I don't understand the security part. Do you mean that people could report > security issues for those community branches? If so, then it's completely > unrealistic as we are already struggling with handling security issues for > the current branches. >
I honestly do not consider seriously any argument based on "it's too much load for maintainers", including around security (which is still a responsibility of feature owners). PHP is one of the most used programming languages in the world. The PHP foundation, and by proxy its sponsors, are actively paying php-src maintainers in order to not just make PHP secure, but also improve it in every way possible (unlike myself and Edmond, as we are both working as unpaid volunteers, investing a huge amount of time to develop and push major improvements to the language, for free). I honestly do not believe that sponsors actually paying the php-src maintainers would be against the introduction of genuinely useful, quality of life improvements like async, generics, etc just on the basis that it would be too much work for php-src maintainers. Yes, it would be more work. Yes, PHP needs this to become a better language and compete with other modern languages.
