Newsgroups: php.internals
Path: news.php.net
Xref: news.php.net php.internals:130330
Content-Type: multipart/alternative;
	boundary="Apple-Mail=_7CBA8A59-B0B5-4DDF-BB90-952CE0EDCE87"
Precedence: list
Mime-Version: 1.0 (Mac OS X Mail 16.0 \(3864.400.21\))
Subject: Re: [PHP-DEV] [RFC] php-community: a faster-moving, community-driven
 PHP.
Date: Sun, 15 Mar 2026 13:20:22 +0100
In-Reply-To: <299760A8-5C8A-41AD-B2EB-986079D41A47@rwec.co.uk>
Cc: internals@lists.php.net
References: <839153A0-004D-4562-BD6E-65923201EDAA@gmail.com>
 <299760A8-5C8A-41AD-B2EB-986079D41A47@rwec.co.uk>
Message-ID: <CB2D54A7-BF48-40A6-A746-34078A05A7DC@gmail.com>
From: daniil.gentili@gmail.com (Daniil Gentili)


--Apple-Mail=_7CBA8A59-B0B5-4DDF-BB90-952CE0EDCE87
Content-Transfer-Encoding: quoted-printable
Content-Type: text/plain;
	charset=utf-8

>=20
>=20
>> For the first time, official binaries and packages will be provided =
for all major Linux distros for php-community releases on php.net
>=20
> Who is going to create and maintain these packages? Who decides which =
distros, which versions, etc? Like sandboxing, this could fill an RFC on =
its own.
>=20

Initially me as the author of the RFC, then php-src maintainers.
Splitting up this RFC into sub-RFCs is not an issue to me, but I would =
prefer to get a general positive consensus before spending more time on =
actual implementation.

>=20
>> Multiple versions of the same feature may be offered at the same time =
in a single php-community release
>=20
> How will this work, code-wise? Are these versions actually separate =
implementations side by side, or limited to changes that can be =
represented with feature flags?
>=20
> What is the minimum lifetime and lifecycle of these versions? Can a =
version be retired early if it has an unsolvable stability or security =
issue?=20
>=20

Clarified that this was mainly meant for removal/deprecation feature =
extensions.

The exact lifecycle is explicitly not defined to allow for more =
flexibility, but it can have emergency yanks for security issues, just =
like for all extensions.


>=20
>> internals members through GitHub =F0=9F=91=8D =3D Accept, =F0=9F=91=8E =
=3D Reject, =F0=9F=91=80 =3D Abstain reactions on the issue using their =
GitHub accounts,
>=20
> I don't think we have any suitable definition of "internals members" =
that can apply here. Do you mean people with commit access to the =
php-src repo? Or are you hoping to cross-check GitHub users against =
main.php.net accounts (as used by the current voting widget) somehow?
>=20

By internals members I mean users with current voting rights, who will =
provide their GitHub nicknames.

>=20
>> A feature is eligible for removal only if both of the following =
conditions are met:
>> -  It has no active maintainer listed in the accepted community RFC =
design document.
>> -  Adoption is negligible, as evidenced by Packagist statistics.
>=20
> This feels incompatible with the rest of the process. If features are =
easy to propose, release, and iterate, it should be just as easy to mark =
them abandoned or obsolete. Otherwise, an interesting but flawed feature =
has to be maintained forever even if its author loses interest - and who =
is going to do that maintenance?
>=20
> If the intention of these features is to be experimental, perhaps =
every feature version could have a fixed lifetime. Users know that they =
can't rely on it long-term, but if it's popular it will hopefully make =
it into a stable release of PHP.
>=20

The point here is that users MUST be able to rely on feature extensions, =
including in the long-term: this is the reason for the stringent removal =
requirements.

>=20
>> php-community will always be based on the latest stable PHP release
>=20
> Who will be responsible for merging changes made to "feature =
extensions" back to master, and stabilising the first community release =
after a new stable release?
>=20
>=20

The feature owners handle all changes to feature extensions.

Normal PHP RMs handle merging stable PHP into the community branch.

