No; and to make matters worse, there are some nodes which are accessible only by the gods; pmdev (that includes you) do not have access. However, I think the subset of these which are critical ("infrastructure" nodes) is quite small.

It's pretty likely that I could (gently) scrape the site with displaytype=xml, transform the XML, and get most of the data needed to bootstrap a perlmonks clone in the same way as we do with E2, and allow people who are so inclined to work locally or apply proper source control to the software on the site

My concern is whether or not those who are in charge of PM would object to me doing so in an open-source fashion. It'd be great if this sister site could benefit from my tools and later performance improvements. I might also have to adjust the E2 core libraries a bit, but I'd imagine they're 90% similar if you disclude the Everything::Experience bit. Is there a particular contact in the administration who might be most appropriate to direct this kind of a proposal?



    --jaybonci

I don't mind the idea of scraping out the code. Such should be careful to wait as long between requests as the last request took so that the scraper automatically slows down if the site becomes bogged down.

I have been personally against making the source code too widely available because the security design is far from stellar and we have had real instances of people getting access to the source code and then using such information to construct attacks against the site.

The counter argument would be that "surely, making the code widely available would greatly increase the speed with which security problems can be noticed and addressed". Unfortunately, my experience is that giving somebody access to the PerlMonks code has a roughly zero percent chance of them contributing anything to said code.

Surely, some of the reason for such poor historical return on providing access is due to the quirky (at least!) manner in which the code can be viewed and the significant impediments to contribution. And certainly some of those would/might be addressed by the proposed new method of dissemination.

But I think there would still be significant impediments to effectively understanding the code and I don't yet see any clear route to this providing significant improvements to effective contribution.

So my personal assessment is that the likely result would be increased risk to the site.

However, there has been no effective progress on, for example, creating a "tinkers" group so I find it hard to justify blocking a potential improvement in maintainability given the pronounced stall in the status quo.

I'd welcome other opinions, particularly on my security concerns... especially from people who actually have a good clue about the security risks of PerlMonks (rare as such people probably are).

But I think things have dragged on long enough that I would not block such a scheme. I'll just stand by my prediction (which I hope will be proven wrong) on the down side and resign myself to "I told you so" if it comes to that.

Doing the work to troll the logs for missed exceptions and then actually implementing the "white list" (to replace the "black list") before such a release would make me feel much better about it.

- tye