I'm not a big fan of the install_oab_java.sh thing to be honest 30 Sorry that I didn't express this earlier, I couldn't put my finger on it. 30 It's a security liability: It requires pulling from two github repos who are only controlled by the individuals who own the repository. If they decide to slip in maliscious stuff, everybody installing java via those scripts is going to be affected. It would be (slightly) better if we forked the repository (e.g. under the apache github account, but I doubt the infrastructure for that is up). And possibly even better if the actual commands were embedded in whirr (rather than fetched from external sources at runtime) Even if the owners don't have malicious intentions, chances are they'll update their scripts, possibly breaking whirr in the proces (without even knowing they are breaking anything)
WDYT? Regards, Karel -- Karel Vervaeke http://outerthought.org/ Open Source Content Applications Makers of Kauri, Daisy CMS and Lily
