On 9/29/23 08:42, Sara Golemon wrote:
On Thu, Sep 28, 2023 at 5:20 PM Ben Ramsey wrote:
I've added documentation inline in the security.txt file
To add some nitpicky bikeshedding, I'd put those instructions elsewhere
(maybe php-src:docs/release-process.md ?) and only have a single line in
th
On Thu, Sep 28, 2023 at 5:20 PM Ben Ramsey wrote:
> I've added documentation inline in the security.txt file
>
To add some nitpicky bikeshedding, I'd put those instructions elsewhere
(maybe php-src:docs/release-process.md ?) and only have a single line in
the security.txt file referring out to th
On 9/28/23 16:14, Derick Rethans wrote:
On 28 September 2023 20:15:34 BST, Ben Ramsey wrote:
2. I have signed it with my php.net release manager key. Since we
publish our release manager keys, I'm recommending that a release
manager for a currently supported version of PHP (at the time)
On 28 September 2023 20:15:34 BST, Ben Ramsey wrote:
>2. I have signed it with my php.net release manager key. Since we
> publish our release manager keys, I'm recommending that a release
> manager for a currently supported version of PHP (at the time) be the
> one to digitally sign this fi
I've just opened a PR on web-php to add a security.txt file to php.net[1].
Since there's currently some discussion around security audit
priorities[2], I decided to notify this list first and see if there are
any questions or concerns about adding a security.txt file.
This file implements the
