Zend_Environment_Security and its relation to PhpSecInfo

I just posted this to the phpsecinfo mailing list:

Folks who download today’s Zend Framework 0.8 release will notice the a new library in the “incubator” section: Simon Mundy’s Zend_Environment. People who look closer will notice that there is a “security” module for Zend_Environment, and a test framework called Zend_Environment_Security_Test that looks a lot like PhpSecInfo. Zend_Environment_Security is basically a port of the tests I’ve written for PhpSecInfo to work with Simon’s Zend_Environment module. It does *not* replace PhpSecInfo, but rather provide a similar testing capability built into the ZFW core. PhpSecInfo could be described as the “parent” project, with Zend_Environment_Security being based on the work I do in PSI. PSI is *definitely* the core, and will for the foreseeable future take priority over any “sibling” projects. Why did I only refer to my work on PSI, and not the other very helpful folks who have contributed? Because I cannot convert any contributed code from PSI unless the contributors have signed the ZFW Contributor License Agreement. For this reason, a few tests that are present in PhpSecInfo don’t have equivalents in Zend_Environment_Security. If you have contributed tests to PhpSecInfo, or plan on doing so, I’d like you to give serious consideration to signing the Zend CLA. It won’t put any additional burden on you, as I’ll take care of porting contributed tests to the Zend_Environment_Security model. - Zend Contributor License Agreement Note that I will *not* require PhpSecInfo contributors to sign the Zend CLA. If you choose not to do so, I will be happy to use your work in PhpSecInfo. I hope this clears up any confusion. If you have questions, please let me know.

[tags]phpsecinfo, zend, zfw, zend framework, security[/tags]