Archives


Master Symfony2 fundamentals

Be trained by SensioLabs experts (2 to 6 day sessions -- French or English).
trainings.sensiolabs.com

Discover the SensioLabs Support

Access to the SensioLabs Competency Center for an exclusive and tailor-made support on Symfony
sensiolabs.com

Stefan Koopmanschap
Symfony2 Donation Drive
by Stefan Koopmanschap – January 13, 2011 – 36 comments

If you're keeping track of symfony for the past years you know that symfony has an excellent track record as it comes to security. Where security is important for Open Source applications, it is possibly even more so important for a framework, because when an issue is found in a framework there may not just be a single point that can be abused, but the hole might be present throughout the application built on top of this framework.

An excellent advantage of Open Source is the fact that many people read the project code. Many people reading the code makes the chance much bigger that bugs and security vulnerabilities are caught. And symfony as a project is no exception to that, we have many people to thank for creating tickets and even contributing code patches.

However, there is always a chance that something slips. And of course that isn't good. Since security is one of our main concerns, we have decided to have a security audit done on both the Symfony2 and the Twig code. Both codebases are such an important part in the future of symfony, that we don't want to take a risk. And when you're talking about security and PHP code, there is one logical party to approach to do such an audit: Sektion Eins. Sektion Eins are one of the major experts when it comes to PHP and security.

Obviously, such an audit has a price. The price in this case is 6000 euro. For this specific cause, we decided to turn to the community and ask for your donation towards a secure future of Symfony2 and Twig. Every contribution is important for a project such as ours, whether it is code, reporting bugs, documentation, anything is possible. Yet another way is to contribute by donating some money towards this security audit. And this is what we're currently asking from you. And don't be afraid that your donation isn't enough for this, every single Euro, Dollar, Pound, Yen, or whatever currency you pay with is more than welcome! So please, donate now. If we raise over 6000 euro from the donations, don't be afraid. We will use the additional money to order more audits for libraries that Symfony2 uses. Doctrine for instance would be a good candidate for such an audit.

And to make it even more interesting, you can also show off your donation! If you are interested in being listed together with all the other people who donated, please forward your Paypal payment confirmation, accompanied with a name and URL, to Stefan (dot) Koopmanschap [at] symfony-project (dot) org, and when the donation drive ends, I will publish a blogpost listing those that have donated. Note: Only your name and URL will be published, not the donated amount or any additional information.

Thank you for your donation and support of the project!

Comments RSS

  • gravatar
    #1 Ovidiu C. said on the 2011/01/13 at 16:03
    Security's good, mkay?

    Donated. :)
  • gravatar
    #2 Pierre said on the 2011/01/13 at 16:06
    I'd probably donate, but not via PayPal, sorry. If there's any other way, let me know.
  • gravatar
    #3 Jaime Suez said on the 2011/01/13 at 16:10
    Let all of us donate for this important issue
  • gravatar
    #4 mTorres said on the 2011/01/13 at 16:52
    Is there another way to donate? Pay pal f****d up my account and I don't want to work with them any more. Could I send some money by post mail? May be at Sensio offices?
  • gravatar
    #5 Stan said on the 2011/01/13 at 16:58
    there is a minimum ?
  • gravatar
    #6 Daniel Londero said on the 2011/01/13 at 17:20
    Done :)
  • gravatar
    #7 bayarsaikhan said on the 2011/01/13 at 17:29
    let the Symfony2 become the fastest and most secure framework. donated.
  • gravatar
    #8 Hidenori Goto said on the 2011/01/13 at 18:10
    Donated!
  • gravatar
    #9 Ian said on the 2011/01/13 at 18:26
    I agree about PayPal, can we just send a check?
  • gravatar
    #10 J. Dreesen said on the 2011/01/13 at 18:29
    Just donated for this very great framework! :)
  • gravatar
    #11 Philip said on the 2011/01/13 at 21:20
    This is perhaps the best reason for donating that I've ever seen...

