That was less my point, and more that "battle-tested" doesn't have to be a cudgel to argue against in-house projects, especially when considering defect rates (the more-general solution is very often slower and buggier to support the features you don't need).
You mean this log4j [0] with major vulnerabilities the industry missed for nearly a decade?
[0] https://en.wikipedia.org/wiki/Log4Shell
So you don’t use any software that has had a security vulnerability?
What operating system and browser did you use to write your post?
Have you used ever OpenSSL? :-D
The thing is: A bug does not invalidate enterprise adoption - Microsoft ist a good example.
That was less my point, and more that "battle-tested" doesn't have to be a cudgel to argue against in-house projects, especially when considering defect rates (the more-general solution is very often slower and buggier to support the features you don't need).
1 reply →