Mark A. Hershberger wrote: > Nikola Smolenski <smole...@eunet.rs> writes: > >> 3) And the big one, security. It has not been shown that any of the >> proposed implementations is secure. I was thinking that perhaps a way to >> overcome this would be to have a dedicated system just for handling >> music rendering. > > We don't want to "overcome" any security problems. This open source > software: If we know of a security problem, we want to eliminate it. > > But yes, your idea of "only accepting notes" is a good one. From what > I've seen, the Lilypond extension seems to accept arbitrary LaTeX, but I > haven't looked too closely. > > The main problem I see is that developer interest in bug 189 needs to be > bootstraped. Bug 189 has 115 comments, over 50 of them before 2009. > But other than a burst of activity in 2007 for Lilypond and second burst > in 2008 for ABC, actual development effort to get music on WMF projects > has laid largely dormant. > > So, how can we change this? > > I think one way would be to provide the Wikisource community with wiki > on which to try out the Music module and give us feedback about how they > work while allowing us to develop them and fix the security problems. > > I'm planning on setting up a MW instance with Lilypond and/or ABC using > Wikipedia Labs. I think we could use the FileRepo to point to source > pages like > http://de.wikisource.org/wiki/Datei:De_Schauenburg_Allgemeines_Deutsches_Komme > rsbuch_138.jpg > and editors could start providing a transcription of the pages. > > What do you think?
Am I missing something? The extension has serious vulnerabilities and your answer is to install it on a public wiki? I don't see how this is even remotely helpful. The issue isn't finding people at Wikisource to try out a music module; the issue is that the extension has technical problems that need to be addressed. If people want to play around with LaTeX markup (music-related or not), there are surely a million existing venues on the Web. If, at some point in the future, after the vulnerabilities have largely been resolved, user interface/experience testing is needed, sure, setting up a demo on a labs wiki seems like a great idea. But I have no idea how you'd be at that point, at this point. MZMcBride _______________________________________________ Wikitech-l mailing list Wikitech-l@lists.wikimedia.org https://lists.wikimedia.org/mailman/listinfo/wikitech-l
