Quote:
Originally Posted by baodb
I don't see this as a problem and rather the intention of frameworks. From a project management POV I do not want every developer to know about these topics in great detail. The security aspect of an application is within the scope of a dedicated security engineer, if you do not have one (which many projects/business do not have) that is the very point of using a framework which will safeguard against the biggest issues WITHOUT your developers having to understand and mitigate those risks themselves.
|
Then we differ here because for me a developer should know as much as possible about what they are doing, otherwise they are just building shit out of lego blocks.