1. Daniel James
    · Reply

    I think the problem with security issues is there is often a ‘knee-jerk’ reaction to fixing them rather than taking the methodical approach of fixing it properly to avoid large scale problems as reported.

    Whilst there are good intentions here, I think sometimes more planning needs to be made before deploying to production environments hastily.


    • Realo Franke
      · Reply

      Testing before release in real world environments like an average shop with at least a few 100 products and variants and a few 100 customer accounts with purchase history and typical million-in-use plugins for SEO etc. would help.

      As long as testing is only based on some automated unit tests or at most simple fresh installed sites with 3-5 products, the described problems will occur again and again…


    • James Mailen
      · Reply

      I disagree in this particular case. A very serious issue was found and corrected in a massive number of versions. Yes, a quality issue slipped in, but look at the speed it was resolved.

      In general I feel your point in valid, often times there is a knee jerk reaction to security issues and perhaps this issue could have been avoided with a little more planning. But the severity of the situation appears to have warranted immediate action and I’m sure those shop managers (with whom I am included) would rather have a couple days of bad performance than the dread of being hacked.


Leave a Reply

Your email address will not be published. Required fields are marked *

This site uses Akismet to reduce spam. Learn how your comment data is processed.

%d bloggers like this: