Allow PHP 8

[MidnightDesign]

No description provided.

[Ocramius]

https://github.com/maglnet/ComposerRequireChecker/pull/201/checks?check_run_id=1252051299#step:7:10

Seems like composer.lock needs an update.

composer update nothing could suffice

[MidnightDesign]

https://github.com/maglnet/ComposerRequireChecker/pull/201/checks?check_run_id=1252051299#step:7:10

Seems like composer.lock needs an update.

composer update nothing could suffice

Ah, of course. I'm not used to having lockfiles in projects I contribute to.

[Ocramius]

Ha, need to update my own dependencies now :D

[Ocramius]

I'm not used to having lockfiles in projects I contribute to.

Just to be clear, those are only in place so that tools like phpcs, psalm, phpstan etc do not change randomly and report slightly different results :)

[MidnightDesign]

Just to be clear, those are only in place so that tools like phpcs, psalm, phpstan etc do not change randomly and report slightly different results :)

Yeah, obviously. I was thinking about this as a library, when I should have been thinking about it as a project.

[martinssipenko]

Any updates on this? Is there anything I could do to get this done?

[Ocramius]

I'd say #208 needs to happen first. What we got here is mostly dependency issues, for now.

[martinssipenko]

@Ocramius #208 is merged what am I missing?

[Ocramius]

@martinssipenko just a rebase needed now :-)

[MidnightDesign]

Now we're waiting on webmozarts/glob#21

[Firehed]

If there's a hold-up there, it seems like there's only one use of that dependency (ComposerRequireChecker\FileLocator\LocateFilesByGlobPattern) which seems like it could probably be factored out. Though I suppose it could have implications on advanced use-cases with custom configs (my gut check says they'd be rare based on the intersection of people that would use this and people with non-autoloaded source code)

[Ocramius]

If there's a hold-up there

PHP 8 was released last week: I'd call "hold up" when it's February/March :-)

[MidnightDesign]

I think @Firehed isn't completely off here. Maybe the dependency could be loosened/removed even if the pull request over there is merged. Fewer dependencies is (almost) always a good thing I think.

[martinssipenko]

webmozarts/glob version 4.2.0 was just erleased with suppport for PHP8. @MidnightDesign can you bump the deps please?

[DanielBadura]

@MidnightDesign could you add PHP8 to the matrix for the phar creation action? Then @OskarStark could test if his issue which he opened the last days is resolved via the phar that gets build in the CI process. I think this would be awesome 🥇

[MidnightDesign]

@MidnightDesign could you add PHP8 to the matrix for the phar creation action? Then @OskarStark could test if his issue which he opened the last days is resolved via the phar that gets build in the CI process. I think this would be awesome

You mean in the GitHub Actions config, right? Will do.

Would it be useful to add it to any other workflows? Do Psalm or PHPStan do something differently depending on the version? What about require-checker.yml?

[Ocramius]

require-checker.yml is quite agnostic, but needs to run on 7.x for another while...

[OskarStark]

Can you help me out how to test this? Before I just installed the phar via PHIVE 🤔

[Ocramius]

@OskarStark make a new directory, add a composer.json with a packages section listing @MidnightDesign's branch, add the exact version as dependency and run composer update

[OskarStark]

I used:

{
    "name": "test/foo",
    "type": "project",
    "description": "Test",
    "license": "proprietary",
    "repositories": [
        {
            "type": "vcs",
            "url": "https://github.com/MidnightDesign/ComposerRequireChecker.git"
        }
    ],
    "require": {
        "maglnet/composer-require-checker": "dev-patch-1"
    }
}

