On 28/03/11 17:00, A.M. wrote:
> On Mar 28, 2011, at 3:11 AM, Federico Di Gregorio wrote:
>
>>>
>>> What Daniele did is fine:
>>>
>>> 1) There is no security problem, because the code only work in
>>> the database->user direction.
>>>
>>> 2) Allows communication with different combinations of
>>> backend/libpq versions without adding the overhead of extra
>>> quesries when establishing the connection (i.e., it just works
>>> and this is very important for the user).
>>>
>>> Also, while I am writing very few new code I am reviewing
>>> everything and I am confident to say that psycopg is much safe
>>> now than 2 years ago when I was the only developer.
> Wouldn't it make more sense to simply bundle the latest version of
> libpq with psycopg2? As far as I can tell, there is no advantage to
> compiling against an older libpq- they are all backwards compatible.
You mean bundling the libpq source code and build it as part of psycopg?
Don't know whay but that idea sends creeps up my spine... :)
federico
--
Federico Di Gregorio federico.digregorio@dndg.it
Studio Associato Di Nunzio e Di Gregorio http://dndg.it
Ma nostro di chi? Cosa abbiamo in comune io e te? -- Md