From 484eb1b1039df425db46e16569aa68d74b5898b8 Mon Sep 17 00:00:00 2001
From: jvoisin
Date: Tue, 22 Oct 2019 22:51:59 +0200
Subject: Revamp a bit the FAQ
---
doc/source/faq.rst | 43 +++++++++++++++++++++++++++++++++----------
1 file changed, 33 insertions(+), 10 deletions(-)
(limited to 'doc/source/faq.rst')
diff --git a/doc/source/faq.rst b/doc/source/faq.rst
index d8ca973..4974c70 100644
--- a/doc/source/faq.rst
+++ b/doc/source/faq.rst
@@ -41,20 +41,18 @@ Who are you and why did you write Snuffleupagus?
We're working for `NBS System `__,
a web hosting company (meaning that we're dealing with PHP code all day long),
-with a strong focus on security. We do have hardening
+with a strong focus on security. We do have several layers of hardening
(`kernel `_, `WAF `_,
-`IDS `_, etc)
-below the web stack, but most of the time, when a website is compromised,
-it can be to send ads, spam, deface it, steal data etc.
-This is why we need to harden the website itself too, but we can't touch its
-source code.
+`IDS `_, etc),
+but we had nothing for PHP7.
+
Why not Suhosin?
""""""""""""""""
We're huge fans of `Suhosin `_, unfortunately:
-- it doesn't work very well on PHP 7
+- it doesn't work very well on PHP7
- it has some oudated features and misses new ones
- it doesn't cope very well with our various industrialization needs
- it has some shortcomings by design
@@ -65,10 +63,11 @@ the `system `_
and is developed by the fine people from `NBS System `__.
@@ -77,6 +76,18 @@ We chose the LGPL because we don't care that much how you're using Snuffleupagus
but we'd like to force people to make their improvements/contributions
available to everyone.
+
+What is the different between SNuffleupaugs and a (WAF) like ModSecurity?
+"""""""""""""""""""""""""""""""""""""""""""""""""""""""""""""""""""""""""
+
+`ModSecurity `__ and the other `Web Application
+Firewall (WAF) `__ are
+working by inspecting the http traffic. Snuffleupagus being a PHP module, is
+operating directly inside your website's code, with a lesser overhead, as well
+as a better understanding of what is currently happening inside your
+application.
+
+
Should I use Snuffleupagus?
"""""""""""""""""""""""""""
@@ -113,6 +124,18 @@ is still a security issue, and should be treated as such.
We don't have the pretension to state that Snuffleupagus will magically solve
all your security issues, but we believe that it might definitely help.
+
+Sounds great, but is it working?
+""""""""""""""""""""""""""""""""
+
+We've been using it in production since a couple of years, and it thwarted
+numerous known and unknown attacks. If you want some evidences, one of the
+developer published in June 2019 a `blogpost
+`__
+showcasing how efficient Snuffleupagus was versus *major* web
+vulnerabilities from 2018/2019.
+
+
Why should I send you bugs, security issues and patches?
"""""""""""""""""""""""""""""""""""""""""""""""""""""""""
Snuffleupagus is an open-source security software, by reporting (or fixing)
--
cgit v1.3
From d7b7a0d4e10d7b87b124889821b14e9858ed0a9c Mon Sep 17 00:00:00 2001
From: jvoisin
Date: Wed, 4 Mar 2020 19:30:42 +0100
Subject: %s/nbs-system/jvoisin
Since I'm the only one to maintain Snuffleupagus,
let's adjust the links and contact addresses
of my fork, to point to well… my fork.
