On Mon, Jan 16, 2006 at 12:29:29AM +0100, Gunnar Wrobel wrote:
> Concerning the goals I have a question: How much of a problem do we
> currently really have concerning man power in web-apps? If I look at
> bugzilla, web-apps seems to be in pretty good shape or am I mistaken
We're in good shape now, but we weren't even a couple of months ago. At this
point, we should be fine if we take care of ongoing maintenance, but things can
_quickly_ turn ugly. As a matter of fact, I'll be offline for the better part of
the summer, possibly as early as May, and I'd really like to make sure I don't
spend another 4 months crawling through 150+ bugs when I return in September.
> What is hard for me to judge is what kind of impact the security
> problems had during the last year. What were the main problems for the
> web-apps herd?
There may have been a few security bugs to which we did not react as urgently as
we should have. I don't know any specific instances because I wasn't around, and
when I was, we reacted quickly :) Not to say that I'm the only person doing the
work, just can't speak for all security issues we've had.
As far as I'm concerned, the main problem is that we were badly out of sync with
upstream for a few months when I was on hiatus. That means dissatisfied users,
lots of bugs, potential security issues, etc etc etc.
> Depends pretty much on whether we decide to clean the tree and move
> packages out. Once we get an estimate on what amount of package we
> want to support for the main portage tree we could decide how to
> distribute that to different categories.
all things web-apps
GPG key id #C6A838DA on http://pgp.mit.edu
Key fingerprint = 04AF B5EE 17CB 1000 DDA5 D3FC 1338 ADC2 C6A8 38DA