In his book, Producing Open Source Software, Karl Fogel gives sage advice on running an open source project. The section on how to deal with a security vulnerability was particularly interesting to me last night.
Upon learning of a potential security hole, Karl recommends the following:
Don’t talk about the bug publicly until a fix is available.
Make sure to have a private mailing list setup with a small group of trusted committers where users can send security reports.
Fix the patch quickly. Time is of the essence....
In a recent post, I compared the expressiveness of the Ruby style of writing code to the current C# style of writing code. I then went on and demonstrated one approach to achieving something close to Ruby’s expressiveness using Extension Methods in C# 3.0. The discussion focused on how well each code sample expresses the intent of the author. Let’s look at the comparison: Ruby: 20.minutes.ago C#: DateTime.Now.Subtract(TimeSpan.FromMinutes(20)); C# 3.0 using Extension Methods: 20.Minutes().Ago(); It seems obvious to me that the C# 3.0 example is more expressive than the classic C# approach, but not everyone agrees. Several people...