Closed. This question is opinion-based. It is not currently accepting answers.
Want to improve this question? Update the question so it can be answered with facts and citations by editing this post.
Closed 7 years ago.
Improve this question
Say I had an open-source project which I wanted to try and generate some exposure for. Would it be considered unethical to set up a project entry for it on several sites such at github, sourceforge and google code, for example?
This would be purely for giving it greater exposure. I realise there might be some practical reasons for doing this, such as wanting to use github for source control, and sourceforge for issue tracking, forums and such. For the sake if this question I'm wanting to focus more on the case where you use one of the sites as the main site for the project, and make "stub" projects on the other sites that point back to the main site.
My gut feeling is that while it may not be outrightly unethical, it might be bordering on the sleezy side...
Stick with one provider. "If you build it, they will come" :)
Besides, once people do start coming, they'll just google the project name anyway. Finding the same project on Sourceforge, Github and Google Code is just going to annoy the hell out of people.
I don't know about the ethics, but consider the practicalities:
you will have to do multiple repeated
uploads to several different sites,
doing it to a single site can be a
pain
users won't know which site to report
bugs at
if you use the SVN/CVS/git
repositories, you will have multiple
copies of your code in different
repositories - a very bad idea
I'm sure there are other problems. So stick to one site - I've been using Google Code for a small project I've just started (CSVfix, if anyone is interesed) and I can recommend Google as being very easy to set up.
I think this is fine, for the reason that each provider may have something you want. You should pick the services that are best for your project. For example:
Google code has file hosting, but the issue management is terrible, so
Launchpad has great bug tracking, but no wiki, and we use Mercurial, so
Bitbucket.org has mercurial hosting etc..
So it might be reasonable to use Launchpad for bug tracking, and Google code for hosting files and wiki, and Bitbucket.org for hosting source.
I would suggest choose your preferred host for your project. You can publish about your project on many forums. Exposure will come via search engines.
I don't know why you think it would be unethical or sleezy. Maybe you can say more about that so people could address your concerns directly. To measure that, consider if you are intentionally breaking the rules of the service, lying to anyone about how you are using the service, and being deceptive in some other way. If you are using multiple services, I don't think you have anything to hide.
Consider the Perl community, which is the one I deal with. Several projects are hosted on one of the source control services, such as SourceForge, Google Code, or Github. The main distribution for most Perl stuff is CPAN, though. Other people may distribute through Freshmeat or some other service. The main issue tracker comes from Best Practical, which hosts a free RT for every Perl module on CPAN. Most of the people I know use the best from more than one service. Indeed, the Web 2.0 way is to create applications by cobbling together services from multiple vendors. :)
You should also think about the social construction of these free sites. Places like SourceForge and Github give out free accounts, but they also sell services. They get the buzz through the free stuff that allows them to sell the premium services. I don't see anything wrong with that. If you're using the free services, just realize that in return for your free use, they get to use you as free tester, advertiser, and so on. Again, I don't see anything wrong with that. It's just part of the deal. You aren't just taking from them, you are also giving to them. There's an exchange between consenting parties.
What would be unethical, I think, is any service that forbids you to use another service or intentionally sets up a situation which would make it hard for you to use another service by not being compatible with common tools or not giving you access to your data (e.g. somehow disallowing git-svn, and so on).
Services spanning these various hosts will be inconvenient and difficult to maintain. For the above mentioned reliance on search engines to generate traffic take care to chose a name that differentiates your project from the web noise. A clear indication that traffic will not arrive is if your project first gets a re-recommendation on spelling. Take for example the people who brought you the chattr project from GNU. Immediately chatr is suggested as the proper search and your traffic will suffer accordingly.
as i has already been said having to maintain the code on several hosts will make it more trouble then it is worth. What you have to think is you would need to make sure that it uploads properly over several hosts, it would more then likely cause confusion to some over if one copy is legit and the others aren't which in turn could cause a bad name for the project before you even start.
End of the day there are much more, better ways to spread the word of your project, social networking sites, specific related forums are two main ones for you to consider, either way you would be better off spending your time posting to several sites then you would uploading and maintaining code on several sites.
I consider having several (independent) mirrors to be a benefit for the community, because such distributedness assures more reliable accessibility of your public work, now and in future (it will survive the failure of any single hosting site).
That's why I want to keep track of the available diffeent options to publicly host open-source projects:
Which public hosting sites for darcs projects are there?
Which public Git hosting sites are there that are free software?
