[Building Sakai] Code Security (was Re: RSF Present and Future)
John Norman
john at caret.cam.ac.uk
Sat Feb 6 02:41:14 PST 2010
Just on a trivial point
On 6 Feb 2010, at 04:43, Steven Githens wrote:
[...]
> I'm pretty sure someone already did pull the plug and everything has
> been moved to fluid repositories.
The project moved to Fluid first. If any plug has been pulled at Cambridge it was by the project owner. As a committed adopter of the Fluid project outputs, the Sakai 3 UX team see this as a natural development.
This is just a detail, but I wanted to make clear that the project was not forced to move to Fluid, it was the preferred home of the project and Cambridge would have continued hosting indefinitely. Of course, indefinitely does not mean forever.
I think there is a general principle here. For example, what should the Sakai UX folk do about JQuery? I imagine there are some libraries we assume will always be there and some that seem more vulnerable. Belt and braces thinking suggests we should seek to have a copy of any code used in a Sakai deployment under our own control, but I have not idea how big a storage burden that would create for us. It also suggests that we should have mirroring on our repositories for greater code security. Where should we draw the line?
John
More information about the sakai-dev
mailing list