[pekk]

As a user of a self-hosted web service, how it's written affects details about the pain of deployment and administration. How it's written also affects whether it has satisfactory performance and how many nasty security problems are waiting to be discovered.

Not everyone can afford to be completely blase about their source control system going down or getting defaced.

[_yy]

The Phacility guys know how to PHP. They used to work at Facebook. I don't like PHP either, but I trust the developers in this case.

Gitlab had its fair share of vulnerabilities, too, despite being written in Ruby. It's about the developers, not the language.

Have a look at their bug bounty program: https://hackerone.com/phabricator

[rodgerd]

PHP apps are a hell of a lot easier to keep up-to-date than the unholy hell of Rails apps, especially when you discover developers have started locking dependencies to old gems with known security issues.