[VOTE][Entrance] Security Advisory Format

[Larry Garfield]

The PSR-9 group has been working on a a spec for recommended security
practices, including a common format for distributing security
advisories (SAs). We've determined that the SA distribution part ought
to get split off to its own PSR.

This vote is for a new PSR (which would be PSR-10) that covers just the
SA distribution and format, leaving PSR-9 for the security practices
standards.

The proposed "distribution" PSR[-10] is here:

https://github.com/php-fig/fig-standards/pull/473

As this is an Entrance Vote, please focus on the concept and not the
details of the implementation as those are bound to evolve.

The working group for the split off PSR would be:

Editor: Lukas Smith
Coordinator: Larry Garfield
Sponsor: Korvin Szanto

(The same people as for PSR-9, but with the Coordinator and Sponsor
swapped to spread out the workload.)

Voting now opens for PSR-10 Entrance vote, and will close around
midnight-ish US Central Time on 20 April 2015.

Voting representatives, please cast your votes.

--Larry Garfield

[Larry Garfield]

+1

--Larry Garfield, Drupal

[Korvin Szanto]

+1

--
You received this message because you are subscribed to the Google Groups "PHP Framework Interoperability Group" group.
To unsubscribe from this group and stop receiving emails from it, send an email to php-fig+unsubscribe@googlegroups.com.
To post to this group, send email to php...@googlegroups.com.
To view this discussion on the web visit https://groups.google.com/d/msgid/php-fig/55229FE4.9030109%40garfieldtech.com.
For more options, visit https://groups.google.com/d/optout.

[Cal Evans]

+1 Community

=C=

--Larry Garfield

--
You received this message because you are subscribed to the Google Groups "PHP Framework Interoperability Group" group.
To unsubscribe from this group and stop receiving emails from it, send an email to php-fig+unsubscribe@googlegroups.com.
To post to this group, send email to php...@googlegroups.com.
To view this discussion on the web visit https://groups.google.com/d/msgid/php-fig/55229FE4.9030109%40garfieldtech.com.
For more options, visit https://groups.google.com/d/optout.

--

Culture of Respect

How to find, hire, and retain developers

[Brett Bieber]

+1 from PEAR

[William Durand]

+1 from Propel

To unsubscribe from this group and stop receiving emails from it, send an email to php-fig+u...@googlegroups.com.

To post to this group, send email to php...@googlegroups.com.

To view this discussion on the web visit https://groups.google.com/d/msgid/php-fig/CAF6z_LK27G4BLY4%3Dcrk28xw4%2B%2B9JCvWPJudD%2BqZ%3DRRh54Krs5A%40mail.gmail.com.

[Lukas Kahwe Smith]

Not sure if I have a vote as I am the editor but +1 from Jackalope :)

> --
> You received this message because you are subscribed to the Google Groups "PHP Framework Interoperability Group" group.
> To unsubscribe from this group and stop receiving emails from it, send an email to php-fig+u...@googlegroups.com.
> To post to this group, send email to php...@googlegroups.com.
> To view this discussion on the web visit https://groups.google.com/d/msgid/php-fig/55229FE4.9030109%40garfieldtech.com.
> For more options, visit https://groups.google.com/d/optout.

regards,
Lukas Kahwe Smith
sm...@pooteeweet.org

[Larry Garfield]

Yes you do. :-)

--Larry Garfield

[Kris Wallsmith]

+1

>> To unsubscribe from this group and stop receiving emails from it, send an email to php-fig+unsubscribe@googlegroups.com.

>> To post to this group, send email to php...@googlegroups.com.
>> To view this discussion on the web visit https://groups.google.com/d/msgid/php-fig/55229FE4.9030109%40garfieldtech.com.
>> For more options, visit https://groups.google.com/d/optout.
>
> regards,
> Lukas Kahwe Smith
> sm...@pooteeweet.org
>
>
>

--
You received this message because you are subscribed to the Google Groups "PHP Framework Interoperability Group" group.

