Again, it’s been awhile so I don’t remember how it worked exactly but yes, there was some trick someone else pointed out to test my bug fix. It’s in my comments history somewhere. However, it was not anything that I could run in production so it all ended up being a waste of time after I found that out. I don’t want to have go through Sangoma just to get my pull requests approved and be able to use my own bug fixes.
Any time you can alter code it’s a security risk. That’s just how code works. I don’t want that inability imposed on me. I don’t want someone deciding what I can and cannot alter. That’s moving further and further away from the whole philosophy of “open source”. Besides, you already have the signature checking for that. Something I am also not a fan of but at least I can disable that.
It’s really not. You use the available tools to generate a GPG key and you can start signing modules locally (per system). If you want it signed against the FreePBX Master Key then you have to do a Key Signing Agreement and an extra step or two after approval.
Creating a key to locally sign modules is like 10 minutes of work, if that.
It was postulated that it was a ‘feature’ not a ‘bug’, you are apparently confusing the more general concept of ‘feature’ as understood by the general GNU community, with the far narrower concept of a FreePBX ‘feature code’, I suggest you get your own ‘Agreement’ to sign your work or do a bit more RTFM perhaps ?