I believe it's rather ethical (or moral) to put some effort into ensuring that your public work is published in the most accessible way (well documented, and with some guarantees about it being accessible at any moment when someone is interested).
The effort for you to push your work to several places independently (I mean, they won't depend on each other) and manage all this is probably not really a nightmare (as suggested in some other answers here), especially with a DVCS. For example, one can even set up Git so that one pushes to several places with just one command.
I feel that unless you are forcing someone to read something done by you, but you are rather just putting your stuff somewhere for it to be findable and accessible if someone is interested, you are not egoistic or ego-whatever.
Related
Closed. This question does not meet Stack Overflow guidelines. It is not currently accepting answers.
We don’t allow questions seeking recommendations for books, tools, software libraries, and more. You can edit the question so it can be answered with facts and citations.
Closed 2 years ago.
Improve this question
I've found today in my inbox an email from google where they announce that CWS payments API is deprecated
I'm working to create a Chrome extension that I want to release with the in-app payments support to let the user purchase a license to unlock full features. I was oriented to the CWS native payments API, but Google's decision to deprecate the API is a very bad news.
At the moment I've found a nice Wordpress plugin that will manage licensing, I'm thinking of using it to create a licenses backend but I'm not sure about it because it's mainly focused to be used for wordpress themes or plugins, so to implement it on client side for an extension would require some workarounds.
How do you will manage your in app purchases and licensing for Chrome extensions or Electron apps?
Alright, so as I am in the same situation as you are, I did a little bit of research. Here is a summary of my findings and comments on the matter.
There are three things to think about before you get started with the implementation:
The type of payment processing service you want to use;
The way you want to limit features for the free version (and for multiple tiers of plans);
The security of your users information through your extension.
Let's go through each of these one at a time.
1. Type of payment processing
There are two main types of service providers that will allow you to collect payments in you extension. Payment processing platforms are the first type: they allow you to process payments and will generate receipts, but they won't manage the different taxes and regulations of different countries. If you operate solely in one country, or in a few countries where taxes and regulations are the same, this won't affect you.
However, if you have users around the world, especially in Europe, implementing the rules to handle all of the different taxes and regulations can get really complicated and messy. But you have to do it, otherwise you put yourself in a situation where you are at risk of getting fined. That is where the second type comes in: the merchants of record. These are companies that will charge the users on your behalf, removing all of the complexities of taxes and regulations from your plate. They're essentially acting as a reseller of your products. Of course, they take a small cut from your revenue to pay for the weight that they're taking off your shoulders and putting onto their own.
Payment processing platforms will be cheaper (ex.: 2.9% + 0.30$ per transaction for Stripe), while merchant of records take a bigger cut (ex.: 5% + 0.50$ for Paddle). However, if you deal internationally, the 2.1% higher price is likely more advantageous for you, just because it saves you a lot of time and development work.
It's important to note however that merchant of records are unlikely to take on a brand new project, especially for Chrome extensions. That's because the amount of revenue those extensions generate on average is pretty low, and often not really worth it for them. Still, I suggest you hit up a few of them before deciding do go the classic payment processing way, just in case you can get in touch with a salesperson who sees potential in your project and is willing to take you on.
Here are a few merchant of records:
Cleverbridge
2Checkout (offers both MoR and basic payment processing services)
Paddle (does not support new Chrome extensions at the moment)
FastSpring (does not support Chrome extensions anymore, as of 2021)
Here are a few payment processing platforms:
Stripe
Paypal (from my experience, Paypal is a lot less developer friendly than Stripe)
2. Limiting features for free or tiered plans
The way features are limited for non-paying users will differ from one extension to the other.
If the features you want to limit in your extension already rely on a backend, to fetch or process data for example, it would make sense to implement the limitations on the server side. You would simply pass the user's ID, which could be stored in chrome.storage, to each request made to the backend. In addition to that, you could also disable the related elements on the client side, such as hiding or greying out buttons, tabs or fields, to make it clear to the user that those features are locked. You'll want to make sure the limitations are in place on the backend as well however, because otherwise a user could just inspect your extension and enable premium features without paying.
If your extension mostly or only operates on the client-side, then you will have to render the interface conditionally, based on the user's plan. The scripts or interfaces that will be added will most likely have to be returned by a backend, as pretty much anything that is done only on the client-side could potentially be inspected and exploited. In that case, any backend technologies or platforms you are most familiar with can probably be used to set things up.