>> Community releases are =E2=80=9Chandled=E2=80=9D by the same release =
managers of the latest stable PHP release, however the release process =
will be significantly automated, compared to the current manual release =
process
>=20
> Is there something that makes this automation easier for community =
releases than regular ones? Or is automaton of the existing process =
something that needs to be done before we can consider this RFC?
>=20

It can be applied to regular ones as well, but it was added mainly to =
work around the fact that normal PHP already has third-party distro =
packaging, while php-community will not, unless it is provided from the =
start by php.net <http://php.net/> directly.

>=20
>> Wait for the CI status of the new branch to become green
>=20
> If there are failing tests in a particular feature when it's time to =
tag a community release, what happens? Does the release get delayed =
until the maintainer of that feature fixes it?
>=20

Feature maintainers cannot merge a failing PR, just like with all other =
php-src PRs.

>=20
>> php-community will live on a new community branch of php-src
>=20
> Who will be responsible for the stability of this branch? This is =
really important, because you're targeting this concept at shared hosts, =
who want to know the software they're running is stable and secure.
>=20

The feature authors, backed by the judgement of internals members and =
php-src maintainers.

> Why will somebody trust this branch containing a bunch of =
separately-maintained feature extensions any more than they would trust =
a repository of PIE extensions? If anything, it is far *more* dangerous, =
because the features aren't limited to the normal extension API.

Sandboxing plays the single most important rule in building trust.


>> Note: the first community RFC may indeed be the one regarding the =
choice of appropriate sandbox keys.
>=20
> By definition, the sandbox mechanism needs to exist outside of the =
feature extension system, and be stable across community versions. As =
others have said, it's basically independent of this proposal, and =
should be its own RFC following the normal process.
>=20

Yes, absolutely.

>=20
> In other replies on this thread you've emphasised the role of feature =
maintainers, but the RFC doesn't go into much detail about how that role =
will work. Will it be like maintaining a PIE extension, committing code =
directly, but in a directory of php-src? Or are other members of the =
community expected to review their code and merge it?
>=20

Clarified now, mainly it=E2=80=99s like maintaining a PIE extension =
committing code directly to php-src, with *some* supervision from =
php-src maintainers (mainly just a basic qualitychecks), crucially =
little impact on the actual API and design (which is the main way to =
reduce load on php-src maintainers).

>=20
> I think this RFC is trying to do two conflicting things at once:=20
>=20
> 1) allow users to test far-reaching, experimental, changes to the =
language and engine
> 2) allow users to enable safe, stable, features without installing =
untrusted binaries
>=20

These are not conflicting things, they complement each other.

> For problem 1, what we need is a way to get usable builds into the =
hands of users from experimental branches of the source. If CI tooling =
and release packaging can be automated enough, there's no reason to =
limit it to just one "community" branch.
>=20

Actually, the second php-community distro could theoretically be skipped =
altogether, shipping PhpFeatures into normal PHP, which would likely =
increase adoption even more.

> For problem 2, we need stronger guarantees of stability, not weaker =
ones: better sandboxing so people trust extensions more, perhaps; or =
more feature flags within the existing release cycle.

Sandboxing is expected to cover this.
>=20
>=20


Regards,
Daniil Gentili.


--Apple-Mail=_7CBA8A59-B0B5-4DDF-BB90-952CE0EDCE87
Content-Transfer-Encoding: quoted-printable
Content-Type: text/html;
	charset=utf-8

