[CentOS-devel] forums + portal for {lang}.centos.org sites

Stephane Corlosquet scorlosquet at gmail.com
Tue Sep 30 15:42:59 UTC 2008


Hi all,

Karanbir Singh wrote:
> Dag Wieers wrote:
>   
>> There have been some interesting comments from Drupal users on my 
>> blog-post that compared the requirements with modules and features.
>>     http://dag.wieers.com/blog/drupal-for-centos-portal-and-forums#comment-972 
>>     http://dag.wieers.com/blog/drupal-for-centos-portal-and-forums#comment-973 
>>     http://dag.wieers.com/blog/drupal-for-centos-portal-and-forums#comment-978 
>> I guess that is a first stop when assessing Drupal's capabilities.
>>     
>
> That is good, however they dont say anything more than whats already 
> available on google searches for these things. What we really would need 
>   before deciding is to have someone offer to take ownership of the 
> effort to evaluate drupal, do the setup, setup some of these features 
> and see how usable it really is.
>
> eg. I am looking at Drupal for my own site and I find venturing into the 
> modules portion of drupal immediately drops the quality of code, and 
> even the ownership of security issues. 
>   
Drupal core has a greater code quality than Drupal modules since each
patch going into core gets reviewed by a lot of developers before it
gets committed. Contributed modules however can be authored by anybody.
It's the reason why, before using one of them, one should consider the
code quality, the author of the module, the issue queue and what people
generally say about the module - see http://drupalmodules.com/ for
module ratings. Some well know core contributor also author modules.
There are some well know contributed modules which are very common and
therefore get a lot of review (CCK, Views, Panels, fivestars...). I
don't think this is very different from other Open Source projects where
anybody can share their plugin/module/code.

> It seems Drupal guys dont take on 
>   security issues for things that come from the modules or related 
> projects that are being used inside drupal.
Being a member of the Drupal security team, I can assure you that we
also handle the contributed modules  hosted on drupal.org (given the
resources of our team) and we reply to every legitimate security report
and release a security announcement when necessary. see
http://drupal.org/security-team for more details.

scor.


More information about the CentOS-devel mailing list