Keep in mind that most of the payment processing and MoR listed above have APIs and guides on how to implement them securely in apps and websites. However, if you know Wordpress well and can set up a secure communication between your Wordpress and your extension, go ahead. If you want to use an online service like Zapier to link existing authentication and licensing services together, go ahead and do that!
There could be a lot more details in this section - there is a ton of material to cover, so I suggest you look for articles and tutorials online to help guide you in this process if you don't have much experience in the matter.
3. Security
This section won't be long, but it is very important one. No matter which payment processing platform you decide on or how you limit access to features in your extension, it is crucial that you make sure that your users information can never fall into the hands of another user. That includes reverse engineering and exploits of your system.
The more things you decide to handle yourself, the more risk there is, especially if you are not experienced. Keep that in mind when making your decision(s).
That's all for me. I hope that helps a bit!
I know it's probably a lot of information without any detailed "how-to", but without having in-depth knowledge of your product and situation, it is impossible to say what you should do exactly.
P.S.
If that can offer any guidance, here's what I will be doing for my own extension. Seeing as it's already very reliant on a PHP backend, I will add a few features to the backend in order to communicate with the Paddle API. So all of the limitations will be implemented on the backend, and I will add messages and visual indicators on the frontend to inform the free users of what they can and cannot do.
[Edit]
I just received a message from Paddle indicating that they do not support new Chrome extensions at the moment. Sorry for the misleading there.
[Edit: June 2021]
After an update earlier this year, FastSpring has updated their security standards, which makes it unusable within Chrome extensions. After I enquired, their support agents informed me that they do not support Chrome extensions anymore (and that it was only "accidentally" supported before).
I have taught myself HTML/CSS and some JavaScript as a hobby, and have reached the point where I am comfortable building a clean simple website. The company I work for (we do nothing related to coding) has a website that is quite outdated so naturally I saw this as an opportunity for my first live site. I approached my Managers at work to take a look at my first mock up and they loved it and want me to revamp our current site.
The one concern they have with me being a rookie is the issue of web security. Essentially they want to make sure that the website I build leaves no vulnerability for someone to hack through our server, start editing our website, etc.
There are no interactive components to the current website. I plan to build this website with only HTML and CSS, and perhaps add some JavaScript later down the road once I progress in my learning a bit more. There are no account logins or areas to enter personal information anywhere on the site.
My question comes down to this -- what can I do to ensure that the website I build is not leaving our company vulnerable? I have done a lot of searching around Stack Overflow and other websites but I am not confident I am finding the correct information.
Details that might make a difference:
Our company website is hosted through godaddy.com
Our website is currently on Wordpress, but I will probably not use Wordpress for the new website
I greatly appreciate all of your help!
since there should be no direct interacting with the server ex PHP and AJAX only HTML CSS and js there should be no security issue, as js and HTML can't edit/delete/read server files, only server-side programming can. eventually you may want to invest in PHP almost no website is complete without PHP or AJAX. take me for example, I used to use just HTML, CSS, and js. then I wanted to do more.. log form answers to a file, show different pages based on the query string. these things are virtually impossible in a HTML, CSS, and js only environment. I would also recommend atleast getting free protection from cloud flare.. they give free shared hosting wildcard SSL, and free DDOS protection, granted for a business you might want to invest a little more than free but free would be a good starting point
also you could pay someone to test the vulnerability of your company, take for example OurMine. a legal hacking group.. you pay them to test your security and they do just that. (they claim they don't log anything that they get) otherwise there might be vulnerabilities you may not be aware of
When you are concerning about just AJAX call, I would help you out for following suggestion regarding "Function access rule from AJAX".
By adding "_" as a prefix for Function name, we can prevent function to be called from The Web publicly. This is the best practice when we need some specific function to be accessed via AJAX only.
Kindly, refer my answer given in other question.
[Website Security: How to learn?
We have released a beta version of our software, and as we talked to people who started using it, we have found that a lot of the features (which we thought were essential) were not known and not used by the users.
What are the possible ways to inform the application users about the features of the application? I personally find the "Tip of the day" popups extremely annoying and disable them quickly. Are there better ways?
It depends on the: features, application, platform and users.
There is no magic usability dial that you can just turn or button you can just push.
Even within the above there may be multiple ways that a feature can be made more discoverable but it the right one(s?) may be dependent upon how much flexibility you have. In that you've just released the app to actual users, I'm guessing that you're not in a position to restructure the app or make dramatic changes to the way it is architected to improve discoverablity.