---
APKBUILD | 4 +-
CONTRIBUTING.md | 20 ++++----
PKGBUILD | 4 +-
debian/control | 6 +--
debian/copyright | 4 +-
debian/watch | 2 +-
doc/source/config.rst | 8 ++--
doc/source/debug.rst | 4 +-
doc/source/download.rst | 8 ++--
doc/source/faq.rst | 55 +++++-----------------
doc/source/installation.rst | 4 +-
src/php_snuffleupagus.h | 2 +-
src/sp_config_keywords.c | 2 +-
src/sp_disabled_functions.c | 2 +-
src/sp_upload_validation.c | 2 +-
.../disabled_functions_drop_include.phpt | 2 +-
...disabled_functions_drop_include_simulation.phpt | 2 +-
.../disabled_functions_variadic.phpt | 2 +-
18 files changed, 49 insertions(+), 84 deletions(-)
(limited to 'doc/source/faq.rst')
diff --git a/APKBUILD b/APKBUILD
index b784e38..b3345f6 100644
--- a/APKBUILD
+++ b/APKBUILD
@@ -1,4 +1,4 @@
-# Maintainer:
+# Maintained by Julien (jvoisin) Voisin
pkgname="php7-snuffleupagus"
_pkgname="snuffleupagus"
pkgver=0.1
@@ -10,7 +10,7 @@ license="LGPL3"
depends="php7-dev php7-fpm"
source=""
-_giturl="https://github.com/nbs-system/snuffleupagus.git"
+_giturl="https://github.com/jvoisin/snuffleupagus.git"
prepare() {
default_prepare
diff --git a/CONTRIBUTING.md b/CONTRIBUTING.md
index 88a3297..40ad357 100644
--- a/CONTRIBUTING.md
+++ b/CONTRIBUTING.md
@@ -6,9 +6,9 @@ First off, thank you for considering contributing to snuffleupagus.
If you've noticed a bug or have a question,
look at the [faq](https://snuffleupagus.readthedocs.io/faq.html) and
-[search the issue tracker](https://github.com/nbs-system/snuffleupagus/issues)
+[search the issue tracker](https://github.com/jvoisin/snuffleupagus/issues)
to see if someone else has already created a ticket. If not, go ahead and
-[make one](https://github.com/nbs-system/snuffleupagus/issues/new)!
+[make one](https://github.com/jvoisin/snuffleupagus/issues/new)!
### 2. Fork & create a branch
@@ -28,7 +28,7 @@ Just type `make coverage` or `make debug`, the testsuite should be run
automatically.
Please add tests if you're fixing a bug or adding a new feature: we do have a
-[high coverage](https://coveralls.io/github/nbs-system/snuffleupagus?branch=master)
+[high coverage](https://coveralls.io/github/jvoisin/snuffleupagus?branch=master)
(functions, lines and branches), and intend to keep it that way.
#### 3.3 Debugging failures in the test suite
@@ -45,9 +45,9 @@ launching it, in order to run the failing test inside GDB.
### 4. Did you find a bug?
* **Ensure the bug was not already reported** by
- [searching all issues](https://github.com/nbs-system/snuffleupagus/issues?q=).
+ [searching all issues](https://github.com/jvoisin/snuffleupagus/issues?q=).
* If you're unable to find an open issue addressing the problem,
- [open a new one](https://github.com/nbs-system/snuffleupagus/issues/new).
+ [open a new one](https://github.com/jvoisin/snuffleupagus/issues/new).
Be sure to include a **title and clear description**,
as much relevant information as possible, and a **code sample**
or an **executable test case** demonstrating the expected behavior that is not
@@ -67,7 +67,7 @@ At this point, you should switch back to your master branch and make sure it's
up to date with our upstream master branch:
```sh
-git remote add upstream git@github.com:nbs-system/snuffleupagus.git
+git remote add upstream git@github.com:jvoisin/snuffleupagus.git
git checkout master
git pull upstream master
```
@@ -82,7 +82,7 @@ git push --set-upstream origin 325-kill-sql-injections
Finally, go to GitHub and [make a Pull Request](https://help.github.com/articles/creating-a-pull-request) :D
-Travis CI will [run our test suite](https://travis-ci.org/nbs-system/snuffleupagus)
+Travis CI will [run our test suite](https://travis-ci.org/jvoisin/snuffleupagus)
against all supported PHP versions. We care about quality, so your PR won't be
merged until all tests pass. It's unlikely, but it's possible that your changes
pass tests in one PHP version but fail in another. In that case, you'll have to
@@ -121,7 +121,7 @@ Maintainers need to do the following to push out a release:
1. Make sure that all pending and mergeable pull requests are in
2. Close the corresponding
- [milestone](https://github.com/nbs-system/snuffleupagus/milestones)
+ [milestone](https://github.com/jvoisin/snuffleupagus/milestones)
2. Run `valgrind` (by adding a `-m` after the `-q` in the Makefile) and check that everything is ok.
Don't mind the python-related issues.
