Abandoned Projects

Posted by Ackis Dec 30, 2008 at 22:49 UTC

Projects with no activity over a period of six months are automatically marked as abandoned.

To mark a project unabandonded, simply go to the Actions drop-down, and select Unabandon project, check the Confirm box and click Mark Project as Unabandoned.

  1. 12 comments

Packager Enhancements

Posted by Kaelten Dec 28, 2008 at 17:38 UTC

Yesterday we launched a series of enhancements to the packager. Here is a quick rundown of the new features:

  • You can now include a subfolder from mercurial and git repositories as externals.
  • You can now include tags from mercurial and git repositories as externals.
  • You can now specify to use the latest tag of a project as an external.

These features are somewhat embodied in the following example:

       libs/LibStub: svn://
       libs/CallbackHandler-1.0: svn://
           url: svn://
           url: git://
           tag: 1.2
           tag: latest

These features have been tested, however issues may still exist, please notify us immediately if there are any issues.

Also if the examples aren't clear enough let me know ;)

  1. 2 comments

Merry Christmas!!!

Posted by Kaelten Dec 26, 2008 at 04:12 UTC

I hope everyone has had a great Christmas, or observation of choice. Sorry I didn't post it earlier, my internet is spotty atm.

Anyway, blessed holidays to all!

  1. 2 comments

Re: QuestHelper or CurseClient Keylogger Rumors

Posted by Kaelten Dec 11, 2008 at 15:17 UTC

There are a great number of people who are claiming that after downloading QuestHelper and/or the CurseClient that they are getting hacked, keylogged, or that their babies are being stolen by ninja mutant Elvises (or would it be Elvisi?).

I'd like to point out that the first two are as likely as the last, providing that:

  • You're only using versions of the CurseClient that have been hosting on Curse/CurseForge or ones linked to you directly by myself or other staff members (aka alphas).
  • You're only getting QuestHelper from reputable addon sites, such as,, or To my knowledge it's not been uploaded anywhere else by the authors.
  • You haven't paid a ninja mutant to dress up as Elvis and steal your baby.

Sadly these type of rumors are often started and perpetuated by people looking to discredit others and most of the attacks I've seen recently are slanted as anti-Curse.

There was recently a 24 page thread generated (in one freaking day!) on the official WoW forums. The instance of some of the posters there into ascribing guilt to various people and groups combined with some obvious misinformation makes me wonder if it's an intentional propaganda move. However, this is mere speculation as I have no evidence to support the thoughts as fact.

As far as keyloggers go. Please keep in mind it's most likely not the last thing you did that got your account comprised. It is a fairly common practice for these the groups responsible for hacking your accounts to wait weeks or even months before attempting to use a password.

Also, brute force attacks are not completely unheard of. So if your password is 'god', 'sex', or 'secret' please change it right away!

Lastly, a few things to remember:

  • Curse does in no way support the keyloggers, account hijacking, or gold selling.
  • You can't get a keylogger from an addon as long as you just put the files contained therein in your addon directory. You'd have to run an executable somewhere!

  1. 20 comments

Per-project role-based access control system

Posted by ckknight Dec 05, 2008 at 17:27 UTC

Hey, beautiful people.

I've been working on a per-project role-based access control system, and it's finally in place now. You may have guessed yesterday when the site was having some downtime that something was happening, and we were working out the final kinks of the system then.

Side note: Technically, this is per-repository and not per-project, but the mainline repository defines users' permissions in a project.

What this means:

Instead of just Project leader and authors, we can have multiple roles, e.g. Translators, QA, Documenters, Authors, Managers, and really anything that we can think of.

The way the system works:

There is a set of roles that we administrators define. Each role has a set of permissions attached to it.

Each repository has a set of role assignments which grant a user to one or more roles (Yes, you could be both QA and a Translator at the same time).

Each user would then have a set of permissions on a repository defined by the set of permissions of all their roles on that repository.

Here's the set of permissions:

  • Abandon project
  • Clone closed repository
  • Commit to code repository
  • Delete repository
  • Manage english project translations
  • Manage files
  • Manage project components
  • Manage project pages
  • Manage project reward splits
  • Manage project milestones
  • Manage project images
  • Manage project tickets
  • Manage project ticket templates
  • Manage relationships
  • Manage remote sync
  • Manage roles
  • Merge project
  • Resubmit project for approval
  • View code repository
  • Manage repository
  • Manage project

As it stands, we only have Manager (which has all permissions) and Author (which doesn't have as many permissions).

We do want to work on adding more roles, but we need good ideas on what is wanted as far as that is concerned. So if you have some good ideas, feel free to contact us or just leave a comment here.

Currently, all managers are also authors, and any new projects will have the owner be both a manager and an author. Note that the manager can unassign himself as an author.

  1. 5 comments