This is why usablity testing (with real users) should be started early (in the development process) and done often.
If you can provide a more specific example of a feature that you want to make more discoverable then you may get a more sepcific answer. And if you ask it at https://ux.stackexchange.com/ you may get a better answer still.
Issue a "changelog" with new releases, that will show as part of the installer wizard in a "readme"-type dialog.
Yes, tips of the day can be annoying and are often turned off, but try a one-time dialog when the newly-updated program starts, with a summary of new features.
Extensive help documentation, including a series of "How Do I" articles.
Use icons with ToolTips to attract attention to new menu options/buttons/features in the first version they're released.
People often seem dead-set against learning the software they use on a daily basis. Most office-type jobs require regular use of MS Office, but I doubt very many could even tell you how to create an Excel chart without fumbling their way through it while doing so. The best you can do is make the learning resources available.
As it currently stands, this question is not a good fit for our Q&A format. We expect answers to be supported by facts, references, or expertise, but this question will likely solicit debate, arguments, polling, or extended discussion. If you feel that this question can be improved and possibly reopened, visit the help center for guidance.
Closed 10 years ago.
I have been reading through the backlog of answered questions on SO regarding "How to promote an open source project". Not surprisingly, many of the answers pointed people to SoureForge/FreshMeat and other sites etc as well as blogging and whatnot. This started me thinking where is the best place to host a project and why?
As my first project is currently hosted on CodePlex, I started to wade through the Google search results to collect information on the pros/cons of each; however the comparisons that I found are rather dated (2+ years old).
http://www.stum.de/2008/12/13/sourceforge-vs-codeplex/
http://www.developmentnow.com/blog/2006/11/codeplex-vs-sourceforge/
http://www.spacesocket.com/forum/thread-6654.html
etc...
So the next question becomes "Should I host my project on multiple sites" to which the following post provides the expected answer (thankfully! as that would be a pain to maintain).
Hosting an open source project at several sites
Based on the current state of various Open Source hosting sites such as CodePlex, GitHub, Google Code, SourceForge, etc, etc is there any notable pros/cons of one site over the other? i.e., should I stick with CodePlex or am I missing out by not using one of the alternatives? Will one bring about more traffic to a new and unknown project?
I plan on exploring each site in more detail to see what they all offer, but given the vast knowledge of the good folks on SO, figured I would start with this question first.
UPDATED
As per erjiang answer below... I am currently using Mercurial for version control, and I am open to anything other than TFS. Also, my current project is only me developing, but future projects may be collaborative so worth considering...
Edit 2015-08-01: This answer is still getting views and votes. It's more than ancient and I'd like to delete it, but since it's the accepted answer, I can't do that. Then again, it's community wiki and the community has kept it up-to-date - thank you for that!
SourceForge has crossed over to the dark side, taking over project and bundling them with Adware (Google GIMP Sourceforge Adware). Avoid at all costs. GitHub is as of now still the most popular one, although there are alternatives (e.g., BitBucket offers unlimited private repos for free for up to 5 users.)
It's crazy how much the landscape changed in the past few years, and if you're reading this in the future, maybe GitHub is no longer the cool product. Bottom line is: There are a plethora of awesome options for whatever source control system you want to use.
Old 2010 information below for the sake of history
Edit: This answer is now ancient. In the past 2 years, GitHub has emerged as the prime Code Hosting place, and whenever I have to create a new OSS project, I don't have the trace of a shadow of a doubt where to go to. Leaving this below for reference.
Indeed, my posting is almost 2 years old (2008) now and not entirely accurate anymore.
Why?
Because I think that SourceForge is insignificant now for open source projects. Okay, this will get me into a lot of trouble, so let me clarify:
I am absolutely convinced that Open Source projects should be run on a DVCS, preferably git or mercurial as they are the most widespread - nothing against Bazaar, but I think it's a bit too obscure. (Edit: SourceForge now offers Mercurial and Bazaar, so that argument doesn't stand anymore. However, following two redesigns I think that SF's image isn't too great. To compare them to the images of companies: While GitHub is Apple, SF is IBM. Rock solid, but a bit dusty)
So if I were to write this posting again, it would be CodePlex vs. GitHub vs. BitBucket, with GitHub being the Winner. But that is a blanket statement, so let me add details. +/- isn't strictly Pro/Con, it's more to highlight different philosophies.
