Newsgroups: php.internals Path: news.php.net Xref: news.php.net php.internals:116321 Return-Path: Delivered-To: mailing list internals@lists.php.net Received: (qmail 67147 invoked from network); 11 Nov 2021 14:20:14 -0000 Received: from unknown (HELO php-smtp4.php.net) (45.112.84.5) by pb1.pair.com with SMTP; 11 Nov 2021 14:20:14 -0000 Received: from php-smtp4.php.net (localhost [127.0.0.1]) by php-smtp4.php.net (Postfix) with ESMTP id 7E6571804F7 for ; Thu, 11 Nov 2021 07:13:58 -0800 (PST) X-Spam-Checker-Version: SpamAssassin 3.4.2 (2018-09-13) on php-smtp4.php.net X-Spam-Level: X-Spam-Status: No, score=-0.7 required=5.0 tests=BAYES_05,DKIM_SIGNED, DKIM_VALID,DKIM_VALID_AU,DKIM_VALID_EF,FREEMAIL_FROM,HTML_MESSAGE, RCVD_IN_DNSWL_NONE,RCVD_IN_MSPIKE_H2,SPF_HELO_NONE,SPF_PASS autolearn=no autolearn_force=no version=3.4.2 X-Spam-ASN: AS15169 209.85.128.0/17 X-Spam-Virus: No X-Envelope-From: Received: from mail-ed1-f45.google.com (mail-ed1-f45.google.com [209.85.208.45]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange ECDHE (P-256) server-signature RSA-PSS (4096 bits) server-digest SHA256) (No client certificate requested) by php-smtp4.php.net (Postfix) with ESMTPS for ; Thu, 11 Nov 2021 07:13:58 -0800 (PST) Received: by mail-ed1-f45.google.com with SMTP id z21so25435847edb.5 for ; Thu, 11 Nov 2021 07:13:58 -0800 (PST) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20210112; h=mime-version:references:in-reply-to:from:date:message-id:subject:to :cc; bh=KC5B+I/CNjAClX6WnX9gqksp5/qccDMZnfTak/XsjRI=; b=kuLDY9JK9Ep/69lA5FqjlVJI7k3RTYC1PH9DN8OiarMxJLHsNsUMRC0RavsUhYFuxU aauoqvrBa9gk9Oz0syf0sEld43/egZaI7bndSGeP1NV7KPKuFj4yHunHce9qTYjVbs5P rT3DfAJyNbpjwVNSFWDPeGh/frhq3CmIz3nAzOS9UTn3hi1OA8hcD2yg5x7w1gR73x2z elteF1CkBV5l12J6HZnO2mfb7a0wCfgGNmlv+67boYLkRgtv+qo137+QbY8HNApZPZjq KLvmFYauVfjJjuM+ZjL5ymnAwMFDOCve3XJy5qvrrHNgP7qvYTYnbakhjPIN6aFjQ3ZC FK+w== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20210112; h=x-gm-message-state:mime-version:references:in-reply-to:from:date :message-id:subject:to:cc; bh=KC5B+I/CNjAClX6WnX9gqksp5/qccDMZnfTak/XsjRI=; b=vGuelPZib7OTHPXTrf8WPVpuvgXuACp6zy07FKfJYizcCu3DH+wytlouYPf5JKIZNd VWIldfwM7Etxjka4NT4ydreyLmffr9zMnfGloj4GJBG0jTP+efQGGuepTZ/X7WtYodr/ 4uKNmzvwN5KSesA4reGg6cofZSP5UzoULWthlxgAu1omxq/Uy5fhpbTjhtTBpDYxw0GT 6uo41fMesmc5y5DSDum48JYdZgQbtoFNE0aZ33PG695mJpXTaOWH2gMXTqt7yIjmPK5m wXGLLIf6JsujfpL+mft06zXSYZT7C46XB/0Vzu7C0Eat6RxlxuMf6Cmn44/kisA6OPQF uFaw== X-Gm-Message-State: AOAM5339fZxsDneDGIL6TEwsD9OJ5KIkc16uRNq/sMYnxWGf0IyRlvDy +ybX5gX7j9GCIXqIsvDqrX8CyjWUcTw2XAPMaigVLDDF X-Google-Smtp-Source: ABdhPJxpVVoVAaRXUVCR2zJ9nykQhcqOBYRXZEbNAb46MSzBSXD2KeBK2swnTfMznHmL0Yobc5gcvOuVM4B96wFq9Fo= X-Received: by 2002:a17:906:b01:: with SMTP id u1mr10537270ejg.504.1636643636857; Thu, 11 Nov 2021 07:13:56 -0800 (PST) MIME-Version: 1.0 References: In-Reply-To: Date: Thu, 11 Nov 2021 16:13:40 +0100 Message-ID: To: Niklas Keller Cc: PHP internals Content-Type: multipart/alternative; boundary="000000000000994f4b05d084cafa" Subject: Re: [PHP-DEV] [RFC] Migrating to GitHub issues From: nikita.ppv@gmail.com (Nikita Popov) --000000000000994f4b05d084cafa Content-Type: text/plain; charset="UTF-8" On Wed, Nov 10, 2021 at 7:23 PM Niklas Keller wrote: > Hey Nikita, > > I'd like to propose using HackerOne instead of bugs.php.net for security > issues: https://www.hackerone.com/company/open-source-community > > Best, > Niklas > Unfortunately I have no familiarity with HackerOne and as such don't know whether it would work for our purposes. I think an important requirement for us is that maintainers who are not otherwise involved in security response can be assigned to (and see) issues. I'm hazy on the details, but I believe that PHP used to be part of IBB on HackerOne and was kicked out due to lack of responsiveness (apparently nobody from the PHP side was actually involved there). Regards, Nikita --000000000000994f4b05d084cafa--