It's very heavy handed. It has not been 100% verified that the site was compromised, and a lot of very technically smart PHP community members are looking hard at this. It may prove to be a false positive or otherwise, but in the meantime:
1. Google is blocking access to the site in Chrome.
2. Firefox is warning users that php.net is not to be trusted (it uses the same list of infected sites provided by Google).
3. Google is warning users on Google Search that "This site may harm your computer.".
4. Google's appeals process is slow and cumbersome.
So yeah, that is a lot of power for one company.
If this happened to your website due to, for example a false positive, you would be pretty unhappy. Only a high profile project like PHP gets this kind of attention, but I'd happily wager that many smaller websites suffer the same faith every day.
A site we once had under development was incorrectly flagged. I reported the error via the webmaster tools and after less than 20 minutes, the warning went away.
1. Google is blocking access to the site in Chrome.
2. Firefox is warning users that php.net is not to be trusted (it uses the same list of infected sites provided by Google).
3. Google is warning users on Google Search that "This site may harm your computer.".
4. Google's appeals process is slow and cumbersome.
So yeah, that is a lot of power for one company.
If this happened to your website due to, for example a false positive, you would be pretty unhappy. Only a high profile project like PHP gets this kind of attention, but I'd happily wager that many smaller websites suffer the same faith every day.