Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Pushing Updates #6

Open
josephwegner opened this issue Aug 31, 2013 · 1 comment
Open

Pushing Updates #6

josephwegner opened this issue Aug 31, 2013 · 1 comment

Comments

@josephwegner
Copy link

This is another bit of premature scaling, but is an interesting thought...

Unfortunately, no application is secure, especially the first time it is written. There is little doubt that in the future we will come across bugs in Cydeomus that will require fixes because they present vulnerabilities.

We need some way to let people know if we have fixed a security hole on Cydoemus, and that their private server is currently insecure.

I think the best way to do this is for Clef to host a version file somewhere - just a simple text file with a numerical version in it. Cydoemus can then be configured to periodically ping that server to check if they're at the latest version. If it's a deprecated version, all API requests should have an additional key that reflects that. The extension can be setup to recognize that key and provide some alert to users.
@jessepollak
Copy link
Contributor

Good idea!

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
2 participants
@josephwegner @jessepollak