On Tue, 2019-07-30 at 13:28 -0400, Bishop Bettini wrote: > On the other, I've found it refreshing working in a > slender repo that doesn't have all the history and process rules. > This is good for external (non-core and non-extension) collaborators, > particularly allowing write access to those who wouldn't want or need > write access to engine code.
We could grant access to the respective SAPI directory only. Also this is non-production code so even if merged rules can be relaxed. Only rule we have no real flexibility over is the merge requirement. (not observing that would cause trouble for others) I am also not sure having this independent makes it simpler for outsiders to contribute. You maybe ease the submission process, but setting it up becomes harder as you need to clone to repos, put it in the right place, make sure you are in compatible branches (on next PHP 7 like API change this might become relevant, maybe even sooner as it goes into different extension's APIs where we observe BC a bit less) I think merging it into PHP makes the most sense, also for signaling to the outside that we care about security by having fuzzing routines as core part of the thing. johannes -- PHP Internals - PHP Runtime Development Mailing List To unsubscribe, visit: http://www.php.net/unsub.php
