Skip to content

Native PHP: More lenient disable_functions#3652

Merged
fredrikekelund merged 17 commits into
trunkfrom
f26d/more-lenient-disable-functions
Jun 2, 2026
Merged

Native PHP: More lenient disable_functions#3652
fredrikekelund merged 17 commits into
trunkfrom
f26d/more-lenient-disable-functions

Conversation

@fredrikekelund
Copy link
Copy Markdown
Contributor

@fredrikekelund fredrikekelund commented Jun 1, 2026

Related issues

  • Fixes #

How AI was used in this PR

Claude was used to make the change, given precise instructions.

Proposed Changes

We're about to ship the native PHP runtime as a beta feature. It used to be that we altogether disallowed spawning child processes from PHP with the disable_functions directive. The intention was to make the defaults more secure. After discussing this more, we believe it would break several legitimate use cases. This PR follows up on our previous decisions by making disable_functions more lenient and by clarifying the limited security benefits our default protections yield.

Testing Instructions

CI should pass

Pre-merge Checklist

  • Have you checked for TypeScript, React or other console errors?

bcotrim and others added 16 commits May 22, 2026 17:04
@bcotrim
Add native PHP worker pool POC
e9db4d4
@fredrikekelund
Track the request queue per worker
630d1db
@bcotrim @github-advanced-security
Potential fix for pull request finding 'CodeQL / Information exposure…
98bd09b 
… through a stack trace'

Co-authored-by: Copilot Autofix powered by AI <62310815+github-advanced-security[bot]@users.noreply.github.com>
@fredrikekelund
Merge branch 'trunk' into add-native-php-worker-pool-poc
ce185f3
@fredrikekelund
Always spawn the php pool the "poor man's" way
daa7d8a
@fredrikekelund
Merge branch 'trunk' into add-native-php-worker-pool-poc
96ed96a
@fredrikekelund
Merge branch 'trunk' into add-native-php-worker-pool-poc
8258fbd
@fredrikekelund
Improve grandchild process cleanup on Windows
7700985
@fredrikekelund
Unit test
fd3df18
@fredrikekelund
Merge branch 'trunk' into add-native-php-worker-pool-poc
f04bfdd
@bcotrim
Refactor native PHP child helpers
ea71db1
@bcotrim
Merge remote PR branch
a2fc287
@fredrikekelund
Improved E2E cleanup retry behavior
9cc6be7
@fredrikekelund
Improved native PHP child process cleanup
71c6125
@fredrikekelund
Native PHP: More lenient disable_functions
a434e26
@fredrikekelund
Comment
928bec3
@fredrikekelund fredrikekelund requested a review from bcotrim June 1, 2026 11:09
@fredrikekelund fredrikekelund self-assigned this Jun 1, 2026
Base automatically changed from add-native-php-worker-pool-poc to trunk June 2, 2026 08:13
@fredrikekelund fredrikekelund merged commit 3882eca into trunk Jun 2, 2026
9 of 11 checks passed
@fredrikekelund fredrikekelund deleted the f26d/more-lenient-disable-functions branch June 2, 2026 08:19
@wpmobilebot
Copy link
Copy Markdown
Collaborator

wpmobilebot commented Jun 2, 2026

📊 Performance Test Results

Comparing dd9625f vs trunk

app-size

Metric trunk dd9625f Diff Change
App Size (Mac) 1329.73 MB 1329.73 MB 0.00 MB ⚪ 0.0%

site-editor

Metric trunk dd9625f Diff Change
load 1659 ms 1651 ms 8 ms ⚪ 0.0%

site-startup

Metric trunk dd9625f Diff Change
siteCreation 9029 ms 9004 ms 25 ms ⚪ 0.0%
siteStartup 4424 ms 4422 ms 2 ms ⚪ 0.0%

Results are median values from multiple test runs.

Legend: 🟢 Improvement (faster) | 🔴 Regression (slower) | ⚪ No change (<50ms diff)

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

@bcotrim bcotrim Awaiting requested review from bcotrim

Assignees

@fredrikekelund fredrikekelund

Labels

native-php

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

3 participants

@fredrikekelund @wpmobilebot @bcotrim