Add this suggestion to a batch that can be applied as a single commit.
This suggestion is invalid because no changes were made to the code.
Suggestions cannot be applied while the pull request is closed.
Suggestions cannot be applied while viewing a subset of changes.
Only one suggestion per line can be applied in a batch.
Add this suggestion to a batch that can be applied as a single commit.
Applying suggestions on deleted lines is not supported.
You must change the existing code in this line in order to create a valid suggestion.
Outdated suggestions cannot be applied.
This suggestion has been applied or marked resolved.
Suggestions cannot be applied from pending reviews.
Suggestions cannot be applied on multi-line comments.
Suggestions cannot be applied while the pull request is queued to merge.
Suggestion cannot be applied right now. Please check back later.
Context
Summary
This PR can be summarized in the following changelog entry:
Relevant technical choices:
As per our discussion.
This project does not have run-time dependencies (
require
), only development dependencies (require-dev
).When a project has run-time dependencies, and especially when it is subsequently distributed in a manner without dependency management (i.e. zip file plugin distribution), it can be very important to make sure that the versions used of the run-time dependencies are locked to specific versions with which the plugin has been tested thoroughly.
However, that is not the case for this plugin, which only has dev dependencies. In that case, having a
composer.lock
can make things like running the tests on multiple different PHP version which require different versions of the underlying test tools more difficult.With that in mind, I'm removing the
composer.lock
file and adding it to the.gitignore
file to prevent it from being committed again.If at some point in the future, any of the dev dependencies would need to be "locked" at a specific version (or range), that can be achieved by making the version constraint in the
composer.json
file stricter, i.e. using something like2.3.*
as a constraint instead of^2.3
.If at some point in the future, a non-dev, run-time dependency would be introduced, the decision to remove the
composer.lock
file can be revisited.Important notice for developers working on this plugin:
composer update
after this PR has been merged.composer update
instead ofcomposer install
for this plugin whenever thecomposer.json
file has been updated or whenever the dev has switched PHP version for the local dev environment.Test instructions for the acceptance test before the PR gets merged
This PR can be acceptance tested by following these steps:
composer update
and see the following updated dependencies being pulled in:composer check-cs
orcomposer test
and confirm that all still works as expected.