patrickzurek
commented
7 years ago JIRA Comment by user: pkiraly JIRA Timestamp: 2012-09-12 06:07 PM
Comment body:
The problem is, that in installation script and profile we should record the actual version numbers of Drupal core, and modules. Even if we don't improve the Drupal Toolkit, others might release new versions of their modules. Some of the changes might reflect fixing security holes. These releases are distinct ones, and Drupal knows them. When the user install Drupal with our installer, and check status, she will see, that the newly installed Drupal might contain security risks, because of outdated components.
The suggested the solution is, that we should keep the xc_installation profole/script updated, and when a new version of Drupal core or module comes up, we should update the script, and create a new release. None of the component updates require such action, only those which about Drupal makes a suggestion. Technically it means, that one at every months, we should run a check with the latest xc_installation release about updates. In Drupal there is a update checker, so technically it means, that somebody should install a fresh copy, and check update status. If there is at least one important update, the xc_installation project should be refreshed, a new release candidate should be created, and test. If all goes well, a new version should be created.
JIRA issue created by: rcook Originally opened: 2012-09-12 03:14 PM
Issue body:
Peter please expand on what this issues means and your proposed solution.
This issue has attachments associated with it (external link): [Drupal Toolkit Installation Profile Update Checklist.doc](http://www.carli.illinois.edu/sites/files/XCfiles/Drupal Toolkit Installation Profile Update Checklist.doc) [Drupal Toolkit Release Checklist.doc](http://www.carli.illinois.edu/sites/files/XCfiles/Drupal Toolkit Release Checklist.doc)