->

Loading composer repositories with package information
Updating dependencies
Lock file operations: 15 installs, 0 updates, 0 removals
  - Locking maglnet/composer-require-checker (dev-patch-1 57ed1dc)
  - Locking nikic/php-parser (v4.10.4)
  - Locking psr/container (1.0.0)
  - Locking symfony/console (v5.2.1)
  - Locking symfony/polyfill-ctype (v1.22.0)
  - Locking symfony/polyfill-intl-grapheme (v1.22.0)
  - Locking symfony/polyfill-intl-normalizer (v1.22.0)
  - Locking symfony/polyfill-mbstring (v1.22.0)
  - Locking symfony/polyfill-php73 (v1.22.0)
  - Locking symfony/polyfill-php80 (v1.22.0)
  - Locking symfony/service-contracts (v2.2.0)
  - Locking symfony/string (v5.2.1)
  - Locking webmozart/assert (1.9.1)
  - Locking webmozart/glob (4.2.0)
  - Locking webmozart/path-util (2.3.0)
Writing lock file
Installing dependencies from lock file (including require-dev)
Package operations: 15 installs, 0 updates, 0 removals
  - Downloading webmozart/glob (4.2.0)
  - Syncing maglnet/composer-require-checker (dev-patch-1 57ed1dc) into cache
  - Installing symfony/polyfill-ctype (v1.22.0): Extracting archive
  - Installing webmozart/assert (1.9.1): Extracting archive
  - Installing webmozart/path-util (2.3.0): Extracting archive
  - Installing webmozart/glob (4.2.0): Extracting archive
  - Installing symfony/polyfill-php80 (v1.22.0): Extracting archive
  - Installing symfony/polyfill-mbstring (v1.22.0): Extracting archive
  - Installing symfony/polyfill-intl-normalizer (v1.22.0): Extracting archive
  - Installing symfony/polyfill-intl-grapheme (v1.22.0): Extracting archive
  - Installing symfony/string (v5.2.1): Extracting archive
  - Installing psr/container (1.0.0): Extracting archive
  - Installing symfony/service-contracts (v2.2.0): Extracting archive
  - Installing symfony/polyfill-php73 (v1.22.0): Extracting archive
  - Installing symfony/console (v5.2.1): Extracting archive
  - Installing nikic/php-parser (v4.10.4): Extracting archive
  - Installing maglnet/composer-require-checker (dev-patch-1 57ed1dc): Cloning 57ed1dc74a from cache
5 package suggestions were added by new dependencies, use `composer suggest` to see details.
Generating autoload files
9 packages you are using are looking for funding.
Use the `composer fund` command to find out more!

->

~/dev/test • test/vendor/bin/composer-require-checker
ComposerRequireChecker dev-patch-1@57ed1dc74af28e5613a3f65929b39f3011c2a76b
There were no unknown symbols found.

with

~/dev/test • php -v
PHP 8.0.1 (cli) (built: Jan  8 2021 02:39:34) ( NTS )
Copyright (c) The PHP Group
Zend Engine v4.0.1, Copyright (c) Zend Technologies
    with Zend OPcache v8.0.1, Copyright (c), by Zend Technologies

Looks good to me 👍

[Ocramius]

LGTM 🚢

[Ocramius]

Rolling out a release ASAP

[martinssipenko]

@Ocramius will 3.0 phar also be available for download from releases?

[Ocramius]

No idea if that's automated, sorry: for now I released for the "traditional" approach, which allows most projects to start using the dependency again after upgrading to php 8

[Ocramius]

Ok, it requires manual steps: https://twitter.com/MaGlNet/status/1351079268831416323

I can't do a release, since my GPG key is not really part of that trust chain.

[martinssipenko]

All previous versions had phar files available, perhaps you could manually add them to release? This project works better if used as phar instead of composer install as it does not need to drag in unnecessary packages that often conflict with project's requirements.

[Ocramius]

Please re-read what I just wrote, slowly.

[martinssipenko]

Just read your last comment, after posting my previous one. Great! I'll keep an eye on it. Thanks!

[maglnet]

@martinssipenko
I just added a manually build phar file to the release:
https://github.com/maglnet/ComposerRequireChecker/releases/tag/3.0.0

[martinssipenko]

Thank you!