Re: Bug#625865: ITP: ocportal -- ocPortal is a Content Management System for building and maintaining a dynamic website

To: Chris Warburton <chriswarbo@googlemail.com>
Cc: 625865@bugs.debian.org, debian-devel@lists.debian.org
Subject: Re: Bug#625865: ITP: ocportal -- ocPortal is a Content Management System for building and maintaining a dynamic website
From: Asheesh Laroia <asheesh@asheesh.org>
Date: Sat, 7 May 2011 14:14:21 -0400 (EDT)
Message-id: <[🔎] alpine.DEB.2.00.1105071405370.7580@rose.makesad.us>
In-reply-to: <[🔎] 1304697369.20621.51.camel@linuxfedora>
References: <[🔎] 20110506125621.24012.17736.reportbug@linuxfedora> <[🔎] 201105060911.09204.debian@kitterman.com> <[🔎] 1304695430.20397.10.camel@debian.tauspace.local> <[🔎] 201105061129.34693.debian@kitterman.com> <[🔎] 1304697369.20621.51.camel@linuxfedora>

On Fri, 6 May 2011, Chris Warburton wrote:

On Fri, 2011-05-06 at 11:29 -0400, Scott Kitterman wrote:

On Friday, May 06, 2011 11:23:50 AM Tshepang Lekhonkhobe wrote:

On Fri, 2011-05-06 at 09:11 -0400, Scott Kitterman wrote:

On Friday, May 06, 2011 08:56:21 AM Chris Warburton wrote:

  Programming Lang: PHP
  Description     : ocPortal is a Content Management System for
  building

and maintaining a dynamic website


How many content management systems written in php does Debian need?


It's not kool that you didn't even ask about how good it is. Maybe it's
better than whatever exists in Debian currently, have you checked? My
point is your question isn't helpful. It smacks of flaming.


The question I should have asked is what is it's security record like.  This
is an area that's rife with applications that have 'poor' security records.
Adding more to that pile would be an unfortunate burden on the security team.
That's probably the most significant of the project wide costs adding a package
like this brings with it.

Scott K


Hi Scott. ocPortal isn't massively widespread compared to other systems,
so there's obviously less experimental proof of security. We had a
security hole a few years ago; this was before I got involved, but
there's details here http://en.wikipedia.org/wiki/OcPortal#Criticisms


Hi Chris and the ITP and debian-devel,

I think that if you are willing to work to make this a high-qualitypackage, and be a responsive maintainer to bugs reported by users, I thinkit will be great to have you maintain it in Debian.

The security work that you've described sounds great, and I hope thatother PHP app upstreams hold their apps to such a high standard. If not,maybe you can use your tools to start filing bugs left and right againstthem. (-:

For that reason, I will review your packaging when it's ready, and sponsorit into Debian if it passes muster. Keep me posted.


--
-- Asheesh.

http://asheesh.org/

Life is to you a dashing and bold adventure.

Reply to:

References:
- Bug#625865: ITP: ocportal -- ocPortal is a Content Management System for building and maintaining a dynamic website
  - From: Chris Warburton <chriswarbo@googlemail.com>
- Re: Bug#625865: ITP: ocportal -- ocPortal is a Content Management System for building and maintaining a dynamic website
  - From: Scott Kitterman <debian@kitterman.com>
- Re: Bug#625865: ITP: ocportal -- ocPortal is a Content Management System for building and maintaining a dynamic website
  - From: Tshepang Lekhonkhobe <tshepang@gmail.com>
- Re: Bug#625865: ITP: ocportal -- ocPortal is a Content Management System for building and maintaining a dynamic website
  - From: Scott Kitterman <debian@kitterman.com>
- Re: Bug#625865: ITP: ocportal -- ocPortal is a Content Management System for building and maintaining a dynamic website
  - From: Chris Warburton <chriswarbo@googlemail.com>

Prev by Date: Re: Bits from the Release Team - Kicking off Wheezy
Next by Date: Re: glibc: causes segfault in Xorg
Previous by thread: Re: Bug#625865: ITP: ocportal -- ocPortal is a Content Management System for building and maintaining a dynamic website
Next by thread: Any Debian devs near New Orleans? (need gpg keysigs)
Index(es):
- Date
- Thread