-
-
Notifications
You must be signed in to change notification settings - Fork 2.1k
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Add composer-require-checker to the CI build #10664
Conversation
mmenozzi
commented
Sep 9, 2019
Q | A |
---|---|
Branch? | master |
Bug fix? | no |
New feature? | no |
BC breaks? | no |
Deprecations? | no |
Related tickets | #10648 |
License | MIT |
a5e5685
to
28212cc
Compare
Hi guys, |
@pamil @lchrusciel @Zales0123 what do you think? |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
At first glance, it looks good 👍 And I like the idea of having no soft dependencies in the composer. But still, I would like to see @pamil and @lchrusciel opinions 🚀
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
I hope, we won't have too many problems with maintenance of it (I'm worried mostly about dynamic changes in composer,json file). Other then that, I'm all in.
Maybe it would be better to add it to only one of the jobs?
etc/travis/suites/application/script/validate-composer-dependencies
Outdated
Show resolved
Hide resolved
etc/travis/suites/application/script/validate-composer-dependencies
Outdated
Show resolved
Hide resolved
What is the status of this PR? It looks good for me, to give it a try 👌 cc @pamil @lchrusciel |
This issue has been automatically marked as stale because it has not had any recent activity. It will be closed in a week if no further activity occurs. Thank you for your contributions. |
Hey @mmenozzi, how do you fill about reviving this? |
Hi @vvasiloi, I'd be happy to revive this if Sylius core team agree to merge this as soon as it will be ready. |
Hey @mmenozzi, you have my full support and I can assure you that the core team won't let you down on this one the second time. |
Ok @vvasiloi thank you! I'll do my best to get this work done asap. |
2cb42b1
to
49c512d
Compare
Hi @vvasiloi, currently if someone uses the How you'd handle that? |
@mmenozzi no one should use that class in their application, it was deprecated in Sylius 1.3. |
Yes @vvasiloi I see that is deprecated since Sylius 1.3. But deprecated does not mean removed. Deprecated means that we should support it until Sylius 2.0. Instead that class does not work anymore since someone removed required packages from composer.json (for example the DoctrineCacheBundle).
I'd go with the option number 2. |
@mmenozzi Tough choice. I remembered now that Sylius broke that compatibility in 1.7: #12463.
The I don't think it's worth supporting that upgrade path anymore, especially since it was unfortunately broken long ago. We might be able to bring back the BC for this class in Sylius 1.10 and 1.11, because those still support Symfony 4, but again, I don't think it's worth it. Anyway, regardless of which path we choose, it should not be part of this PR. @Sylius/core-team I would love to see more opinions on this issue. |
I would also go for option 2. As you said, it has been broken for a while now, and upgrading to 5.x/6.x should be the way. IMO it is okay to ask a few changes in a project when upgrading if there are valid reasons. In that case, as you said again, no-one should use this Kernel, so "forcing" them to make the switch is fine as long as it is documented in upgrade files. |
Ok @vvasiloi but this leads to option 3 for this PR. I don't like it that much because every symbol we whitelist in the ComposerRequireChecker configuration is global and not only for a certain usage. So we have to remember that there are those "cleanup PRs" to be made in the future. I wonder if it would be better to delete that old Kernel class in this PR. |
@mmenozzi True, it's going to be a bit messy. However, going from no dependency checks at all to checking most dependencies, but with quite a few exceptions is still good. We can open the follow-up PR(s) right after merging this. |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Hey folks. Thanks a lot for comments and pushing this topic forward. I can agree, that the current solution is the best to move this topic forward and then do it case by case. At the current state, I would love to merge it, but the build is red.
Yes @lchrusciel it's red because it's still work in progress. |
016b246
to
b4e39e4
Compare
d24ea0f
to
0621d18
Compare
Sylius\Bundle\CoreBundle\EventListener\CircularDependencyBreakingExceptionListener uses two class from symfony/http-kernel that have been removed in version 5. So currently Sylius it's not really compatible with both symfony/http-kernel 4 and 4: this MUST be fixed.
swiftmailer/swiftmailer is already required but has a PSR-0 autoloading which is not supported by ComposerRequireChecker.
The experimental Sylius\Bundle\ApiBundle\Behat\Extension\SyliusApiBundleExtension and its Sylius\Bundle\ApiBundle\Behat\Tester\ApiScenarioEventDispatchingScenarioTester are using some Behat symbols and Behat is, of course, not required. I don't know if this experimental ApiBundle extension is used or not. Anyway this MUST be fixed.
hwi/oauth-bundle is an optional dependency because its symbols are used by Sylius\Bundle\CoreBundle\OAuth\UserProvider which in turn is used only if configured. IMHO this could be improved by extracting this feature in a separate dependency, See: * https://docs.sylius.com/en/1.9/cookbook/shop/facebook-login.html * Sylius#10664 (comment)
0621d18
to
b60d6ce
Compare
hwi/oauth-bundle is an optional dependency because its symbols are used by Sylius\Bundle\CoreBundle\OAuth\UserProvider which in turn is used only if configured. IMHO this could be improved by extracting this feature in a separate dependency, See: * https://docs.sylius.com/en/1.9/cookbook/shop/facebook-login.html * Sylius#10664 (comment)
b60d6ce
to
5d4765e
Compare
Hi @vvasiloi and @lchrusciel, I created separate commits for each issue that, in my opinion, must be fixed in separate PR. In those commits comment you can find more information about the issue, they are the following:
Remember that for ComposerRequireChecker every whitelisted symbol is global and not limited to a certain usage. For this reason there should be less whitelisted symbol as possible. Think for example to the After this PR will be merged I will create 3 separate issues to track down those problems. |
Thank you, @mmenozzi! Great work! 🥇 |
Thank you @vvasiloi! |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Hey Manuele!
Thanks a lot for your contribution! I feel sorry, that we keep you waiting for over two years, but luckily Victor bring this topic again to light. After all this time, lest finally merge it!
Yeah! Thank you guys! 🎉 |