Jason Woods
Jason Woods
I'm going to rest a bit from this - testing again with default I realise that the Wikimedia merge plugin issue is present even with dependabot currently without any changes,...
I raised it again in #4635 for fresh discussion and cleaned it all up.
@jeffwidman > Looking at the logs, I see 50 update_not_possible errors, so that's probably why things are slow... Because each time it's finding a new version of a dep, then...
Outdated would work to check what needs running through the update. But I remember from testing the “is there an update available?” part of the dependabot update was not slow...
@RandomFractals It would be great if it could pick it up from the language of the file. I have a similar issue where I copy paste data into Untitled unsaved...
Environment variables have the same problem as command line. They appear in process listing. Writing a temp config file CAN be secure. And if you maintain the same permissions as...
@tkn98 It's more a case with env vars, it's worse. With command line, mysqldump can (on most systems) rewrite the argv with asterisks so that once started up, the process...
I'd be hesitant to store it away from local.xml (which gives some guarantee of security). But I guess if tmpfile() is inherently secure (seems it will be by default) then...
Naming it insecure will ensure people are aware of the inherent risks, which I believe many many people will not be. If it turns out in the future the password...
Ah sorry! :) I guess it's good to document all the ideas and +1/-1 etc. I'll try get something raised for discussion soon. If anyone interested, at the moment I...