CodePlex
+ Real Mercurial/Git Hosting - no buggy bridge on top of TFS, you have real Mercurial/Git
+ Integrated Wiki that allows to add rich documentation and nice looking pages
+ Bug Tracker and Discussion Forums included
- Source Code browser isn't that great - Diffs appear in a popup and just 'feel' complicated
- Forks and Pull Requests 'not as easy' - the UI could use some work
Overall, CodePlex is still great but I feel it's more suited for single developers or very small teams because the focus of the website is on the Wiki rather than on the source code. It's more a publishing than a collaboration platform. Theoretically you don't need a project homepage, your CodePlex project can be your one stop shop.
GitHub
+ Git Hosting, supports SSL/SSH
+ Network graph allows to see forks and what merged into what when
+ Ability to 'watch' projects - your account page is like a Facebook wall with new checkins
+ Super good diff viewer with the ability to comment on single line changes - see here
+ Forking is a 2-click process, and so is sending pull requests
+ GitHub now has the the GUI tool GitHub for Windows
- Main page is not very 'pretty' for Non-Developers. If you have a Readme in your project (supports some markup languages like Markdown or HTML) it is displayed, but the initial page is the source code
- Wiki isn't that great - it's Markdown, but sometimes formatting feels a bit too complex.
GitHub has a different philosophy than CodePlex: it's all about the source code and about collaboration among devs. The main project page is the most up to date source code. There is a separate Wiki, but that's more intended for Documentation rather than presentation of your project. The network graph is fantastic, although it can get confusing once there are more than about 20 forks (frequently when a high profile project is announced everyone and their dog is forking it, but most forks die quickly). GitHub scales very well to any size.
In fact, GitHub makes it super easy for me to fork a project, apply a fix/patch, commit it to my fork and send a pull request to the author. Together with the Network graph it's really easy to see the commit.
But you most likely need a separate home page to present your project to end users and to provide downloads, as GitHubs download facilities aren't that great.
BitBucket
+ Git/Mercurial
+ Allows private repositories for free, up to 5 users
I haven't used BitBucket enough to make a real comment. The one feature that sets it apart is that private hosting is free, while GitHub charges and Codeplex does not offer it at all.
Google Code
Google Code is not an option anymore.
- Project creation is disabled since March 2015, and the Google service will be permanently closing down in January 25, 2016, as the competing services are simply better.
- It's ugly and it's too complicated to browse the source code (the link is somewhat buried)
I haven't used it so I don't want to say it's bad - it's not. A lot of projects use it and it's very stable and robust, haven't heard much bad from any developer. However, as a matter of personal, subjective opinion the 'design' puts me off.
SVN vs. Git/Mercurial
To reiterate my comment above about SourceForge being obsolete: That is of course a bit harsh. I do however believe that SVN is detrimental for open source projects. First of all, weird metadata requirements to ignore files. On Git or mercurial, you have a file called .gitignore or .hgignore in the root of your source tree which includes a list of files/directories/patterns to ignore. No magic svn:ignore metadata in the .svn folder. This alone blows SVN out of the water for me. If I start a new Visual Studio project I need to then apply that magic metadata, while with Git/mercurial I just copy over one file and be done with it.
Then, the ability to fork, patch and send a pull request is fantastic, especially for small/one-off patches.
Last but not least, SourceForge is still WAY too complex for my taste. It's not a bad host, but it really shows it's age IMHO. That being said, it's still robust and has many mirrors world wide. Also the Bug Tracker is much more sophisticated than the others.
Also, if your project for some reason requires strict contribution rules (which may make sense, e.g. legal protection to make sure the committed code is indeed legally contributed) then a traditional system like SVN hosted on SourceForge may work.
Edit: Wasn't aware that SF finally has distributed hosting. As said above, it's robust but just not the 'cool kid' anymore, and I find it much too complex.
TL;DR
For any small to medium project I whole hearty recommend GitHub, for small projects where you want a nice Web Site as well I'd go with CodePlex and for private projects I'd go with BitBucket. For big projects that require a very sophisticated bug tracker, tons of extra features and a 'real' website, consider Source Forge.
Well, you haven't said what source control system you use, which greatly influences your choices.
(not comprehensive)
Git -> GitHub or Gitorious are the obvious choices
Mercurial -> BitBucket
SVN -> Savannah, SF.net
Bazaar -> Launchpad
CVS -> upgrade to a newer source control system
I'm a Git fan, but Mercurial is pretty awesome as well. I personally use GitHub for it's awesome collaborative features, like easy forking and pull requests.
