[php-maint] Bug#658208: Bug#658208: Bug#658208: [php5] README.Debian.security: "problems used by sloppy developers"

Filipus Klutiero chealer at gmail.com
Thu Feb 2 18:42:21 UTC 2012

Hi Thomas,

On 2012-02-02 13:18, Thomas Goirand wrote:
> On 02/03/2012 01:50 AM, Filipus Klutiero wrote:
>> That would leave the question, where is PHP functionality flawed if it
>> is not in PHP's design?
> That's a discussion that could be huge. Do you think that
> README.Debian.security or even the Debian BTS, are places were we should
> discuss this? (or maybe you're not having this discussion, and regret
> that the README.Debian.security leads to it?)

Sorry, there seems to be a misunderstanding. What I'm reporting is that 
the current README contains a non-sensical item. Thijs has fixed the 
problem, but the new version is also problematic. The new version would say:

> Security support will not be provided for flaws in functionality which is not flawed in the design of PHP but can be problematic when used by sloppy developers.

What I am saying is that this wording will leave the reader puzzled; if 
a flaw in a PHP functionality is not in PHP's design, the reader will 
wonder where the flaw is.
I do not expect the README to answer that question, I would rather have 
it avoid raising the question.
> I believe that README.Debian.security really explains what it should in
> its current form.

I agree.
>   If you're not happy with it, could you (please)
> suggest a new wording here? That'd help, and speed-up this discussion.

If I understand what the item is supposed to say, I think the wording I 
suggested here is fine. I also suggested in 
http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=639230#25 that the 
entire item be scrapped.

More information about the pkg-php-maint mailing list