"Important security problems were fixed" -> does this mean just some known security issues were fixed or was the whole code made secure in general? There is a list of things to do to secure PHP code. Did you go through such a list and check all items? Or are you just fixing issues here and there whenever you receive feedback?