As some of you might have noticed, I committed some code yesterday that deals with automatically checking for updates. The commit message also speaks of the “hotfix extension system”. So, what the hell is that then?
As the extension system was taking shape, we had an idea about fixing bugs using extensions. There’s nothing that prevents an extension from fixing a problem as opposed to just adding new functionality. So we came up with the idea of hotfix extensions. If we discover an issue in PunBB 1.3.*, we will have the option of releasing a hotfix extension instead of releasing a new version, provided the issue can be dealt with as an extension (there are certain exceptions). Some of the advantages to this are:
- Speed. Distributing a hotfix for a straight-up XSS or SQL injection vulnerability is a lot easier than packaging up a brand new release.
- Security. The faster we can fix something and the faster this fix can be applied to as many installs as possible, the better.
- Convenience. Installing a hotfix is ridiculously easy. PunBB tells you when there’s a new one and then you go to admin/extensions and click install.
Every once in a while, we will release a new version that incorporates the hotfixes that have been released for previous versions. The database update script will then automatically uninstall any hotfixes it supercedes.
Another cool thing is that since hotfixes are tied to a specific PunBB version, that means we can support an older version through hotfixes even when there are newer versions available. Someone might download PunBB 1.3.1, hack it to pieces and then be hesitant to upgrade to 1.3.3.
There’s still some work left on the extension system as a whole (more hooks as well as some minor additions to the manifest standard), but things are shaping up nicely.
Sounds like something very useful :)
October 22nd, 2007, at 1:10 pm #Sounds awesome! I really enjoy reading this blog and the ideas you have for a really future-proof forum system as PunBB 1.3 seems sketched out to be!
Will the hotfixes be downloaded automatically through the PunBB administration or is there some FTP activity required still? If it’s done automatically, then: Fantastic!
October 22nd, 2007, at 1:20 pm #It’ll be done automatically when installing the hotfix extension (you can see it by looking at the code).
October 22nd, 2007, at 1:40 pm #I didn’t browse the source code so thanks for enlightening me. Sounds like 1.3 is going to be an amazing release! :-)
October 23rd, 2007, at 7:38 am #OT but could we have a link for the blog on the main page? :)
October 23rd, 2007, at 7:53 pm #i just browsed the blog and the upcoming release really shows promise
ot: i’m just curious how about translations for the upcoming release? how will it be done? will it remain to translate .php files or is it also reworked in any way? and when is it due? will translators (counting me) be contacted that “hey, you got something to get done!” ? :)
December 19th, 2007, at 12:26 am #Berke Viktor: The language system is still the same (except that there is now a language file for the admin panel) and translators should be able to start around the time of the first beta ;)
December 20th, 2007, at 2:47 am #ok thanks, i’ll be waiting
December 20th, 2007, at 1:38 pm #