[Python-Dev] We cannot fix all issues: let's close XML security issues (not fix them)
Antoine Pitrou
solipsis at pitrou.net
Thu Sep 6 10:29:42 EDT 2018
On Thu, 6 Sep 2018 16:18:33 +0200
Victor Stinner <vstinner at redhat.com> wrote:
>
> It seems like XML is getting less popular because of JSON becoming
> more popular (even if JSON obviously comes with its own set of
> security issues...). It seems like less core developers care about XML
> (today than 3 years ago).
>
> We should just accept that core developers have limited availability
> and that documenting security issues is an *acceptable* trade-off. I
> don't see any value of keeping these 3 issues open.
If we consider fixing these issues to be desirable, then the issues
should be kept open. Closing issues because no-one is working on them
sounds a bit silly to me.
Regards
Antoine.
More information about the Python-Dev
mailing list