3. Update the `src/php_snuffleupagus.h` according to [semantic versioning](https://semver.org/)
@@ -132,15 +132,13 @@ Maintainers need to do the following to push out a release:
8. Create a tag for the release:
```sh
- git config user.signingkey 498C46FF087EDC36E7EAF9D445414A82A9B22D78
- git config user.email security@nbs-system.com
git tag -s v$MAJOR.$MINOR.$PATCH -m "v$MAJOR.$MINOR.$PATCH"
git push --tags
git push origin master
```
9. Build the debian package with `make debian`
-10. Create the [release on github](https://github.com/nbs-system/snuffleupagus/releases)
+10. Create the [release on github](https://github.com/jvoisin/snuffleupagus/releases)
11. Add the freshly built Debian package to the release
12. Publish a [tweet](https://twitter.com/sp_php)
13. Do the *secret release dance*
diff --git a/PKGBUILD b/PKGBUILD
index 9c7239e..8ef050d 100644
--- a/PKGBUILD
+++ b/PKGBUILD
@@ -1,4 +1,4 @@
-# Maintainer NBS System Security Team
+# Maintained by Julien (jvoisin) Voisin
pkgname="snuffleupagus"
pkgver=r169.424845a
pkgrel=1
@@ -8,7 +8,7 @@ arch=('i686' 'x86_64')
license=('LGPL3')
depends=('php' 'php-fpm')
checkdepends=()
-source=("${pkgname}::git+https://github.com/nbs-system/${pkgname}.git")
+source=("${pkgname}::git+https://github.com/jvoisin/${pkgname}.git")
md5sums=('SKIP')
pkgver() {
diff --git a/debian/control b/debian/control
index 5ec0480..bd9c361 100644
--- a/debian/control
+++ b/debian/control
@@ -1,11 +1,11 @@
Source: snuffleupagus
Priority: optional
-Maintainer: NBS System
+Maintainer: Julien (jvoisin) Voisin
Build-Depends: debhelper (>= 9), php7.0-dev | php7.1-dev | php7.2-dev
Standards-Version: 4.1.3
-Homepage: https://snuffleupagus.fr
+Homepage: https://github.com/jvoisin/snuffleupagus
Section: php
-Vcs-Git: https://github.com/nbs-system/snuffleupagus
+Vcs-Git: https://github.com/jvoisin/snuffleupagus
Package: snuffleupagus
Architecture: any
diff --git a/debian/copyright b/debian/copyright
index a792452..af8f542 100644
--- a/debian/copyright
+++ b/debian/copyright
@@ -1,7 +1,7 @@
Format: https://www.debian.org/doc/packaging-manuals/copyright-format/1.0/
Upstream-Name: Snuffleupagus
-Upstream-Contact: NBS System
-Source: https://github.com/nbs-system/snuffleupagus
+Upstream-Contact: Julien (jvoisin) Voisin
+Source: https://github.com/jvoisin/snuffleupagus
Files: *
Copyright: 2017 NBS System
diff --git a/debian/watch b/debian/watch
index 86028c7..2f88601 100644
--- a/debian/watch
+++ b/debian/watch
@@ -1,2 +1,2 @@
version=3
-https://github.com/nbs-system/snuffleupagus/tags /nbs-system/snuffleupagus/archive/snuffleupagus-([0-9.]+)\.tar\.(gz|xz|bz2)
+https://github.com/jvoisin/snuffleupagus/tags /jvoisin/snuffleupagus/archive/snuffleupagus-([0-9.]+)\.tar\.(gz|xz|bz2)
diff --git a/doc/source/config.rst b/doc/source/config.rst
index 4be8db7..7691f89 100644
--- a/doc/source/config.rst
+++ b/doc/source/config.rst
@@ -199,8 +199,8 @@ argument and various information about it in the environment:
This feature can be used, for example, to check if an uploaded file contains php
code, using `vld `_,
-via `a python script `__,
-or `a php one `__.
+via `a python script `__,
+or `a php one `__.
The upload will be **allowed** if the script returns the value ``0``. Every other
value will prevent the file from being uploaded.
@@ -342,7 +342,7 @@ For clarity, the presence of the ``allow`` or ``drop`` action is **mandatory**.
because it'll match the deny first.
