While there hasn’t been a huge amount of public discussion about it, we’ve been working on a license change for web2project. At present, web2project is available under the GNU Public License v2 (or GPLv2). While there’s quite a bit of fear, uncertainty, and doubt surrounding its use, there are a few concerns that result from […]
Browsing Posts tagged dotProject
In my regular web browsing, I came across a great post from Sara J Chipps entitled “Your Code Sucks.” As she talks about deleting code that sucks and restarting from nothing, something sounded amazingly familiar: After some growth I encountered code that I thought sucked ever so often. At this point I wasn’t decimatingĀ things all […]
Great question. The answer is best considered in stages: The earliest versions were basically dotProject with a new theme, some performance improvements due to some database fixes, and a permissions caching layer. By the time version 1.0 rolled around (June 2009), we had removed old/irrelevant code, added dozens of new features, added a module to […]
It turns out that web2project was vulnerable to a handful of select Cross Site Scripting (XSS: definition) vulnerabilities. While the attack vector was pretty specific to being an already authenticated user, it had the potential to be a major problem in a poorly configured system.
