go to bug id or search bugs for
Bugmail was sent when the type of bug #62966 was changed from Security to Documentation, even though as far as I know the report has never been non-private — certainly the e-mail I received marked it as private.
Archive link: http://news.php.net/php.doc.bugs/9220
Add a Patch
Add a Pull Request
here is the relevant code:
from that you can see that the private field has nothing to do with sending or
not sending notification mails.
get_package_mail() has a clause which will force using the email@example.com as
the default recipient list for a bug, but when you change the bug type from
Security, that will not happen, and if there is a list_email set for that
package in bugdb_pseudo_packages that address will be notified.
I think we should change the code to not send emails to the list_emails (and the
currently hard coded $docBugEmail for Documentation Problems) if the private
flag is set.
Apart from the security@ list there is only one package which has a non-public
list_email which is PHP.net Systems Operation problem => firstname.lastname@example.org.
And even for that list there is no reason to bother sending an email to that
email address, because many of the people on that list doesn't have trusted dev
or security dev access on bugsweb, so they couldn't see the bug anyways.
Would be nice if somebody could review my reasoning here before I commit it.
just pasting this from our irc conversation with philip and bjori:
if a bug (is private) AND (not Security bug type) AND (Documentation Problem
bugtype OR it's package has a list_email address set which isn't a private
address) then it will post notifications to a public list
This is most certainly neither a documentation problem nor a