PHP internals contributor Sara Golemon answers questions from a panel of php[architect] and PHP Ugly contributors about the recent git compromise that affected the PHP project and what they’re doing about it. You can also watch a video of the roundtable with Sara.

More on This

From Rasmus Lerdorf:

It wasn't, but we caught it quickly and we have moved to https://t.co/zJeXPbbmEy requiring 2FA and signed commits. There are a lot of eyeballs on every PHP commit so it is really really hard to sneak something in like this.

— Rasmus Lerdorf (@rasmus) March 29, 2021

From Enrico Zimuel:

I just wrote an article about the recent #PHP Git server attack: https://t.co/m1YX2Uz7oA

— Enrico Zimuel (@ezimuel) March 30, 2021