Hi! I wonder if there's any reason not to update bundled oniguruma library for 7.1/7.2. 7.1 one is ancient, 7.2 one is more recent but still behind. There are numerous fixes, I am sure, and one functionality improvement that allows to implement proper stack depth limiting (https://github.com/php/php-src/pull/3997). Which also makes it kinda security-relevant, which is why I am considering 7.1 too. The risk of course is that there's some kind of BC break, but I haven't heard about something like that. Did anybody? Another risk is that newer library requires some new code to handle some of the new options, and if we plug it into old code it may expose new bugs (e.g. if you use some regex feature but our code can't handle it). Quick scan through the release notes does not show anything like that, but in theory it's possible.
Anybody has any thoughts on this? Thanks, -- Stas Malyshev smalys...@gmail.com -- PHP Internals - PHP Runtime Development Mailing List To unsubscribe, visit: http://www.php.net/unsub.php
