- ivnish Kazakhstan
Automatically closed because Drupal 7 security and bugfix support has ended → as of 5 January 2025. If the issue verifiably applies → to later versions, please reopen with details and update the version.
Project page currently has this caveat on the project page:
This is primarily a developer tool and should never ever (don't even think it) be installed on a production site.
It is correct that this fine tool is not designed to be a regular part of a production site, but I find the "don't even think it" part too strong. Saying that is have no place on a production site may misguide prospective users about possible use-cases.
A development site should not be accessible by the public, so the only use of this tool on a non-production site seems to be monitoring co-developers (i.e. too catch them if they hack core or contribs). IMHO, there should be no need to do that in a healthy working environment.
In fact, I believe that the prime use case for this module is forensics after you've discovered some injected PHP in one of your files on a production site - and you quickly want to find out if the intruder has been able to do more damage.
In light of that, I would suggest that this text on the project page is amended to:
This is primarily a forensics tool for developers. If you want to analyse a production site for changes to the core and to contrib modules, first take the site off-line and then use this tool to search for alterations.
Closed: outdated
Documentation
Not all content is available!
It's likely this issue predates Contrib.social: some issue and comment data are missing.
Automatically closed because Drupal 7 security and bugfix support has ended → as of 5 January 2025. If the issue verifiably applies → to later versions, please reopen with details and update the version.