alen.helac Posted April 9, 2014 Report Posted April 9, 2014 Hi everyone, Currently, the app/script that packs development source to release source is non-open source. There is thread on GitHub ( https://github.com/revive-adserver/revive-adserver/issues/154 ) where few developers stated that they're aware of this and they plan to rewrite that app/script and release it as open source, but currently they have tasks of higher priority. My question is, does anyone knows what the app/script actually does? Currently I'm OK with my development source being deployed in production, but I'm not sure if there are any security issues with this. All informations/thoughts are much appreciated! Alen Quote
Matteo Beccati Posted April 9, 2014 Report Posted April 9, 2014 The closed source ant library takes care of removing unwanted files and regenerating the delivery files. The input for file removal can be found here:https://github.com/revive-adserver/revive-adserver/blob/master/build-filelist.xmlActually, regenerating delivery files is taken care via a php script now. That has probably changed years ago without me noticing. So the only task performed by the library is making sure that the package files don't include unwanted files/directories Quote
alen.helac Posted April 10, 2014 Author Report Posted April 10, 2014 Hi Matteo My main concearn was if there are any potential security issues, but since it's only removing files I presume that I can rule that out. Many thanks! All the best Alen Quote
Matteo Beccati Posted April 11, 2014 Report Posted April 11, 2014 Well, the files you're not removing are a potential security issue. Quote
Recommended Posts
Join the conversation
You can post now and register later. If you have an account, sign in now to post with your account.
Note: Your post will require moderator approval before it will be visible.