Good Evening.
eg. I am looking at Drupal for my own site and I find venturing into the modules portion of drupal immediately drops the quality of code, and even the ownership of security issues. It seems Drupal guys dont take on security issues for things that come from the modules or related projects that are being used inside drupal.
We (in my day job) see the same security issues for Joomla based sites when modules are used to extend core functionality. Site developers/owners are quick to extend functionality by installing additional plugins but then don't want the responsibility of maintaining multiple packages/plugins on the server. It just adds a further layer of complexity as any plugins need to also be separately monitored (and maintained) for security updates.
That's definitly true and why I try to leave most of the code as-is and add nearly no additional modules. I personally like Joomla very much. There where some annoying security issues in the past but I still believe in the stable code-base.
The Joomla phpBB bridge is non-invasive and should just work fine. If someone is interested in testing I could give him/her an account on gcug.de which will be merged when de.centos.org is going to happen.
This makes use of Fireboard, but I think I could also offer an phpBB installation. I could also transfer the installation to a testing VM if someone could grant me access.
Best Regards Marcus