Skip to content

Commit d19a3b3

Browse files
OcramiusOcramius
committed
Removed PHAR builds support
This also removes all tooling around PHAR builds. While PHARs have some use for some community members, PHARs: * do not come with a runtime/environment * are inherently unsafe, because (even if signed) you are relying on packages downloaded and installed by maintainer who created the `.phar` file * do not match your system requirements, which may be misaligned with bundled libraries, since you are relying on the maintainer's ( @Roave / @Ocramius ) selected set of dependencies There are various ways to install PHP tools that are way better than PHAR, and that are to be endorsed instead. See https://nixos.wiki/wiki/flakes Nix flakes are completely immutable, stable, fully reproducible, customizable, and come with a full supply chain traceability of all dependencies. For maximum stability in your builds, use a nix flake. Patches are welcome to turn this package into a nix flake in itself. If you have an environment, and you want to install this package into it, generate a `composer.json` and `composer.lock` at a specific location: ```sh cd path/to/tools composer require roave/backward-compatibility-check git add composer.json git add composer.lock git commit -m "Managing own locked version of \`roave/backward-compatibility-check\`" ``` You can then `composer install` from that directory at any time, and run `./path/to/tools/vendor/bin/roave-backward-compatibility-check`. `composer install` will verify that your environment is suited for installation. This approach comes with the same downsides of `.phar` files, but: * tooling to scan for vulnerabilities inside docker images exist, and is very much growing * a docker image comes with the runtime to execute `roave/backward-compatibility-check`, and you can even run the full test suite before baking the image and calling it "compatible"
1 parent 5a80be6 commit d19a3b3

File tree

6 files changed

+0
-379
lines changed

6 files changed

+0
-379
lines changed

.gitattributes

Lines changed: 0 additions & 1 deletion
Original file line numberDiff line numberDiff line change
@@ -4,7 +4,6 @@
44
/.github/ export-ignore
55
/.gitignore export-ignore
66
/box.json.dist export-ignore
7-
/build-phar.sh export-ignore
87
/infection.json.dist export-ignore
98
/phpcs.xml.dist export-ignore
109
/phpunit.xml.dist export-ignore

.github/workflows/release-phar.yml

Lines changed: 0 additions & 35 deletions
This file was deleted.

.gitignore

Lines changed: 0 additions & 1 deletion
Original file line numberDiff line numberDiff line change
@@ -1,7 +1,6 @@
11
/vendor
22
/infection-log.txt
33
/box.json
4-
/box.phar
54
/dist
65
phpstan.neon
76
phpunit.xml

box.json.dist

Lines changed: 0 additions & 18 deletions
This file was deleted.

flake.lock

Lines changed: 0 additions & 256 deletions
This file was deleted.

flake.nix

Lines changed: 0 additions & 68 deletions
This file was deleted.

0 commit comments

Comments
 (0)