To unsubscribe from this group and stop receiving emails from it, send an email to php-fig+unsubscribe@googlegroups.com.

To post to this group, send email to php...@googlegroups.com.

To view this discussion on the web visit https://groups.google.com/d/msgid/php-fig/5522B2D8.8050605%40garfieldtech.com.

[Leo Feyer]

+1 from Contao

[Jeremy Lindblom]

+1 from Guzzle

[Josh Lockhart]

+1 Slim

--
Josh Lockhart
he...@joshlockhart.com
Web: http://joshlockhart.com
Twitter: https://twitter.com/codeguy
Code: https://github.com/codeguy

On Mon, Apr 6, 2015, at 02:50 PM, Jeremy Lindblom wrote:
> +1 from Guzzle

>
> --
> You received this message because you are subscribed to the Google Groups
> "PHP Framework Interoperability Group" group.
> To unsubscribe from this group and stop receiving emails from it, send an

> email to php-fig+u...@googlegroups.com.

> To post to this group, send email to php...@googlegroups.com.
> To view this discussion on the web visit

> https://groups.google.com/d/msgid/php-fig/CALDVupKP4Mz2SL56bx83-vG%2BBk2m6R01-sTkh52VUfTXizQp2w%40mail.gmail.com.

[Nils Adermann]

+1 phpBB

On 04/06/2015 09:07 PM, Josh Lockhart wrote:
> +1 Slim
>

[Alexander Makarov]

+1 from Yii.

[Filipe Guerra]

+1

[Matteo Beccati]

On 06/04/2015 17:01, Larry Garfield wrote:
> The PSR-9 group has been working on a a spec for recommended security
> practices, including a common format for distributing security
> advisories (SAs). We've determined that the SA distribution part ought
> to get split off to its own PSR.

+1 from Revive Adserver



--
Matteo Beccati

Development & Consulting - http://www.beccati.com/

[Rémi Gaillard]

+1 from PrestaShop

On 06/04/2015 17:01, Larry Garfield wrote:

[Bernhard Schussek]

+1 from Symfony

--

Bernhard Schussek
Blog: http://webmozarts.com
Twitter: http://twitter.com/webmozart

--
You received this message because you are subscribed to the Google Groups "PHP Framework Interoperability Group" group.

To unsubscribe from this group and stop receiving emails from it, send an email to php-fig+unsubscribe@googlegroups.com.

To post to this group, send email to php...@googlegroups.com.

To view this discussion on the web visit https://groups.google.com/d/msgid/php-fig/5523A224.2000801%40prestashop.com.

[Beau Simensen]

+1 Sculpin

[Pádraic Brady]

+1 from ZF

> --
> You received this message because you are subscribed to the Google Groups
> "PHP Framework Interoperability Group" group.
> To unsubscribe from this group and stop receiving emails from it, send an

> email to php-fig+u...@googlegroups.com.

> To post to this group, send email to php...@googlegroups.com.
> To view this discussion on the web visit

> https://groups.google.com/d/msgid/php-fig/80becaf6-ee49-4f4b-8180-887ddfa19988%40googlegroups.com.

>
> For more options, visit https://groups.google.com/d/optout.

--

--
Pádraic Brady

http://blog.astrumfutura.com
http://www.survivethedeepend.com
Zend Framework Community Review Team
Zend Framework PHP-FIG Representative

[Paul Dragoonis]

+1 from PPI Framework

To view this discussion on the web visit https://groups.google.com/d/msgid/php-fig/CALwr1GmpmydCKZfUvreVk_t8189L6iG0h5HnvfCRZk4Y6Gpvdg%40mail.gmail.com.

[Andres Gutierrez]

+1 from Phalcon

[André R.]

