Commit d19a3b3
committed
Removed PHAR builds support
This also removes all tooling around PHAR builds.
While PHARs have some use for some community members, PHARs:
* do not come with a runtime/environment
* are inherently unsafe, because (even if signed) you are relying on packages downloaded
and installed by maintainer who created the `.phar` file
* do not match your system requirements, which may be misaligned with bundled libraries,
since you are relying on the maintainer's ( @Roave / @Ocramius ) selected set of
dependencies
There are various ways to install PHP tools that are way better than PHAR, and
that are to be endorsed instead.
See https://nixos.wiki/wiki/flakes
Nix flakes are completely immutable, stable, fully reproducible, customizable,
and come with a full supply chain traceability of all dependencies.
For maximum stability in your builds, use a nix flake. Patches are welcome to
turn this package into a nix flake in itself.
If you have an environment, and you want to install this package into it, generate
a `composer.json` and `composer.lock` at a specific location:
```sh
cd path/to/tools
composer require roave/backward-compatibility-check
git add composer.json
git add composer.lock
git commit -m "Managing own locked version of \`roave/backward-compatibility-check\`"
```
You can then `composer install` from that directory at any time, and
run `./path/to/tools/vendor/bin/roave-backward-compatibility-check`.
`composer install` will verify that your environment is suited for installation.
This approach comes with the same downsides of `.phar` files, but:
* tooling to scan for vulnerabilities inside docker images exist, and is
very much growing
* a docker image comes with the runtime to execute `roave/backward-compatibility-check`,
and you can even run the full test suite before baking the image and calling
it "compatible"1 parent 5a80be6 commit d19a3b3
File tree
6 files changed
+0
-379
lines changed- .github/workflows
6 files changed
+0
-379
lines changed| Original file line number | Diff line number | Diff line change | |
|---|---|---|---|
| |||
4 | 4 | | |
5 | 5 | | |
6 | 6 | | |
7 | | - | |
8 | 7 | | |
9 | 8 | | |
10 | 9 | | |
| |||
This file was deleted.
| Original file line number | Diff line number | Diff line change | |
|---|---|---|---|
| |||
1 | 1 | | |
2 | 2 | | |
3 | 3 | | |
4 | | - | |
5 | 4 | | |
6 | 5 | | |
7 | 6 | | |
| |||
This file was deleted.
This file was deleted.
This file was deleted.
0 commit comments