User tests: Successful: Unsuccessful:
This execlud the new md file from the final package as discussed earlier.
//cc @wilsonge @bakual @rdeutz
As discussed this can be merged on review ;)
This file needs to be removed from The final package as it Can ne accessed direct via URL and there is no reason to have this in the final package ;)
Btw should we add some kind of message to the unsecure classes too? (out of scope for this PR but if needed we can have a follow up)
Status | New | ⇒ | Pending |
Milestone |
Added: |
Labels |
Added:
?
|
Gotta agree with that. If you're gonna strip it in packages then move its contents to the docs site. Where it just might get a little more attention.
Status | Pending | ⇒ | Closed |
Closed_Date | 0000-00-00 00:00:00 | ⇒ | 2015-11-27 22:51:22 |
Closed_By | ⇒ | zero-24 |
Lets ship it with the update. Thanks for the feedback.
Edit: I can't do more than suggest things but hey lets this file there and it will be accessabe on every 3.5.0.
Milestone |
Removed: |
It doesn't really matter if that file is present and accessible or not. The content of the file is available for everyone to read right here in this repo anyway.
If it would be a security issue by having that information public, then we should never had added it here to begin with.
But then, security through obscurity never works out well anyway
What is the point of having the readme file with "important" information in
it if its not going to be distributed
On 27 November 2015 at 22:39, zero-24 notifications@github.com wrote:
Brian Teeman
Co-founder Joomla! and OpenSourceMatters Inc.
http://brian.teeman.net/