<html aria-label=3D"message body"><head><meta http-equiv=3D"content-type" =
content=3D"text/html; charset=3Dutf-8"></head><body =
style=3D"overflow-wrap: break-word; -webkit-nbsp-mode: space; =
line-break: after-white-space;"><div><blockquote =
type=3D"cite"><div><div><br><br><blockquote type=3D"cite">For the first =
time, official binaries and packages will be provided for all major =
Linux distros for php-community releases on =
php.net<br></blockquote><br>Who is going to create and maintain these =
packages? Who decides which distros, which versions, etc? Like =
sandboxing, this could fill an RFC on its =
own.<br><br></div></div></blockquote><div><br></div><div>Initially me as =
the author of the RFC, then php-src maintainers.</div><div>Splitting up =
this RFC into sub-RFCs is not an issue to me, but I would prefer to get =
a general positive consensus before spending more time on actual =
implementation.</div><br><blockquote =
type=3D"cite"><div><div><br><blockquote type=3D"cite">Multiple versions =
of the same feature may be offered at the same time in a single =
php-community release<br></blockquote><br>How will this work, code-wise? =
Are these versions actually separate implementations side by side, or =
limited to changes that can be represented with feature =
flags?<br><br></div></div></blockquote><blockquote =
type=3D"cite"><div><div>What is the minimum lifetime and lifecycle of =
these versions? Can a version be retired early if it has an unsolvable =
stability or security issue? =
<br><br></div></div></blockquote><div><br></div><div>Clarified that this =
was mainly meant for removal/deprecation feature =
extensions.</div><div><br></div><div>The exact lifecycle is explicitly =
not defined to allow for more flexibility, but it can have emergency =
yanks for security issues, just like for all =
extensions.</div><div><br></div><br><blockquote =
type=3D"cite"><div><div><br><blockquote type=3D"cite">internals members =
through GitHub =F0=9F=91=8D =3D Accept, =F0=9F=91=8E =3D Reject, =F0=9F=91=
=80 =3D Abstain reactions on the issue using their GitHub =
accounts,<br></blockquote><br>I don't think we have any suitable =
definition of "internals members" that can apply here. Do you mean =
people with commit access to the php-src repo? Or are you hoping to =
cross-check GitHub users against main.php.net accounts (as used by the =
current voting widget) =
somehow?<br><br></div></div></blockquote><div><br></div><div>By =
internals members I mean users with current voting rights, who will =
provide their GitHub nicknames.</div><br><blockquote =
type=3D"cite"><div><div><br><blockquote type=3D"cite"> A feature is =
eligible for removal only if both of the following conditions are =
met:<br>- &nbsp;It has no active maintainer listed in the accepted =
community RFC design document.<br>- &nbsp;Adoption is negligible, as =
evidenced by Packagist statistics.<br></blockquote><br>This feels =
incompatible with the rest of the process. If features are easy to =
propose, release, and iterate, it should be just as easy to mark them =
abandoned or obsolete. Otherwise, an interesting but flawed feature has =
to be maintained forever even if its author loses interest - and who is =
going to do that maintenance?<br><br>If the intention of these features =
is to be experimental, perhaps every feature version could have a fixed =
lifetime. Users know that they can't rely on it long-term, but if it's =
popular it will hopefully make it into a stable release of =
PHP.<br><br></div></div></blockquote><div><br></div><div>The point here =
is that users MUST be able to rely on feature extensions, including in =
the long-term: this is the reason for the stringent removal =
requirements.</div><br><blockquote type=3D"cite"><div><div><br><blockquote=
 type=3D"cite">php-community will always be based on the latest stable =
PHP release<br></blockquote><br>Who will be responsible for merging =
changes made to "feature extensions" back to master, and stabilising the =
first community release after a new stable =
release?<br><br><br></div></div></blockquote><div><br></div><div>The =
feature owners handle all changes to feature =
extensions.</div><div><br></div><div>Normal PHP RMs handle merging =
stable PHP into the community branch.</div><br><blockquote =
type=3D"cite"><div><div><blockquote type=3D"cite">Community releases are =
=E2=80=9Chandled=E2=80=9D by the same release managers of the latest =
stable PHP release, however the release process will be significantly =
automated, compared to the current manual release =
process<br></blockquote><br>Is there something that makes this =
automation easier for community releases than regular ones? Or is =
