<div dir="ltr">On Wed, Sep 3, 2014 at 1:50 PM, Paul Nijjar <span dir="ltr"><<a href="mailto:paul_nijjar@yahoo.ca" target="_blank">paul_nijjar@yahoo.ca</a>></span> wrote:<br><div class="gmail_extra"><div class="gmail_quote">
<blockquote class="gmail_quote" style="margin:0 0 0 .8ex;border-left:1px #ccc solid;padding-left:1ex"><div class="">Didn't these guys learn from the Java security debacle? </div></blockquote><div><br></div><div>The Java people did not learn anything. It is common practice in the Java world to bundle everything in what you distribute with your app. <br>
<br>There is no concept of dependency management, nor security updates.<br><br>Case in point from the Drupal world, Apache Solr. It is a Java application for indexing random stuff and searching it really fast. It is used in Drupal as a faster solution over the built search module that uses SQL queries.<br>
<br>The latest version of Solr bundles no less than 127 different .jar files of various libraries! Some of this is testing stuff, but 106 are non-Solr libraries/archives. <br><br>They don't see that as a problem. They see that as something that works and does not need to be fixed at all. It Just Works!<br>
</div><div><br></div><blockquote class="gmail_quote" style="margin:0 0 0 .8ex;border-left:1px #ccc solid;padding-left:1ex">
Also: "I am an application developer and cannot trust that the end
user will have every library I need. So I will provide libraries with
my app and never update them, because updating is hard."<br></blockquote><div><br></div><div>See above. They don't see that as a problem at all. <br><br></div><div>Now, we have Linux people who see this as a methodology to be emulated ...<br>
</div></div>-- <br>Khalid M. Baheyeldin<br><a href="http://2bits.com" target="_blank">2bits.com</a>, Inc.<br>Fast Reliable Drupal<br>Drupal optimization, development, customization and consulting.<br>Simplicity is prerequisite for reliability. -- Edsger W.Dijkstra<br>
Simplicity is the ultimate sophistication. -- Leonardo da Vinci<br>For every complex problem, there is an answer that is clear, simple, and wrong." -- H.L. Mencken<br>
</div></div>