| Comments

well, amidst the scurry and comments of yesterday's rails security issue and resulting patch debacle, today, yet another new version is released and patches for the previous versions.

the *MUST UPGRADE* patch of yesterday didn't even appear to fix the issue.  sure, this happens, but maybe if some subtlty was exhibited and some of the feedback (unfortunately after the fact) was leveraged, it could have been avoided and a correct patch along with the full disclosure could have been implemented.

with today's new release, it caused me pause of the growing pains of this rails community.  several things happened today: a notice of a new release (second w/in < 24 hours), a notice of a move of the trac server, and a notice of a security mailing list (a suggestion from a community member).  the rails community is growing and this incident and the way it was/was not handled (depending on who you ask) is evidence of the struggles we all face, regardless of technology, in building communities around open source projects and the unfortunate byproducts at times of design/lead by community.

Please enjoy some of these other recent posts...

Comments