+1 from eZ 

[Paul M. Jones]

+1 from Solar/Aura


--
Paul M. Jones
pmjo...@gmail.com
http://paul-m-jones.com

Modernizing Legacy Applications in PHP
https://leanpub.com/mlaphp

Solving the N+1 Problem in PHP
https://leanpub.com/sn1php

[Ryan Thompson]

+1 from PyroCMS

On Monday, April 6, 2015 at 10:02:05 AM UTC-5, Larry Garfield wrote:

[Evert Pot]

+1 from sabre/dav

[Kayla Daniels]

+1 from the league

[Karsten Dambekalns]

Hi,

just in time (I hope):

> On 06.04.2015, at 17:01, Larry Garfield <la...@garfieldtech.com> wrote:
>
> This vote is for a new PSR (which would be PSR-10) that covers just the SA distribution and format, leaving PSR-9 for the security practices standards.

+1 from TYPO3 Flow.

Regards,
Karsten

[Larry Garfield]

Voting has closed on the PSR-10 entrance vote. (Actually it did a
little while ago, this is just the first chance I had to count things up.)

Eligible voters: 40
Quorum: 14

Voting in favor: 25

Larry Garfield, Drupal
Korvin Szanto, concrete5
Cal Evans, Community
Brett Bieber, PEAR
William Durand, Propel
Lukas Smith, Jackalope
Kris Wallsmith, Assetic
Leo Feyer, Contao
Jeremy Lindblom, Guzzle
Josh Lockhart, Slim
Nils Aderman, phpBB
Alexander Makarov, Yii
Filipe Guerra, SugarCRM
Matteo Beccati, Revive Adserver
Remi Gaillard, PrestaShop
Bernhard Schussek, Symfony
Beau Simensen, Sculpin
Padraic Brady, Zend Framework
Paul Dragoonis, PPI Framework
Andres Gutierez, Phalcon
Andre Romcke, eZ Publish
Paul Jones, Aura
Ryan Thompson, PyroCMS
Evert Pot, SabreDAV
Kayla Daniels, League of Extraordinary Packages

Voting against: None


Abstaining: None


Not voting: 15

Karsten Dambekalns, Typo3 Flow (Tried to vote after the deadline, by
about 5 hours. Sorry!)

Jan Schneider, Horde
Mike van Riel, phpDocumentor
Michael Rook, Phing
David Zulke, Agavi
Ivan Habunek, log4PHP
Larry Masters, CakePHP
Jordi Boggiano, Composer
Guilherme Blanco, Doctrine
Don Gilbert, Joomla
Taylor Otwell, Laravel
Nate Abele, Lithium
Robert Hafner, Stash
Jeroen De Dauw, Wikibase
Karma Dordrak, Zikula

Result:

The Security Advisory Format proposal has passed its entry vote and will
henceforth be known as PSR-10. Congrats, folks, we made it to double
digits! Now let's approve a few things...

I'll figure out the appropriate PRs to update for the web site tomorrow
when I'm not so tired. :-) Lukas, back over to you.

Korvin, hopefully me breaking out the vote this way is helpful for your
audits.

--Larry Garfield

[Korvin Szanto]

Hey All,
This will be my first callout response. I have decided to only list the member projects that have missed two or more consecutive votes.

David Zülke representing Agavi has missed the last 2 votes.

Larry Masters representing CakePHP has missed the last 2 votes.

Jordi Boggiano representing Composer has missed the last 2 votes.

Guilherme Blanco representing Doctrine has missed the last 2 votes.

Taylor Otwell representing Laravel has missed the last 2 votes.

Nate Abele representing Lithium has missed the last 2 votes.

Robert Hafner representing Stash has missed the last 2 votes.

Jeroen De Dauw representing Wikibase has missed the last 2 votes.

Remember that you can vote +0 if you are uncomfortable voting up or down.

--
You received this message because you are subscribed to the Google Groups "PHP Framework Interoperability Group" group.
To unsubscribe from this group and stop receiving emails from it, send an email to php-fig+u...@googlegroups.com.
To post to this group, send email to php...@googlegroups.com.

To view this discussion on the web visit https://groups.google.com/d/msgid/php-fig/553739B5.4000503%40garfieldtech.com.