Gentoo Logo
Gentoo Spaceship




Note: Due to technical difficulties, the Archives are currently not up to date. GMANE provides an alternative service for most mailing lists.
c.f. bug 424647
List Archive: gentoo-web-user
Navigation:
Lists: gentoo-web-user: < Prev By Thread Next > < Prev By Date Next >
Headers:
To: gentoo-web-user@g.o
From: Gunnar Wrobel <wrobel@g.o>
Subject: Re: Java Script Libraries
Date: Thu, 23 Feb 2006 15:24:19 +0100
"Stuart Herbert" <Stuart.Herbert@...> writes:

>> Guess I'm missing the point here. What I meant was to change stuff
> like 
>> this:
>>
>> require_once(HOME . "/thirdparty/Smarty/Smarty.class.php");
>>
>> to something like this:
>>
>> $include_path = ini_get('include_path');
>> ini_set('include_path', HOME . '/thirdparty' . SEPARATOR .
> $include_path);
>> require_once('Smarty/Smarty.class.php');
>>
>> What is the negative side of such a change? 
>
> None, provided the app is 100% compatible with the version of the Smarty
> that's normally bundled with the app.  As we discovered with the
> PEAR::XMLRPC issues last year, many apps were not compatible with the
> latest unbundled version of the library.

Ok, looked up how the XMLRPC issue was handled and discovered that the
library was and still is bundled in a lot of our apps. Also didn't
realize that PEAR breaks compatibility between library versions.

>> Where is the difference for the php libraries?
>
> The difference is one of culture.  The PHP community does not have a
> culture of re-usable third party libraries yet.  Hopefully that will
> improve as developers start to adopt PHP 5, but it's not there yet.
>
> How much work will it be to test PHP apps against unbundled libraries?
> How much additional QA work will be generated by faults, because our
> testing will not be thorough enough?  If UPSTREAM does not adopt your
> patches, and does not support the same versions of the libraries that
> you provide unbundled, how will they react when Gentoo users report bugs
> to them that do not appear in the UPSTREAM release?
>
> How many reported security faults over the last 24 months have been down
> to faults in bundled libraries?  And how does that compare to the list
> of security faults as a whole?  For the problems we've dealt with over
> the last 24 months, how many security fixes would have been released
> sooner to our end-users?
>
> I'm not (yet) convinced that what you want to do has any real benefit to
> our users, or to our understaffed team.

I'm not convinced (anymore ;) either. It just did not feel like the
right way of doing it and I think the XMLRPC issue is a good example
why it can result in problems. But I'm definitely in no mood to change
PHP culture :)

Thanks for making me aware of the issue. So let's hope for PHP5...

Regards

Gunnar


-- 
Gunnar Wrobel                    Gentoo Developer
__________________C_o_n_t_a_c_t__________________

Mail: wrobel@g.o
WWW:  http://www.gunnarwrobel.de
IRC:  #gentoo-web at freenode.org
_________________________________________________
Attachment:
pgptJQ8FKTvTk.pgp (PGP signature)
References:
RE: Java Script Libraries
-- Stuart Herbert
Navigation:
Lists: gentoo-web-user: < Prev By Thread Next > < Prev By Date Next >
Previous by thread:
RE: Java Script Libraries
Next by thread:
RE: Java Script Libraries
Previous by date:
RE: Java Script Libraries
Next by date:
RE: Java Script Libraries


Updated Jun 17, 2009

Summary: Archive of the gentoo-web-user mailing list.

Donate to support our development efforts.

Copyright 2001-2013 Gentoo Foundation, Inc. Questions, Comments? Contact us.