[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
Looking for contractor
From: |
Tim Starling |
Subject: |
Looking for contractor |
Date: |
Tue, 27 Apr 2021 09:38:58 +1000 |
User-agent: |
Mozilla/5.0 (X11; Linux x86_64; rv:78.0) Gecko/20100101 Thunderbird/78.7.1 |
I'm looking for a developer who would like take on a contract to
improve LilyPond security.
The work would be as discussed last October on this mailing list:
https://lists.gnu.org/archive/html/lilypond-devel/2020-10/msg00096.html
My summary is as follows:
* Make all parser-related modules safe. In ly_make_module(), always
use a safe module (make-safe-lilypond-module or make-safe-module).
Remove the reference to Guile_user::the_root_module.
* Work through the consequences in order to allow typical real-world
input files to be rendered as before, without errors.
* Ensure that the documentation and regression tests can still be built.
* Propose code changes so as to update the version to 3.0.0.
Please tell me if I'm missing something in this summary or if there is
something you would like to add. The scope should be sufficient such
that the changes can be accepted and released. We don't want to leave
it half-done.
I am looking for someone who is familiar with LilyPond and has
previously submitted code which I can review.
Please let me know if you are interested.
--
Tim Starling
Principal Software Architect
Wikimedia Foundation
- Looking for contractor,
Tim Starling <=