    I would happily contribute to a security audit of symfony2.
  • gravatar
    #12 Stefan said on the 2011/01/13 at 22:09
    Stan: There is no minimum amount, any amount is welcome! :)
  • gravatar
    #13 Raphael said on the 2011/01/14 at 01:01
    Done :-) I am so far a plain sf 1.4 developer and didn't look at Symfony2 so far. But looking forward to it...
  • gravatar
    #14 Dobromir Mateev said on the 2011/01/14 at 07:25
    Donated.
    This is my first non-charity donation.
    How long is the donation drive?
    I would like to see more statistical data, e.g. raised funds/count of people, raised funds by day, ..etc.
  • gravatar
    #15 Fabien said on the 2011/01/14 at 07:50
    As of now (2011-01-14 08:00), we have raised 1.600 EUR from 55 people.
  • gravatar
    #16 Fabien said on the 2011/01/14 at 08:17
    phpBB has just donated 5.000 EUR! Let's see if we can raise enough money to also order a security audit for Doctrine2.
  • gravatar
    #17 Flavian said on the 2011/01/14 at 12:03
    hmpf.. paypal...

    they did not accepted my phone number.. what a shame
  • gravatar
    #18 Dobromir Mateev said on the 2011/01/14 at 14:04
    I meant to see the data after the donation drive end.
    Wow!,you raised the funds in 17 hours after the blog post.
  • gravatar
    #19 Rimenes Ribeiro said on the 2011/01/14 at 16:40
    Done \o/
  • gravatar
    #20 maba said on the 2011/01/14 at 16:49
    Done!
  • gravatar
    #21 Samuel Charmetant said on the 2011/01/14 at 17:50
    A small contribution for us, a great step for sfSecurity !
  • gravatar
    #22 Ivan said on the 2011/01/14 at 21:41
    Donated
  • gravatar
    #23 Loïc said on the 2011/01/14 at 22:17
    Donated, I won't have the opportunity to come to the symfony live in Paris but hope there will be other symfony2 trainings soon
  • gravatar
    #24 Naoto Date said on the 2011/01/15 at 01:13
    Donated!
  • gravatar
    #25 yudoufu said on the 2011/01/15 at 09:54
    Denoted!
  • gravatar
    #26 Javi said on the 2011/01/15 at 10:09
    Let's audit Doctrine2!, donated!
  • gravatar
    #27 Daniele Dore said on the 2011/01/15 at 11:16
    Done!
  • gravatar
    #28 shishi said on the 2011/01/15 at 19:39
    done
  • gravatar
    #29 Katsuhiro OGAWA said on the 2011/01/16 at 11:52
    Done ;)
  • gravatar
    #30 Stan said on the 2011/01/16 at 17:36
    Just donated !
  • gravatar
    #31 Nikolay Kolev said on the 2011/01/16 at 20:22
    Donated!
  • gravatar
    #32 René said on the 2011/01/17 at 07:58
    I'd also donate if there's a different way than PayPal. Sorry guys, but you really cannot trust PayPal, I'd never use it.
    A normal bank account to transfer money to would also do, at least from within Europe.
  • gravatar
    #33 Gal said on the 2011/01/17 at 11:24
    Done.
  • gravatar
    #34 Fabien said on the 2011/01/18 at 07:34
    As of now (2011-01-18 08:00), we have raised 8.200 EUR from 100 people. I'm going to ask SektionEins a quote to audit Doctrine2!
  • gravatar
    #35 Pedro Casado said on the 2011/01/19 at 18:13
    Donated!
  • gravatar
    #36 Adriaan van N said on the 2011/01/20 at 00:04
    As I don't have a credit-card it is impossible for me to donate using PayPal.
    Donating using a normal bank-transfer would be a good alternative, and it's free within Europe.

    Maybe someone could add the BIC/IBAN codes for the bank account behind the Paypal account to the donate page? That would make life much easier!