I love git, and I love the benefits that github adds on top. I would really love to make use of github for dealing with a project that I work on.
Problem is, the project is tricky because it is in essence, a website (http://ninjawars.net). In practice, this means that it is a webgame composed of lots of old spaghetti php code, unvalidating html, iframes, and much less javascript than is needed. I'd love to open it up to the world and have people bite into improvements to the code where-ever they can. However, even assuming a first step of cleaning out any obvious files that contain sensitive information, the code itself is pretty much ripe for cross-site- scripting attacks and things like that. I mean, we're talking about lots of unprotected usage of user- definable url variables and the like. If i go to the trouble and pay for a private repository, I won't have to worry about security, and I can share it with other people who I specifically invite to work on the project, complete with the visualization tools made available by github. However, that wouldn't be open source, I expect the contribution that I would get that way would be pretty severely limited, and I would love to be able to tell users of the site that if they're interested in making changes that benefit the site, they can just do so via a public github repository that gives full access. It's easy to find sites/literature talking about open source php frameworks, and open source php modules, and apps, but it's next to impossible to find sites/literature about whole open source -- websites--. I'm sure that security is the reason, but I'm hoping that the same benefits of open source software can still hold true of open source websites. Anyway, I've written more explanation than I intended. In the end, this is a request for links to any discussions/articles/writings on the web that someone might have come across that address this issue (topics along the line of benefits of open source vs. exposing potential places for cross-site-scripting), or personal commentary/ analysis/opinion that people have on the concept themselves. --~--~---------~--~----~------------~-------~--~----~ You received this message because you are subscribed to the Google Groups "GitHub" group. To post to this group, send email to [email protected] To unsubscribe from this group, send email to [EMAIL PROTECTED] For more options, visit this group at http://groups.google.com/group/github?hl=en -~----------~----~----~----~------~----~------~--~---
