@Steve, In fact on my side this was not a lead to pursue. Most Open Source projects have got intentional bugs if not less of useful(oh core) features. Unless you "fork out" you need careful strategy if your historical data set is very crucial.
Just like in the issue of the core product ,in security too, you cant have total control over a silo of code in perpetual state of modifications. People see bugs, holes you can`t see lets alone cope with the findings ,you too if not an official member writing unofficial modules or other code modifications can have insecure coding practices with less tested code.Finally you would finally chase new releases with intentional bugs. One should have strategy with open source to cope up with unexpected twists,like when the community disperse,or go closed source leaving behind a buggy last release.Or even when they decide to take a completely new Design Pattern with new business model within the open source model. I am curious too in a number of issues. -- Regards, Nicholas Peter.* Kinpro Computers.* *Box:*16954,Arusha. *Tel :*+255 732 972287. *Mobile**:* +255 754 914652 *Email: *kinprocomputers@gmail.com
Message: 1 Date: Wed, 19 Oct 2016 22:07:07 +0300 From: Steven Obbayi <sobbayi@gmail.com> To: Peter Karunyu <pkarunyu@gmail.com>, Skunkworks Mailing List <skunkworks@lists.my.co.ke> Subject: Re: [Skunkworks] Odoo Devs Message-ID: <CAHMfChiksSib2FLtfA7i0Ad-c++L6abv8-u_w6NF1rSiOo3Qfw@mail. gmail.com> Content-Type: text/plain; charset="utf-8"
@Peter, sales aside, he does raise some valid points. Odoo explicitly mentions on their website that community version does not guarantee bug fixes even if they are known, nor does it receive version updates.
That in itself leaves the version vulnerable to security issues that could compromise a clients data and security. So with that said:
1. I'm curious to know how devs who customize the locally handle updates which of course will break by the mere fact of being out of sync. 2. When they customize do they put security at the top of their priorities?