Hi Yuancheng On Fri, Nov 15, 2024 at 2:21 PM Yuancheng Jiang <0599jian...@gmail.com> wrote: > > I have been submitting hundreds of bugs (see > https://github.com/php/php-src/issues/created_by/YuanchengJiang) during the > past months and I first thank all the developers who take time to fix these > issues to make PHP better. > > I am thrilled to introduce one fully automated fuzz testing tool, FlowFusion, > for discovering various bugs of the PHP interpreter. > > I can open-source the tool under my personal repository. I wonder by any > chance if I can contribute it as the official PHP tool under > https://github.com/php, and I would be happy to maintain it for a long time.
Thank you very much for your continued effort in finding and reporting these bugs! Congratulations on this impressive tool. It has certainly proven helpful. A few questions: Are you happy adopting an appropriate license, e.g. the PHP license? [1] (Or potentially some other the community agrees with). Can we assume this tool remains a PHP specific tool, or are you planning on expanding it to other programming languages, now that the concept has proven useful? Provided these two things are not a problem, I don't see a reason not to move it into the PHP organization. Could you also expand on hosting? Will infrastructure be provided (assuming we want continuous fuzzing) or is this something we will need to set up? It would also be nice to know how issues are reported, how many false-positives there are, how we can tweak fuzzing configuration, etc. This discussion doesn't need to happen on a big public list like this one. You can contact me directly if you wish to move this forward. Ilija [1] https://opensource.org/license/php-3-01
