Looking for contractor

lilypond-devel

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Looking for contractor

From:	Tim Starling
Subject:	Looking for contractor
Date:	Tue, 27 Apr 2021 09:38:58 +1000
User-agent:	Mozilla/5.0 (X11; Linux x86_64; rv:78.0) Gecko/20100101 Thunderbird/78.7.1

I'm looking for a developer who would like take on a contract to
improve LilyPond security.

The work would be as discussed last October on this mailing list:
https://lists.gnu.org/archive/html/lilypond-devel/2020-10/msg00096.html

My summary is as follows:

* Make all parser-related modules safe. In ly_make_module(), always
use a safe module (make-safe-lilypond-module or make-safe-module).
Remove the reference to Guile_user::the_root_module.
* Work through the consequences in order to allow typical real-world
input files to be rendered as before, without errors.
* Ensure that the documentation and regression tests can still be built.
* Propose code changes so as to update the version to 3.0.0.

Please tell me if I'm missing something in this summary or if there is
something you would like to add. The scope should be sufficient such
that the changes can be accepted and released. We don't want to leave
it half-done.

I am looking for someone who is familiar with LilyPond and has
previously submitted code which I can review.

Please let me know if you are interested.

--
Tim Starling
Principal Software Architect
Wikimedia Foundation

[Prev in Thread]

Current Thread

[Next in Thread]

Looking for contractor, Tim Starling <=
- Re: Looking for contractor, Kevin Barry, 2021/04/28
  - Re: Looking for contractor, David Kastrup, 2021/04/28
    - Re: Looking for contractor, Tim Starling, 2021/04/29

Prev by Date: MacUpdate - your app listing has been updated
Next by Date: footnote marks not included in skylines
Previous by thread: MacUpdate - your app listing has been updated
Next by thread: Re: Looking for contractor
Index(es):
- Date
- Thread