If you're paranoid, we're providing a `php script
-`__
+`__
to automatically generate hash of files containing dangerous functions, and
blacklisting them everywhere else.
@@ -358,7 +358,7 @@ It's currently not possible to:
things like this, odds are that you're doing something wrong anyway.
- Hooks on ``echo`` and on ``print`` are equivalent: there is no way to hook one
without hooking the other, at least
- `for now `__).
+ `for now `__).
This is why hooked ``print`` will be displayed as ``echo`` in the logs.
- Hook `strlen`, since in latest PHP versions, this function is usually
optimized away by the compiled.
diff --git a/doc/source/debug.rst b/doc/source/debug.rst
index b339366..b2a1f28 100644
--- a/doc/source/debug.rst
+++ b/doc/source/debug.rst
@@ -18,7 +18,7 @@ We're using `php qa `__ tests format for our testsuite,
it is automatically run when you're building snuffleupagus.
If it happens to have unexpected failures (Since we're using `TDD `__ as much
-as we can, we do have some expected failures), please do `open an issue `__
+as we can, we do have some expected failures), please do `open an issue `__
on our bugtracker, and attach the generated ``.diff`` and ``.out`` files to it,
so we can see what's happening.
@@ -27,7 +27,7 @@ Snuffleupagus is crashing
While we do our very best to make snuffleupagus solid as possible, we're humans,
and computers are hard, so crashes can happen. If you're encountering one in production,
-please try to launch the `testsuite `__
+please try to launch the `testsuite `__
to see if it's failing. If it does, please :ref:`tell us `.
If the testsuite is passing, odds are that you're encountering an issue tied to your php code,
diff --git a/doc/source/download.rst b/doc/source/download.rst
index dfe4768..fd61099 100644
--- a/doc/source/download.rst
+++ b/doc/source/download.rst
@@ -4,20 +4,20 @@ Download
Arch Linux
----------
-We're providing a `PKGBUILD `__,
+We're providing a `PKGBUILD `__,
so you can build a package yourself.
Alpine Linux
------------
-We're providing a `APKBUILD `__,
+We're providing a `APKBUILD `__,
so you can build a package yourself.
Debian and Ubuntu
-----------------
We're currently not providing a Debian/Ubuntu repository,
-but you can grab the latest release on `github `__,
+but you can grab the latest release on `github `__,
or build your own package by cloning the source code and typing ``make debian``.
Fedora
@@ -39,4 +39,4 @@ We're currently using *github* as public code repository.
::
- git clone https://github.com/nbs-system/snuffleupagus
+ git clone https://github.com/jvoisin/snuffleupagus
diff --git a/doc/source/faq.rst b/doc/source/faq.rst
index 4974c70..285f0c8 100644
--- a/doc/source/faq.rst
+++ b/doc/source/faq.rst
@@ -46,6 +46,8 @@ with a strong focus on security. We do have several layers of hardening
`IDS `_, etc),
but we had nothing for PHP7.
+Nowadays, Snuffleupagus is maintained by Julien (jvoisin) Voisin.
+
Why not Suhosin?
""""""""""""""""
@@ -70,7 +72,8 @@ What license is Snuffleupagus released under and why?
"""""""""""""""""""""""""""""""""""""""""""""""""""""
Snuffleupagus is licensed under the `LGPL `_
-and is developed by the fine people from `NBS System `__.
+was developed by the fine people from `NBS System `__,
+and is maintained by Julien (jvoisin) Voisin.
We chose the LGPL because we don't care that much how you're using Snuffleupagus,
but we'd like to force people to make their improvements/contributions
@@ -171,7 +174,7 @@ By checking the logs; Snuffleupagus systematically prefix them with ``[snuffleup
Does Snuffleupagus run on Windows?
""""""""""""""""""""""""""""""""""
-No idea, feel free to `try `_.
+No idea, feel free to `try `_.
Does Snuggleupagus run on `HHVM `_?
@@ -204,46 +207,13 @@ discuss potential impact of the vulnerability,
reference applicable patches or workarounds,
and credit the discoverer.
