Update Available?

[daugherh]

Mainly intended for the Wiki admins and RR admins - I noticed RR is still using Wiki version 1.33.0.



On MediaWiki's website, they listed 1.33.x versions as being EOL effective 6/24/2020.



They are now on version 1.43.0.



I'm not sure if there's a particular reason RR is still on 1.33 but due to security improvements, etc., I would think upgrading should be on the to do list.

 

[blantonl]

Is there something particularly important that you feel we should be addressing with a upgrade of Mediawiki, other than security updates? We've addressed security updates without having to upgrade (through independently implemented patches and fixes).

This platform (RR) is a massive set of interdepencies which require careful coordination and planning. It's not as simple as point and clicking and updating.

 

[daugherh]

As someone with a cybersecurity background, I was only looking at it from a security standpoint as far as CVEs and versions (php and db versions) are concerned. If there are other mitigating factors in place (which I was unaware of; and applaud), then upgrading would only be cosmetic and I agree could cause more harm then good. Thank you for your explanation of addressing security updates.

 

[blantonl]

Russ, if you have a cybersecurity background, I'm curious as to why you wouldn't simply contact us directly instead of in public if you had questions about some of our security practices?

I sometimes am perplexed why folks like to litigate our implementation practices in public. A lot of this comes with the territory of running a business with an active discussion forum, but I sometimes wonder if folks have way too much time on their hands. 😂

In all seriousness though, if someone has security concerns about something here on RadioReference / Broadcastify, it would be prudent to contact us privately first so we can allay any concerns and/or address possible issues.

 

[daugherh]

@blantonl,
I completely understand where you're coming from, and I want to apologize for the way I brought up my concerns. It was a momentary lapse in judgment on my part, and I should have reached out privately rather than posting publicly. My intention was never to call anyone out or cause unnecessary friction.

In my defense, it may have been pre-coffee brain at work — clearly not the best time for decision-making! ☕😅

I truly appreciate the work that you and the RadioReference team do — it's a valuable service to the community, and I respect the effort that goes into maintaining it. I’ll be more mindful going forward and will make sure to handle any future concerns through the appropriate channels.

Thanks again for your understanding, and I appreciate the opportunity to be part of this community.

 

[blantonl]

You're all good my man, all good. Thanks!