• Fur Affinity Forums are governed by Fur Affinity's Rules and Policies. Links and additional information can be accessed in the Site Information Forum.

Open Source?

revil

New Member
After spending some time reading this threads about the site status, and looking through site and code discussions. I've begun to wonder why FA code is not open sourced? I assume there is some sort of version control begin used. Why not host a bug tracking site, such as trac, and allow people to checkout code, and submit diffs?
 

Vesuro

~Such a Rush~
Because FA's code probably cost a lot of time and effort and it was spent for FA, not so that Joe Bloggs can go make a DeviantArt clone?
 

net-cat

Infernal Kitty
There are several reasons the current site code is not open sourced and never will be, including but not limited to:

  1. The person who wrote it was a moron.
  2. Even now, it still has more security issues than you can shake a stick at. (See number 1)
  3. There are some licensing issues. (See number 1)

Ferrox, on the other hand, will eventually be open source. Because if it's not, Eevee will hunt down and murder the entire administration in horrible ways. (Note: Hyperbole.) All code is contributed under a MIT or BSD license. (We also take GPL in a few places, but there has to be a damn good reason for it.)
 

Eevee

Banned
Banned
Hahaha. I doubt the existing code will be released for anything more than a cheap laugh after it's no longer used.

Because FA's code probably cost a lot of time and effort and it was spent for FA, not so that Joe Bloggs can go make a DeviantArt clone?
I don't think you grok the point of open source :V
 

revil

New Member
I wasn't only referring to FA's code base, its seems pointless to make it open source, but it could help with Ferrox development. Couldn't hurt?

Because FA's code probably cost a lot of time and effort and it was spent for FA, not so that Joe Bloggs can go make a DeviantArt clone?

Even if someone wanted to, I doubt it would affect FA? There is probably already an open source DeviantArt type app.
 
J

jayhusky

Guest
Sorry a little out of touch here, what is the defination of FOSS.
 

selth

Linuxian Dragon
Websites's code is usually not subject to licensing due to many many logical reasons, one being the variety of the content and the difficulty to mask it.
however, FA as a website concept could be open source but telling all people how the website works also increases the attack risk, so many websites just won't let that kind of information go public.
 

Eevee

Banned
Banned
that first sentence did not entirely make sense

as for the second, security by obscurity etc etc blah
 

selth

Linuxian Dragon
yes, I think I should have known better than just typing it that way... talk about typing stuff when tired.

I'll rewrite what I said : don't go publishing it all, you'd have a security flaw.
 

revil

New Member
I think your being a little pessimistic. I would bet that contributors would spot security holes before attackers. I know it might be a little naive to say, but I doubt many people would go out of their way to scan an entire code base just to attack a site like Furaffinity. Most people smart enough to do that would spend their time on something else.
 
Last edited:

selth

Linuxian Dragon
I don't have enough data to guarantee that. I know that it is possible to do text searches on the parts where input is gathered and see if it's protected. In the worst case they even might get their hands on a way to execute a "drop" command on the database!!!
 

net-cat

Infernal Kitty
It's called "SQL injection." And yes, that's a risk.

However. Closing the source does not stop people from finding those. The current code is a perfect example of this. Malicious people are malicious. It doesn't matter if you're open source or closed source. We are also taking steps to mitigate that risk. (Prepared statements, database abstraction layer, and... uh... regular backups.)

Opening the source give non-malicious people a chance to look over the code and spot mistakes.

And it's not like we're going to just release a completely untested piece of software. There will be alpha and beta phases.
 
Last edited:

selth

Linuxian Dragon
Hey,I was looking for reasons that's all.
Personally having FA's code at disposal would be *great*, I just wanted to warn. If admins are ready to work out to patch errors and use a good system to manage the code, that's great!
What we would first see would probably be deviations of its code, supposed people do use it rather than their own.
I would be first position to code a JSP version...

Not that I need your code to start with. I am just being curious.
 
Last edited:
Top