I want to add that CodePlex isn't very popular in the open-source ecosystem outside of the Microsoft camp, and that's easy to see from their most-downloaded list. It's probably a combination of how naturally Microsoft-centric it is, and also from past stigmas. If you're developing exclusively for .NET or something similar, then that'll change the perspective.
Edit: Also, I would argue that developers don't usually go browsing randomly for interesting projects. You're equally likely to go unnoticed on GitHub as you are on Codeplex, but if someone does discover your project, they'll be more likely to send messages/file bugs/contribute if they already have an account on that website.
Since Github is growing quite fast and seems to be the most prominent among the projects I see these days. It would get my vote.
But I think one doesn't have to mean you can't use the other. I see many projects that use Github for the source and Google Code for the docs. And besides that a Sourceforge link to it aswell.
It doesn't really matter what you use as a primary host, but I would recommend you add your projects on the other sites aswell so it's easy to find it.
This question seems like a duplicate of this one: https://stackoverflow.com/questions/10490/best-open-source-project-hosting-site
Here was my answer on that question: https://stackoverflow.com/questions/10490/best-open-source-project-hosting-site/3433969#3433969
In general I think the important pros/cons most significantly relate to the development features offered and the primary audience of each site, which in my above answer I walk through for the four most popular sites.
This question is for web developers and architects.
How do you think is it a good or bad idea to have a website where you're able to edit all the templates (HTML, CSS, JS, images..) right from the admin panel?
In this case if you update website often, you don't need to search for a local version of your website on you development machine, search for a specific page, make modifications, commit it to source control server, make deployment.. Instead, all you need is just right click on the page or any element on this page, click Edit, update a piece of HTML and click SAVE - 30 seconds maximum - all from your browser ;)
You still can have version control system with this approach and rollback any template which was modified by mistake by 2 mouse clicks on a website.
I personally like this approach and need to know your opinion. So what do you think?
Note, we are talking about big websites which have to be updated often, multilingual ones etc.
Realworld web-applications which use this approach:
Wordpress
vBulletin
Personally, I think it would depend on the complexity of the website.
What you're talking about here is directly editing the structure (and potentially behaviour) of a live website. Sure, it may take longer to make the changes on your development server before rolling them out but if there's any chance of breaking either the appearance or functionality of the site then I'd think definitely think twice.
You shouldn't be allowed to modify the entire layout of your site through the site itself in my opinion. The reasons being the lack of version control and the inability to preview what you are doing, which translate into the inability to come back to an older version. Plus if you modify it locally, you are allowed to make errors that break everything, a luxury you can't always afford if you're doing it directly through the website.
Being able to add/remove content through the website is great though, it would be very painful to update a blog by modifying your HTML each time!
I once created a site that did exactly that. (Well, without any option for source control - had to learn that one the hard way...) Looking back at what I did there, a few things come to mind:
It was a traditional website with information about my sports club, that only changed occasionally, not a web app in the modern sense.
I wanted to be able to apply fixes even though I had no access to my dev machine (because it was a private project, I was at work, and ftp connections were not allowed by the comapny proxy).
For those specific reasons, the approach was a good solution. Today I would use one of the many good frameworks for this purpose (Joomla, Drupal etc) instead of coding it myself.
On important item: I was able to edit the pages that were used to generate the main site, but not the generation program or my admin pages. For those, I had to use my dev machine and upload file changes by ftp.
I think it is a good approach, if done correctly (my implementation certainly wasn't)
Editing HTML/CSS/JS files through your web browser can make things easier, as long as the editing implementation is neat, organized, idiot-proof, and keeps track of revisions.
A major issue to consider is security. The inability to modify actual files from the content management system in most software packages is a security precaution.
Learn to use a version control system effectively and efficiently. Tools like git or bzr can take care of a lot of the tedious stuff automatically, like package building, uploading, etc.
I hate it. Web development, much like the web servers themselves, shouldn't be "comfortable". Web development should be a mother gentle caressing scary experience. It should sound, look, even taste dangerous.
Neophyte web developers should be put through their paces learning the subtler aspects of their chosen text editor before they are even allowed to open a web browser; and not be allowed near a graphical web browser before 6 months of working only using lynx for debugging.
Laziness is our bane. No more, I say.
Edit: This is, perhaps, a bit tangential to the issue at hand. It should also be mentioned that visual identity that is too simple to change will change too often, leading to confused and frustrated users.