Postmortem of PHP Core compromise continues

April 2nd, 2021

The investigation of how a couple of git accounts of some prominent PHP Core developers was compromised is still ongoing. PHP internals contributor Sara Golemon took some time to join a panel of other PHP community members to discuss the current status of the investigation and what information they have.

Sara shared that there is no reason to be concerned about any of the official releases of PHP. The PHP Internals team caught this security breach before being merged into any of the release branches.

Some actions the PHP Internals team is considering moving forward are requiring signed commits for pull requests and requiring two-factor authentication for any core contributors.

You can watch the entire panel below:

Filed in:

Eric Van Johnson

CTO of DiegoDev Group, LLC. Podcaster at PHPUgly.com. Monthly contributor to php[architect] magazine and host of their podcast php[podcast].

Laravel News Partners

Laravel News Partners

Newsletter

Join 33,000+ others and never miss out on new tips, tutorials, and more.

Laravel Jobs

The official Laravel job board connecting the best jobs with top talent.

Laravel / Vue.js Engineer Software Engineer Full Stack Developer Lead Laravel Engineer (Contract or FT) Laravel & Vue JS Developer (Junior) Chief Technology Officer (CTO) | Lead Developer Senior Laravel Developer (TALL Stack) Fast Growing Ad Tech SaaS - Full Stack Dev (PHP, Laravel, Vue.js) TALL Stack Developer Software Engineer looking for high impact work 🌳🌳🌳 Full time Senior Laravel Developer-US Fintech cryptocurrency company Lead Web Developer Part-time Laravel Developer, 100% remote Senior Laravel Developer for Poptin.com (Remote) 🐦 PHP Engineer (Laravel) - Conversation AI Product

Most recent