-Please send it us a mail to the ``security`` user,
-on ``nbs-system.com``, using the gpg key
-``498C46FF087EDC36E7EAF9D445414A82A9B22D78``:
-
-::
-
- -----BEGIN PGP PUBLIC KEY BLOCK-----
-
- mQENBFnKHhoBCADaOa0MKEqRy0h2ohIzczblzkMQCbU9oD1HwJ1VkYnn7TGW2iKi
- NISxisExIXpy2Bn/pA27GiV0V/Do3NL6D9r0oOCrGR27muGM0N/dk9UMv7MWw8zv
- K8cO+Sa28s0cAv7r2ogUJj5YOo8D4wHEpE8424TE89V9+Qg/SaFCxKoELFP0c7wu
- mtsm0PnL65piZ1EB7lQo2gxg+8AV45MD1Y2rREMKUoZE23X+nXKsmEh9BFEPaU5M
- 7WQp0NasqeMNoGhwfw9ttVAeLhkEkaTjW1PkNRIb7vrtV9KVb5uKucflfbOnDlzu
- tQ9U3tYto0mcSCRchAClfEmoSi/0mKyb5N6ZABEBAAG0NVNlY3VyaXR5IHRlYW0g
- b2YgTkJTIFN5c3RlbSA8c2VjdXJpdHlAbmJzLXN5c3RlbS5jb20+iQE3BBMBCAAh
- BQJZyh4aAhsDBQsJCAcCBhUICQoLAgQWAgMBAh4BAheAAAoJEEVBSoKpsi14jy0H
- /1/XB9THhvmG0ow81sld2Zx8qhnNed8VvYDS6mEjpDWNVPxENwDbnakEjisq1Hrb
- 2UQPYCyQ5dekPNFVwQHIGXkX0eb1Ank+4esBJuEpQ2985tgNhJy5ZX+Imb5C8nZC
- 90uYSN1UUg559nUsFeElOXSEH6tIXK/TvjsvMYoi2Ukl6lb7PbIU2fjLY9Iqv3QY
- 32p8/Bl1fVKWbXOk0HDgJ6zA3Kr56QhZOLBkxjOa2XAnnIE76jZxUJ9qPCwWd1vW
- GFxtx1Y+eZriqHiC9CPe6aBWcIHaTXSu1WBbXrFu8/eCWw243Rxm8l9wgA/a7VWq
- WBfO45IhJUwh95naRpw8/4a5AQ0EWcoeGgEIAJtzSyyzfn2RX+BsyoRFANUpIgrV
- /9eohYQVNqK3AFthmq7Kjmt4+hszF5+0wCFmWwYqGnqk1/dsWmqpkXsJldEn6oPJ
- Bng+Dc67Yki2dR3TroAf95UmI08fhyM7TMXp8m46BPRRMzPNwalEeEm49Oclmfxb
- JsWWCChWVLWGz2xgPEAv3fPHqus7Rwz/WIl53l/qy1Wf0ewmjRpVEfnEMKBExtBK
- 4kRxQ40LzUZ1SfpyGc3nMbswhevT7/klqrdJdCnlu67Y/IfRGxGZuNj1n1Dib3Hx
- zTBHo3Y2R3BB93Ix8dkbLaxLqFbOYVdijCgJklqUWhx7btpQ2xnZyzyCMuUAEQEA
- AYkBHwQYAQgACQUCWcoeGgIbDAAKCRBFQUqCqbIteFRvB/9u3Mae8n8ELrJKOn+P
- PEbWjutObIuTplvY4QcbnNb9dsgsKryamp4CFJsA5XuitPpC31GDMXBZO5/LLOuH
- HoMaXFJdic0NToL/3REhu+aZkNIU6S/iaPRNVhkSV4lwQsvncz+nBaiDUJjyfJm2
- kEjVcRTM8yqzcNo/9Gn0ts+XCUqRj7+S1M4Bj3NySoO/w2n+7OLbIAj+wQZcj3Gf
- 5QhBYaY4YaFxrJE0IZxyXGHw8xhKR6AN+u4TO7LRCW+cWV/sHWir1MXieJoEG8+R
- W/BhrB0Rz5uxOXMoGCCD2TUiHq7zpuHGnYFVmAnHQZaaQxXve4VrcmznxgpV8lpW
- mZug
- =+eIv
- -----END PGP PUBLIC KEY BLOCK-----
+Please do send a mail to [Julien (jvoisin) Voisin](https://dustri.org) should
+you find a security issue.
