List Archive: gentoo-web-user
Note: Due to technical difficulties, the Archives are currently not up to date.
provides an alternative service for most mailing lists.c.f. bug 424647
"Stuart Herbert" <Stuart.Herbert@...> writes:
>> Guess I'm missing the point here. What I meant was to change stuff
>> require_once(HOME . "/thirdparty/Smarty/Smarty.class.php");
>> to something like this:
>> $include_path = ini_get('include_path');
>> ini_set('include_path', HOME . '/thirdparty' . SEPARATOR .
>> What is the negative side of such a change?
> None, provided the app is 100% compatible with the version of the Smarty
> that's normally bundled with the app. As we discovered with the
> PEAR::XMLRPC issues last year, many apps were not compatible with the
> latest unbundled version of the library.
Ok, looked up how the XMLRPC issue was handled and discovered that the
library was and still is bundled in a lot of our apps. Also didn't
realize that PEAR breaks compatibility between library versions.
>> Where is the difference for the php libraries?
> The difference is one of culture. The PHP community does not have a
> culture of re-usable third party libraries yet. Hopefully that will
> improve as developers start to adopt PHP 5, but it's not there yet.
> How much work will it be to test PHP apps against unbundled libraries?
> How much additional QA work will be generated by faults, because our
> testing will not be thorough enough? If UPSTREAM does not adopt your
> patches, and does not support the same versions of the libraries that
> you provide unbundled, how will they react when Gentoo users report bugs
> to them that do not appear in the UPSTREAM release?
> How many reported security faults over the last 24 months have been down
> to faults in bundled libraries? And how does that compare to the list
> of security faults as a whole? For the problems we've dealt with over
> the last 24 months, how many security fixes would have been released
> sooner to our end-users?
> I'm not (yet) convinced that what you want to do has any real benefit to
> our users, or to our understaffed team.
I'm not convinced (anymore ;) either. It just did not feel like the
right way of doing it and I think the XMLRPC issue is a good example
why it can result in problems. But I'm definitely in no mood to change
PHP culture :)
Thanks for making me aware of the issue. So let's hope for PHP5...
Gunnar Wrobel Gentoo Developer
IRC: #gentoo-web at freenode.org