On Mon, Aug 2, 2010 at 4:14 AM, Aryeh Gregor Simetrical+wikilist@gmail.com wrote:
If I'm interpreting this right, you're saying that upgrades can break stuff, so people should stick to versions with known security flaws. This is a defensible position in practice, but it doesn't justify making upgrades unnecessarily hard. It would be a good thing if typical admins could easily upgrade, without needing FTP access and so forth. If they choose not to, that's their choice, but if they want to upgrade, they should be able to do so easily.
No I'm saying not to use a automated update version within a extension which for example has been shown to break things in other web based packages (Wordpress has apparently fixed it since the horrible times when i last attempted). What about the maintenance scripts people have to run? such as the updater, alot of people on shared hosting can't do those as it is without re-running the installer since they aren't allowed ssh access and ours aren't designed to be run from within the browser window.
Any kind of auto-update mechanism should be hardcoded to retrieve only from a specific Wikimedia URL and only over HTTPS, and the contents of that URL should only be changeable by sysadmins. Or at least the checksum should be retrieved that way.
So every-time someone that creates/modifies a extension wants to update its version number? which is why it was recommended to go wiki base, but that as well has it flaws.