PHP's Git server compromised, moving to GitHub

This page summarizes the projects mentioned and recommended in the original post on news.ycombinator.com

Our great sponsors
  • Scout APM - Less time debugging, more time building
  • SonarQube - Static code analysis for 29 languages.
  • SaaSHub - Software Alternatives and Reviews
  • PHPT

    The PHP Interpreter

    In the diff, could they be hinting at the fact that they've had access since 2017? [1] Maybe they just wanted to burn it now for some reason.

    [1] https://github.com/php/php-src/commit/c730aa26bd52829a49f2ad...

  • karma

    The Karma Stuff (by php)

  • Scout APM

    Less time debugging, more time building. Scout APM allows you to find and fix performance issues with no hassle. Now with error monitoring and external services monitoring, Scout is a developer's best friend when it comes to application development.

  • Laravel

    Laravel is a web application framework with expressive, elegant syntax. We’ve already laid the foundation for your next big idea — freeing you to create without sweating the small things.

    That's a very dated view of PHP. Modern PHP is far "cooler" than it was a few years ago. Just look at the entire https://laravel.com ecosystem — the most starred web framework on all of GitHub, across all languages, is Laravel.

  • testbed

    [test repo, please ignore] (by jwilk)

    > Doesn't GitHub require e-mail validation before it associates commits with that e-mail address?

    It doesn't AFAICS. I've just added an undeliverable address to my account, and the commits for that address show up as mine:

    https://github.com/jwilk/testbed/commit/aa0526e149b7e2a2

    Although the victim would be notified by that their e-mail was added to a rogue account, the mail says: "If this wasn’t you, please ignore this email." Ugh.

  • Git

    Git Source Code Mirror - This is a publish-only repository but pull requests can be turned into patches to the mailing list via GitGitGadget (https://gitgitgadget.github.io/). Please follow Documentation/SubmittingPatches procedure for any of your improvements.

    "'Gitweb' is a Git web interface. It is written in Perl and can be used as a CGI script, or as a mod_perl legacy script (run by ModPerl::Registry handler). It allows browsing a git repository (or a set of git repositories) using a web browser." - https://git.wiki.kernel.org/index.php/Gitweb

    The last commit looks to be Dec 2020: https://github.com/git/git/tree/master/gitweb

    Though I don't know that this was how they got into the git server.

NOTE: The number of mentions on this list indicates mentions on common posts plus user suggested alternatives. Hence, a higher number means a more popular project.

Suggest a related project

Related posts