+
I found a bug. How can I report it?
"""""""""""""""""""""""""""""""""""
-We do have an issue tracker on `Github `_.
+We do have an issue tracker on `Github `_.
Please make sure to include as much information as possible when reporting your issue,
such as your operating system, your version of PHP 7, your version of Snuffleupagus,
your logs, the problematic php code, the request, a brief description, … long story short,
@@ -255,12 +225,9 @@ it's not that hard.
Where can I find even more help?
""""""""""""""""""""""""""""""""
The :doc:`configuration page ` might be what you're looking for.
-If you're adventurous, you can also check the `issue tracker `_
-(make sure to check the `closed issues `_ too).
+If you're adventurous, you can also check the `issue tracker `_
+(make sure to check the `closed issues `_ too).
-I need professional support for my company.
-"""""""""""""""""""""""""""""""""""""""""""
-Contact `NBS System `_.
Unimplemented mitigations and abandoned ideas
---------------------------------------------
diff --git a/doc/source/installation.rst b/doc/source/installation.rst
index 74d5d4f..a6b0ff8 100644
--- a/doc/source/installation.rst
+++ b/doc/source/installation.rst
@@ -1,7 +1,7 @@
Installation
============
-Snuffleupagus is tested against `various PHP 7+ versions `_.
+Snuffleupagus is tested against `various PHP 7+ versions `_.
Manual installation
-------------------
@@ -21,7 +21,7 @@ Quickstart
::
- git clone https://github.com/nbs-system/snuffleupagus
+ git clone https://github.com/jvoisin/snuffleupagus
cd snuffleupagus/src
phpize
./configure --enable-snuffleupagus
diff --git a/src/php_snuffleupagus.h b/src/php_snuffleupagus.h
index 0141a87..5a02e93 100644
--- a/src/php_snuffleupagus.h
+++ b/src/php_snuffleupagus.h
@@ -4,7 +4,7 @@
#define PHP_SNUFFLEUPAGUS_VERSION "0.5.0"
#define PHP_SNUFFLEUPAGUS_EXTNAME "snuffleupagus"
#define PHP_SNUFFLEUPAGUS_AUTHOR "NBS System"
-#define PHP_SNUFFLEUPAGUS_URL "https://github.com/nbs-system/snuffleupagus"
+#define PHP_SNUFFLEUPAGUS_URL "https://github.com/jvoisin/snuffleupagus"
#define PHP_SNUFFLEUPAGUS_COPYRIGHT "LGPLv2"
#include
diff --git a/src/sp_config_keywords.c b/src/sp_config_keywords.c
index aebe45c..c3a9c19 100644
--- a/src/sp_config_keywords.c
+++ b/src/sp_config_keywords.c
@@ -44,7 +44,7 @@ int parse_session(char *line) {
"You're trying to use the session cookie encryption feature "
"on line %zu without having session support statically built into PHP. "
"This isn't supported, see "
- "https://github.com/nbs-system/snuffleupagus/issues/278 for details.",
+ "https://github.com/jvoisin/snuffleupagus/issues/278 for details.",
sp_line_no);
pefree(session, 0);
return -1;
diff --git a/src/sp_disabled_functions.c b/src/sp_disabled_functions.c
index 9e64993..4807955 100644
--- a/src/sp_disabled_functions.c
+++ b/src/sp_disabled_functions.c
@@ -361,7 +361,7 @@ static void should_disable(zend_execute_data* execute_data,
sp_log_warn(
"disable_function",
"Snuffleupagus doesn't support variadic functions yet, sorry. "
- "Check https://github.com/nbs-system/snuffleupagus/issues/164 for "
+ "Check https://github.com/jvoisin/snuffleupagus/issues/164 for "
"details.");
} else if (false == is_param_matching(
execute_data, config_node, builtin_param,
diff --git a/src/sp_upload_validation.c b/src/sp_upload_validation.c
index ee19df9..54b0481 100644
--- a/src/sp_upload_validation.c
+++ b/src/sp_upload_validation.c
@@ -15,7 +15,7 @@ int sp_rfc1867_callback_win(unsigned int event, void *event_data,
void **extra) {
sp_log_msg("upload_validation", SP_LOG_SIMULATION,
