TWiki: a case study of howto lose users?

In a clear example of TWiki.NET’s new no-testing policy [1], Their star worker has yesterday un-necessarily uploaded over 300 plugins from the wrong branch in Subversion.

Rather than testing each contrib before uploading, as has been the policy on since the Plugins web was created, is now full of buggy, outdated or just plain wrong packages. The only stable option they have is to revert the uploads using rcs – as many plugins are either not up to date in subversion, or worse, are works in progress in Subversion.

Adding that to the latest TWiki 4.2.4 release, which was released with failing unit tests, and some very dubious changes:
we have already submitted to them an updated exploit that is present in 4.2.4 for the CVE-2008-5304 XSS exploit
– presumably they will release 4.2.5 in the next week?

Its a pretty sad time for those of us with users on TWiki (as Foswiki hasn’t released yet), but it has certainly spurred us along, now we need it more than we ever expected.

[1] Tom Barton: issues … impeding progress: an excessively rigorous approach to testing that actually inhibited less experienced developers from contributing code; …

Author: Sven Dowideit

You might remember me from tools like,,, Docker documentation, or

Leave a Reply