automaton of the existing process something that needs to be done before =
we can consider this =
RFC?<br><br></div></div></blockquote><div><br></div><div>It can be =
applied to regular ones as well, but it was added mainly to work around =
the fact that normal PHP already has third-party distro packaging, while =
php-community will not, unless it is provided from the start by <a =
href=3D"http://php.net">php.net</a>&nbsp;directly.</div><br><blockquote =
type=3D"cite"><div><div><br><blockquote type=3D"cite">Wait for the CI =
status of the new branch to become green<br></blockquote><br>If there =
are failing tests in a particular feature when it's time to tag a =
community release, what happens? Does the release get delayed until the =
maintainer of that feature fixes =
it?<br><br></div></div></blockquote><div><br></div>Feature maintainers =
cannot merge a failing PR, just like with all other php-src =
PRs.</div><div><br><blockquote type=3D"cite"><div><div><br><blockquote =
type=3D"cite">php-community will live on a new community branch of =
php-src<br></blockquote><br>Who will be responsible for the stability of =
this branch? This is really important, because you're targeting this =
concept at shared hosts, who want to know the software they're running =
is stable and =
secure.<br><br></div></div></blockquote><div><br></div><div>The feature =
authors, backed by the judgement of internals members and php-src =
maintainers.</div><div><br></div><div><blockquote type=3D"cite">Why will =
somebody trust this branch containing a bunch of separately-maintained =
feature extensions any more than they would trust a repository of PIE =
extensions? If anything, it is far *more* dangerous, because the =
features aren't limited to the normal extension =
API.<br></blockquote><br></div><div>Sandboxing plays the single most =
important rule in building trust.</div><div><br></div><br><blockquote =
type=3D"cite"><div><div><blockquote type=3D"cite">Note: the first =
community RFC may indeed be the one regarding the choice of appropriate =
sandbox keys.<br></blockquote><br>By definition, the sandbox mechanism =
needs to exist outside of the feature extension system, and be stable =
across community versions. As others have said, it's basically =
independent of this proposal, and should be its own RFC following the =
normal process.<br><br></div></div></blockquote><div><br></div><div>Yes, =
absolutely.</div><br><blockquote type=3D"cite"><div><div><br>In other =
replies on this thread you've emphasised the role of feature =
maintainers, but the RFC doesn't go into much detail about how that role =
will work. Will it be like maintaining a PIE extension, committing code =
directly, but in a directory of php-src? Or are other members of the =
community expected to review their code and merge =
it?<br><br></div></div></blockquote><div><br></div><div>Clarified now, =
mainly it=E2=80=99s like maintaining a PIE extension committing code =
directly to php-src, with *some* supervision from php-src maintainers =
(mainly just a basic qualitychecks), crucially little impact on the =
actual API and design (which is the main way to reduce load on php-src =
maintainers).</div><br><blockquote type=3D"cite"><div><div><br>I think =
this RFC is trying to do two conflicting things at once: <br><br>1) =
allow users to test far-reaching, experimental, changes to the language =
and engine<br>2) allow users to enable safe, stable, features without =
installing untrusted =
binaries<br><br></div></div></blockquote><div><br></div><div>These are =
not conflicting things, they complement each other.</div><br><blockquote =
type=3D"cite"><div><div>For problem 1, what we need is a way to get =
usable builds into the hands of users from experimental branches of the =
source. If CI tooling and release packaging can be automated enough, =
there's no reason to limit it to just one "community" =
branch.<br><br></div></div></blockquote><div><br></div><div>Actually, =
the second php-community distro could theoretically be skipped =
altogether, shipping PhpFeatures into normal PHP, which would likely =
increase adoption even more.</div><br><blockquote =
type=3D"cite"><div><div>For problem 2, we need stronger guarantees of =
stability, not weaker ones: better sandboxing so people trust extensions =
more, perhaps; or more feature flags within the existing release =
cycle.<br></div></div></blockquote><div><br></div><div>Sandboxing is =
expected to cover this.</div><blockquote =
type=3D"cite"><div><div><br></div></div><div><br></div></blockquote><br></=
div><div><br></div><div>Regards,</div><div>Daniil =
Gentili.</div><br></body></html>=

--Apple-Mail=_7CBA8A59-B0B5-4DDF-BB90-952CE0EDCE87--