Nmap Development mailing list archives

Previous By Date Next
Previous By Thread Next

Re: Deprecating scripts

From: Fyodor <fyodor () insecure org>
Date: Sun, 13 Dec 2009 18:10:53 -0800
On Sun, Dec 13, 2009 at 11:58:37AM -0600, Ron wrote:

Hello,

A few revisions ago, I removed pwdump.nse because psexec.nse has the
same functionality and more.

The problem is, I've had quite a few emails asking me why
--script=pwdump.nse doesn't work.

I'd like to get some direction on what to do with this. I'm thinking of
re-adding pwdump.nse, but making it simply print out "This script is
deprecated; please run [...] instead.

Any thoughts? Should we consider any other means of deprecating scripts?


Hi Ron.  That's a good point.  And it is relevant to the many scripts
(dozens) we've removed or renamed.  I guess it is a shame that the
command-lines stop working and the nsedoc disappears.  In many cases
the script has just been renamed, but it can be a bit hard for users
to figure it out (though it wouldn't take that much Googling as it
should be discoverable from the nmap-dev archives).

Perhaps it is a good idea to add a trivial version of the script back
as you suggest.  Rather than say "This script is deprecated; please
run ..."  I'd say "This script has been removed, please run ...".  The
same note should be included in the NSEDoc too.  And I'd suggest
putting it into just one category, maybe "removed".  I think
"deprecated" implies that the script still functions but isn't
recommended--not really the case here.  If we end up with a larger
number of these, we would probably want to treat them in a special
way.  For example, we probably wouldn't want to show them in the
all-scripts lists at http://nmap.org/nsedoc/.  People could still get
to the by using the old URL for it or by Google searching or through
the "removed" category list.  And if there are many of them, maybe we
could someday put them in a subdirectory of scripts in svn rather than
crowd that directory itself.

Those are my thoughts, but maybe others have different ideas.  If
nobody suggests something better, feel free to check in your new
pwdump.nse.

Cheers,
-F
_______________________________________________
Sent through the nmap-dev mailing list
http://cgi.insecure.org/mailman/listinfo/nmap-dev
Archived at http://seclists.org/nmap-dev/
Previous By Date Next
Previous By Thread Next

Current thread: