Re: Bug#625865: ITP: ocportal -- ocPortal is a Content Management System for building and maintaining a dynamic website
On Fri, 6 May 2011, Chris Warburton wrote:
On Fri, 2011-05-06 at 11:29 -0400, Scott Kitterman wrote:
On Friday, May 06, 2011 11:23:50 AM Tshepang Lekhonkhobe wrote:
On Fri, 2011-05-06 at 09:11 -0400, Scott Kitterman wrote:
On Friday, May 06, 2011 08:56:21 AM Chris Warburton wrote:
Programming Lang: PHP
Description : ocPortal is a Content Management System for
and maintaining a dynamic website
How many content management systems written in php does Debian need?
It's not kool that you didn't even ask about how good it is. Maybe it's
better than whatever exists in Debian currently, have you checked? My
point is your question isn't helpful. It smacks of flaming.
The question I should have asked is what is it's security record like. This
is an area that's rife with applications that have 'poor' security records.
Adding more to that pile would be an unfortunate burden on the security team.
That's probably the most significant of the project wide costs adding a package
like this brings with it.
Hi Scott. ocPortal isn't massively widespread compared to other systems,
so there's obviously less experimental proof of security. We had a
security hole a few years ago; this was before I got involved, but
there's details here http://en.wikipedia.org/wiki/OcPortal#Criticisms
Hi Chris and the ITP and debian-devel,
I think that if you are willing to work to make this a high-quality
package, and be a responsive maintainer to bugs reported by users, I think
it will be great to have you maintain it in Debian.
The security work that you've described sounds great, and I hope that
other PHP app upstreams hold their apps to such a high standard. If not,
maybe you can use your tools to start filing bugs left and right against
For that reason, I will review your packaging when it's ready, and sponsor
it into Debian if it passes muster. Keep me posted.
Life is to you a dashing and bold adventure.