,
richardarcher
Menu
▾
▴
Re: [Phplib-users] Ruminations on the Situation
|
From: Giancarlo <gia...@na...> - 2002-06-30 19:26:59
|
Il 20:28, domenica 30 giugno 2002, Bob Bowker ha scritto: > the very fact that you can fork the library and name it after yourself = and > PUBLISH THE WORK WITHIN THE PHPLIB CVS - that's what is very sad to me = ... Maybe I have not been clear.=20 I CANNOT PUBLISH THE WORK WITHIN THE PHPLIB CVS=20 because I resigned spontaneously my 'write access' a few days ago, becaus= e=20 there does not exist a discussion on anything and I don'ty want that. So, please, don't insist on that. Gian > > Please don't miss the point, Gian - your code may be what everyone want= s in > the library, it may be tight, and right ... but self-publishing within = the > boundaries of an existing project, IMHO, is not the way to go. Put the > patches on your own web site, and submit them to the CVS for considerat= ion > for inclusion in the next release, yes ... the fact that you didn't (or > couldn't, or wouldn't) do it this way is a telling symptom of the issue > that I called "sad" in the first place. > > Bob. > > At 11:04 PM 6/29/2002 +0200, you wrote: > >I have to reply, and I am frank. > > > >I have recently resigned my 'write access' as a phplib core developer,= so > >I cannot be accused of imposing anything. > >So there is NO anarchy. > > > >I have been following and contributed to phplib since version 4 or 5, = and > >please note that the actual structure of the session->start method has > >been my idea, I let you imagine how comprehensible was before. That ma= de > >extending to php4 session pretty easy. > > > >Now I have devised a similar rationalization of $auth->start, which is= an > >example doc of spaghetti code. That nobody can maintain. > > > >It will make auth a more maneageable class, in line with modern nuke = type > >needs > >it is a drop replacement, backwards compatible. > > > >For the rest there's nothing than better security, because these thing= s > >evolve quick, can you imagine? and there constantly lots of new threat= s. A > >library whose core functions are session and authentication cannot be > >static. Sorry. > > > >But it is nothing that should worry those who are not interested. And > >those who are interested should document and participate, please. > >And if really nobody is interested then it means all this doesn't mind= =2E > > > >So my choice should clearly let you understand that I am on the user s= ide, > >if not ours. > > > >Gian > > > > Bob Bowker <bo...@iN...> a =E9crit le 29/6/02 11:08: > > >It's sad to see what used to > > >be a very stable, usable > > >library descend into > > >chaos, confusion and > > >anarchy ... people heading > > >off in their own > > >directions, claiming the > > >umbrella of phpLib but > > >naming their rewrites after > > >themselves, all with > > >seemingly no coordination or > > >direction or vision > > >whatsoever. No wonder the > > >need for PEAR was so > > >immediately obvious to so > > >many people - not that PEAR > > >was the best choice (in many > > >ways worse than > > >phpLib), but I really do > > >understand why the core > > >PHP developers decided on > > >something other than > > >phpLib. > > > > > >The CVS is in such a mess > > >that someone has to write a > > >how-to and post it on > > >a personal web site! Then > > >Giancarlo writes and releases > > >several scripts > > >(Nathan - did I miss the > > >announcement that he is > > >now a new "committee of 1" > > >determining the philosophy > > > >I made you aware of facts you ignored. > > > > >and direction of the > > >project?) and there goes > > >Donncha's roadmap again ... > > > > > >Giancarlo, before you > > >immediately flame me, I > > >appreciate and admire your > > >work - and this is nowhere > > >near "personal". I just don't > > >think your > > >unilateral actions > > > >Actions? > > > >have a > > > > >place in the overall scheme > > >of things. We > > >desperately need someone, > > >or a group of "someones", > > >who will coordinate > > >this project. > > > > > >I say this knowing full well > > >that the immediate > > >response is "Why don't you > > >do it, Bob?" and that my > > >answer is the same as > > >everyone else's - "I don't > > >have the time" ... which, I > > >suppose, in many people's > > >minds, removes my > > >right to complain. But that's > > >why the subject is > > >"Ruminations" and not > > >"Problems" ... > > > > > >KK has moved on to other > > >projects, but his hand on the > > >tiller and his > > >vision are sorely missed, > > >imho. We've been using > > >phpLib in our work here > > >for almost 4 years now, and > > >in spite of the lack of > > >"official" progress and > > >register_globals and PHP4 > > >and all the meanderings of > > >this past 18 months or > > >so, we still rely on the library > > >-- but on our own very > > >highly modified > > >version of 7.2 -- on every > > >site we do ... regardless of > > >the installation, > > >regardless of the OS, and > > >regardless of all the latest > > >and greatest > > >MyCodeIsBetter streams > > >that are cropping up. > > > > > >A lot of people have spent > > >long hours on this library, > > > >I have been one of them. > > > > >and for their code > > >(as well as the learning > > >experience that they've > > >provided me), I'm very > > >grateful. But my company > > >can't afford to base our > > >work on something that > > >is no longer predictably > > >(please note that I said > > >"predictably") reliable ... > > > >Security is an evolving process. > > > > >Above all, after all, and with > > >personal appreciation -- > > >thanks, KK ... > > > > > >Bob. |
