Hi Stas 2016-08-15 19:12 GMT+02:00 Stanislav Malyshev <smalys...@gmail.com>: > Hi! > > I think the way security/private issues are implemented now in bugs DB > is wrong. It allows only access to a handful of people, and many package > maintainers and people that know the code in question are excluded. This > makes promptly handling bugs very hard. I propose one of: > > 1. Adding a lot more people to trusted list > 2. Implementing functionality allowing to add people to private bug on > per-bug basis.
I don't see why we cannot have both? Have active Core Developers added to the trusted-devs.inc and an option to add in additional developers that may not be on the list that could be of relation to the bug. -- regards, Kalle Sommer Nielsen ka...@php.net -- PHP Internals - PHP Runtime Development Mailing List To unsubscribe, visit: http://www.php.net/unsub.php
