Hi Internals!
On 1/10/22 15:05, Tim Düsterhus, WoltLab GmbH wrote:
https://wiki.php.net/rfc/redact_parameters_in_back_traces
At the end of last week I've updated the RFC a little based on the
questions Derick Rethan asked me for episode #97 of PHP Internals News
podcast:
https://phpinternals.news/97
- As indicated within the RFC and my previous email we still need a more
experienced developer for the final implementation, as I have next to no
experience with PHP's implementation.
Specifically adding this attribute to existing functions is not clear to
me. It is probably required to update the stub parser/generator to add
support for attributes? If someone creates an example implementation for
one function, I'll likely be able to apply this to other functions myself.
I also managed to figure this out. The proof of concept implementation at
https://github.com/php/php-src/pull/7921
now adds the \SensitiveParameter attribute to PDO::__construct()'s
$password parameter and to password_hash()'s $password parameter.
- The RFC Impact to Opcache is not clear to me. I don't believe there is
any, but I am not sure. So if someone knows, I'm happy to update that
section.
For this I got a confirmation in private that Opcache will not be affected.
-
I believe I've answered all open questions and I also managed to resolve
the open issues I listed in my initial email.
As more than two weeks have passed since I started this discussion
thread and as the discussion appears to have died down by now I'd like
to start the vote on this RFC.
I plan to open voting on Wednesday, February, 2nd. Voting will run 2
weeks, 2/3 majority with the concept being voted on as explained in the
"Proposed Voting Choice" section:
https://wiki.php.net/rfc/redact_parameters_in_back_traces#proposed_voting_choices
This being my first RFC, please let me know if I missed something with
regard to the procedure!
Best regards
Tim Düsterhus
Developer WoltLab GmbH
--
WoltLab GmbH
Nedlitzer Str. 27B
14469 Potsdam
Tel.: +49 331 96784338
duester...@woltlab.com
www.woltlab.com
Managing director:
Marcel Werk
AG Potsdam HRB 26795 P
--
PHP Internals - PHP Runtime Development Mailing List
To unsubscribe, visit: https://www.php.net/unsub.php