×

First time here?

You are looking at the most recent posts. You may also want to check out older archives. Please leave a comment, ask a question and consider subscribing to the latest posts via RSS or email. Thank you for visiting!

well, amidst the scurry and comments of yesterday's rails security issue and resulting patch debacle, today, yet another new version is released and patches for the previous versions.

the *MUST UPGRADE* patch of yesterday didn't even appear to fix the issue.  sure, this happens, but maybe if some subtlty was exhibited and some of the feedback (unfortunately after the fact) was leveraged, it could have been avoided and a correct patch along with the full disclosure could have been implemented.

with today's new release, it caused me pause of the growing pains of this rails community.  several things happened today: a notice of a new release (second w/in < 24 hours), a notice of a move of the trac server, and a notice of a security mailing list (a suggestion from a community member).  the rails community is growing and this incident and the way it was/was not handled (depending on who you ask) is evidence of the struggles we all face, regardless of technology, in building communities around open source projects and the unfortunate byproducts at times of design/lead by community.

tags: , ,



DISCLAIMER:

The opinions/content expressed on this blog are provided "ASIS" with no warranties and are my own personal opinions/content (unless otherwise noted) and do not represent my employer's view in any way.