On Thu, Apr 1, 2021 at 10:17 PM CHU Zhaowei <m...@jhdxr.com> wrote: > Hi Nikita, > > Can I check with you if the hook integrating with bugs.php.net still > works? I just committed a bug fix on doc-zh repo, and the bug report has > been updated. Thanks. > > Regards, > CHU Zhaowei >
This issue is probably fixed by https://github.com/php/web-master/commit/d0cac5411f97ec9df5995a632c20da770a77dedb . Nikita -----Original Message----- > From: Nikita Popov <nikita....@gmail.com> > Sent: Monday, March 29, 2021 6:52 AM > To: PHP internals <internals@lists.php.net>; PHP Doc Mailing List < > php...@lists.php.net> > Subject: [PHP-DEV] Changes to Git commit workflow > > Hi everyone, > > Yesterday (2021-03-28) two malicious commits were pushed to the php-src > repo [1] from the names of Rasmus Lerdorf and myself. We don't yet know how > exactly this happened, but everything points towards a compromise of the > git.php.net server (rather than a compromise of an individual git > account). > > While investigation is still underway, we have decided that maintaining > our own git infrastructure is an unnecessary security risk, and that we > will discontinue the git.php.net server. Instead, the repositories on > GitHub, which were previously only mirrors, will become canonical. This > means that changes should be pushed directly to GitHub rather than to > git.php.net. > > While previously write access to repositories was handled through our > home-grown karma system, you will now need to be part of the php > organization on GitHub. If you are not part of the organization yet, or > don't have access to a repository you should have access to, contact me at > ni...@php.net with your php.net and GitHub account names, as well as the > permissions you're currently missing. Membership in the organization > requires 2FA to be enabled. > > This change also means that it is now possible to merge pull requests > directly from the GitHub web interface. > > We're reviewing the repositories for any corruption beyond the two > referenced commits. Please contact secur...@php.net if you notice > anything. > > Regards, > Nikita > > [1]: > > https://github.com/php/php-src/commit/c730aa26bd52829a49f2ad284b181b7e82a68d7d > and > > https://github.com/php/php-src/commit/2b0f239b211c7544ebc7a4cd2c977a5b7a11ed8a > > > >
