|Is the Validate PEAR package ready for production?||#1|
There appears to be a Validate package in Pear that I(m interested in useing in production. Our site has about 20M uniques across 10 languages, so as part of due diligence, thought I(d asked around here.
Does anyone have any experience with this PEAR package?
Is it ready for production?
Here(s the Validate package in question:
Bugs (only 78 ever filed...)
posted date: 2009-04-09 16:20:00
|Re: Is the Validate PEAR package ready for production?||#3|
Judging by the revision number and the revision title. (0.8.2 (Beta)) i would say no. Personally i would advice against using any Beta product in production, though there are many cases that it worked out fine (stackoverflow for example). Though you are always running a risk of something happening.
posted date: 2009-04-09 16:25:00
|Re: Is the Validate PEAR package ready for production?||#4|
The validate functions have been around a long time - some since 2003. I wouldn(t worry too much about the beta tag, but I am still paranoid about code - so write tests for yourself, and don(t upgrade the PEAR library on your systems without testing. Even better - consider integrating the PEAR code you use into your own code-base rather than depending on the system PEAR library that can be upgraded separately.
posted date: 2009-04-09 16:32:00
|Re: Is the Validate PEAR package ready for production?||#5|
To be fair, non-beta code still has bugs. Beta is only more risky if they have known bugs that they haven't fixed and they know the risks.
posted date: 2009-04-09 17:09:00
|Re: Is the Validate PEAR package ready for production?||#6|
You could have system breaking code just waiting to be executed. Atleast with a non beta/alpha release, you have the experience of others trying it out on a production system before you.
posted date: 2009-04-10 03:47:00
|Re: Is the Validate PEAR package ready for production?||#7|
you can make your own pear install (ie one that isn(t system wide) - so you don(t have to worry about any interdependencies when you upgrade - let the pear installer figure that out for you.this is better than simply copying the code of pear packages into your own repo - what would you do if you miss a cricual bug fix released after you(ve inserted those pear packages that you(re using into your revision control system? honestly the validate package should be taken out of beta - it(s been stable other than in name for a very long time.
posted date: 2009-09-16 13:49:00
|Re: Is the Validate PEAR package ready for production?||#8|
It's a version number, and not a revision. Validate has been around for a long, long time. You could have at least looked at the homepage before you made a "well-educated" guess.
posted date: 2009-09-16 13:55:00
|Re: Is the Validate PEAR package ready for production?||#9|
Beta = Not ready for production! In my eyes.
posted date: 2009-09-16 15:42:00
|Re: Is the Validate PEAR package ready for production?||#10|
I(d strongly advise against integrating the PEAR code you use into your own code-base.What happens then if a new version of one of the PEAR packages you use is released to fix security issues and there are multiple dependencies from that package onto others?Do you download the new versions and check everything works ok and that you(ve not added a bug yourself by missing something?The best thing to do, if you are paranoid of the system-wide PEAR install being compromised, is to make your own PEAR install. http://pear.php.net/manual/en/installation.shared.php would be where to start for doing this.Then it(s just a case of doing $pear upgrade [Package] rather than copying loads of files around.
posted date: 2009-10-13 04:44:00
|select page: « 1 »|