[Bf-python] BPyC repository revisited
Willian Padovani Germano
wgermano at superig.com.br
Thu Aug 31 19:14:05 CEST 2006
Hi again Levi,
levischooley wrote:
> Are you saying that you will eventually use the CVS for *every*
> python script (even "subquality" ones?)?
Probably not. It should be enough to include only working ones that
don't duplicate functionality and follow the basic guidelines. But
that's something for all involved people to decide.
BTW: all I write here are just my opinions...
> In other words, CVS for "everyone" isn't the final answer I'm
> looking for.
No, it wouldn't work well to give cvs access to all authors and force
them to deal with cvs, as you mention yourself. We only need enough
people willing to maintain the repository.
>> Your project may be a good frontend for it (and so not
>> need trackers itself), with links to our planned
>> wiki documentation, too.
>
> Ah! That was one option I had not contemplated: using a versioning
> system such as CVS as a backend and merely managing it with an
> external "wrapper." I'll need to think that over and do some
> research into CVS.
It's a good idea to have a frontend, but as far as integration, I guess
we only need to link to the files in cvs for downloading, a complete
integration with write access to the cvs repo doesn't seem needed or
advisable for our project.
(BTW, is that the best, or should I be looking
> at subversion, too;
From what we know the idea is to switch to subversion, like many other
projects are doing / have done. No dates announced, though, the issue
was with GForge support, from what I recall.
> 1. How easy is it to interact with CVS via a PHP-driven website?
As I said, for the current plans we don't need to go that far, but if
you're interested, there are projects to *view* cvs online, like cvsweb,
sandweb and versionary (Perl, cgi) and viewvc (Python).
Anyway, looks like your objectives are a little different from ours
right now, which doesn't mean we won't benefit from or help each other,
of course. Let's see how things develop :).
A note about security:
From my experience you will get a lot of loud complaints from users and
security boards or whatever if the system isn't reasonably safe and will
also severely limit your user base. Any chance of a user downloading a
script that can damage (intentionally or not) or put privacy at risk
will be considered a critical matter.
Personally I wouldn't risk running scripts from untrusted sources, you
can do almost anything to someone's system using basic Python. For the
same reason I only execute scripts in source form. Even bugs have
potential for serious damage and that may only happen in certain
configurations (os's, paths, etc), you know.
--
Willian
More information about the Bf-python
mailing list