[php-maint] [PHP-DEV] Suhosin patch disabled by default in Debian php5 builds
Ángel González
keisial at gmail.com
Thu Feb 2 18:30:32 UTC 2012
Stefan Esser wrote:
> And there are many many good reasons, why Suhosin must be external to PHP.
> The most obvious one is that the code is clearly separated, so that not someone of the hundred PHP commiters accidently breaks a safe guard.
That's not a justification to keep it as a patch.
Safe guards could prefectly be skipped by a commit which changed near
code, reestructures the function or creates a different path, *even if
the patch still applies*.
So you would still need to check for all kind of unexpected changes anyway.
If it were in core, at least anyone changing the related code would
realise that it's there, and could take that into account for not
breaking it. If it's maintained by someone else as a patch, that simply
won't happen.
More information about the pkg-php-maint
mailing list