K pushed.
Once we get to a stable release we should switch to working on a branch instead of master. My bad.
Nah, you pretty much summed it up. Stripe does have 'solution' you can implement for your site for exactly what you mentioned (as far as I know). Basically the issue arises when you transmit credit card information to your server, I believe. Or at least that was my understanding. That as long as the transmission is user -> Stripe, it's okay but user -> server -> Stripe is no go.
But that makes me wonder if even user -> Stripe is "breaking" PCI rules. I didn't study deeply into PCI-DSS, just that it costs a bunch of money, is a hassle and using a third-party (like Stripe) alleviates that issue as long as you never transmit CC info to your server.
You are right though that it doesn't entirely belong as a default feature.
I believe my implementation was using tokens but I'd have to check because I have a couple projects that use Stripe and this was the first one I attempted.
if it goes user -> anything you wrote even javascript-> stripe
it puts you into the loop. bleck.
When trying to be compliant I usually just push to the processor site and then have the processor push to one of my URLS like a url callback if you will.
Went through a year long audit for PCI compliance with one company. Was a nightmare. They litteraly went to every office and went through all of the files etc. nuts.
it puts you into the loop. bleck.
When trying to be compliant I usually just push to the processor site and then have the processor push to one of my URLS like a url callback if you will.
Went through a year long audit for PCI compliance with one company. Was a nightmare. They litteraly went to every office and went through all of the files etc. nuts.
Also, I would like to put the package quality up in the read me, hopefully after your next publish, the git link going to our repo will bump up the rating. you can see it here : http://packagequality.com/#?package=pizzapi
dominos was 4.5 stars I think this one should get there as well.
versioning is pretty big.
Like how does that factor in? Having a higher version is better? Or just having frequent 'releases' is good?
Higher version = better would be super weird, haha
that would have a major impact.
Once this next build is ready and we do a review, I think I would be good to going to v 1. however many 0s you used.
yeah, just proper versioning
Make sure to do a git pull!
Some of the tests are failing, should we create issues to address each one so we can split the load of addressing them?
The 'test' directory should be the one the tests are in. The difference is that mocha looks for the 'test' directory automatically if I recall correctly.
Worst case, we can add or remove an 's'.
I'll remove now
yeah, I tried atom for a week but preferred brackets
I actually tried atom twice just to give it a fair shake.
brackets plugins are the bomb.
git, term etc.