"The upload validation doesn't work for now on Windows yet, "
- "see https://github.com/nbs-system/snuffleupagus/issues/248 for "
+ "see https://github.com/jvoisin/snuffleupagus/issues/248 for "
"details.");
return SUCCESS;
}
diff --git a/src/tests/disable_function/disabled_functions_drop_include.phpt b/src/tests/disable_function/disabled_functions_drop_include.phpt
index e18dd73..ba1c955 100644
--- a/src/tests/disable_function/disabled_functions_drop_include.phpt
+++ b/src/tests/disable_function/disabled_functions_drop_include.phpt
@@ -1,5 +1,5 @@
--TEST--
-Disable function, bug : https://github.com/nbs-system/snuffleupagus/issues/181
+Disable function, bug : https://github.com/jvoisin/snuffleupagus/issues/181
--SKIPIF--
--INI--
diff --git a/src/tests/disable_function/disabled_functions_drop_include_simulation.phpt b/src/tests/disable_function/disabled_functions_drop_include_simulation.phpt
index 07c3e98..1b13915 100644
--- a/src/tests/disable_function/disabled_functions_drop_include_simulation.phpt
+++ b/src/tests/disable_function/disabled_functions_drop_include_simulation.phpt
@@ -1,5 +1,5 @@
--TEST--
-Disable function, bug : https://github.com/nbs-system/snuffleupagus/issues/181
+Disable function, bug : https://github.com/jvoisin/snuffleupagus/issues/181
--SKIPIF--
--INI--
diff --git a/src/tests/disable_function/disabled_functions_variadic.phpt b/src/tests/disable_function/disabled_functions_variadic.phpt
index 5bace63..32b6b0e 100644
--- a/src/tests/disable_function/disabled_functions_variadic.phpt
+++ b/src/tests/disable_function/disabled_functions_variadic.phpt
@@ -13,6 +13,6 @@ function foo(...$b) {
echo foo(5, 4, 3, 2, 1);
?>
--EXPECTF--
-Warning: [snuffleupagus][0.0.0.0][disable_function] Snuffleupagus doesn't support variadic functions yet, sorry. Check https://github.com/nbs-system/snuffleupagus/issues/164 for details. in %a/disabled_functions_variadic.php on line %d
+Warning: [snuffleupagus][0.0.0.0][disable_function] Snuffleupagus doesn't support variadic functions yet, sorry. Check https://github.com/jvoisin/snuffleupagus/issues/164 for details. in %a/disabled_functions_variadic.php on line %d
Fatal error: [snuffleupagus][0.0.0.0][disabled_function] Aborted execution on call of the function 'foo' in %a/disabled_functions_variadic.php on line %d
--
cgit v1.3
From 94620108d3dbdb8c2fd11fbf8dbe12bba321ee72 Mon Sep 17 00:00:00 2001
From: jvoisin
Date: Wed, 1 Apr 2020 17:09:36 +0200
Subject: Document why SP doesn't provide a `.nop` action
---
doc/source/faq.rst | 16 ++++++++++++++++
1 file changed, 16 insertions(+)
(limited to 'doc/source/faq.rst')
diff --git a/doc/source/faq.rst b/doc/source/faq.rst
index 285f0c8..3c09409 100644
--- a/doc/source/faq.rst
+++ b/doc/source/faq.rst
@@ -245,3 +245,19 @@ if someone can manage to get better results than us.
The possibility of having this natively in PHP has
`been discussed `_,
but as 2017, nothing has been merged yet.
+
+Nop'ing function execution
+""""""""""""""""""""""""""
+
+Snuffleupagus can be configured to either *allow* or *drop* the execution of
+particular functions and optionally *log* and *dump* them, but it doesn't
+provide any mechanism to *nop* their execution.
+
+We thought about adding this, but didn't for several reasons:
+
+- What should the return value of a *nop'ed* function be?
+- It would add confusion between ``drop``, ``nop`` and ``log``.
+- Usually, when a specific function is called, either it's a dangerous one
+ and you want to stop the execution immediately, or you want to let it
+ continue and log it. There isn't really any middle-ground, or at least we
+ failed to find any.
--
cgit v1.3