Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

chore(composer): Update composer dependencies #2107

Merged
merged 3 commits into from Feb 15, 2022
Merged

chore(composer): Update composer dependencies #2107

merged 3 commits into from Feb 15, 2022

Conversation

GMishx
Copy link
Member

@GMishx GMishx commented Oct 6, 2021
edited

Description

Since least version of PHP on supported OS is 7.2.24, updating all composer dependencies to highest possible version.
This brings various new features and some vulnerability fixes as well.

A list of changes:

Dependency Old version New version Remarks
container-interop/container-interop 1.2.0 - Abandoned, replaced with psr/container.
doctrine/instantiator 1.0.5 1.4.0
easyrdf/easyrdf 0.9.0 1.1.1
firebase/php-jwt v5.2.0 v5.5.1
guzzlehttp/guzzle 6.5.5 7.4.1
mockery/mockery 1.3.3 1.3.5
monolog/monolog 1.25.5 2.3.5
myclabs/deep-copy 1.7.0 1.10.2
php-coveralls/php-coveralls v2.4.2 v2.5.2
phpoffice/phpspreadsheet 1.8.2 1.19.0
phpoffice/phpword 0.17.0 0.18.2
phpstan/phpstan 0.9.3 1.2.0
phpunit/phpunit 6.5.14 8.5.20
sebastian/phpcpd 3.0.1 4.1.0
slim/slim 3.12.3 4.8.1
squizlabs/php_codesniffer 3.5.8 3.6.1
symfony/config v3.4.46 v5.3.4
symfony/dependency-injection v3.4.46 v5.3.7
symfony/http-foundation v3.4.46 v5.3.7
symfony/yaml v3.4.46 v5.3.6
twig/extensions v1.5.4 v1.5.4 Abandoned, replaced with symfony/translate for trans filter
twig/twig v2.12.5 v3.3.4
symfony/translation - v5.3.9 Required for trans filter
symfony/mime - v5.3.8 Required to guess mimetype of files to download
slim/psr7 - 1.4 DI container for slim, rebuilds symfony/di

Other changes:

  • RDF patch is no longer required as dependency is updated.
  • Fix PHPUnit test case signatures.
  • Update services.xml as by default they are private.
  • Fix monolog functions
  • Fix Twig class names and namespaces
  • New custom filter for trans with symfony
  • Some UI fixes
  • Convert all trans tags to trans filters
  • Fixes in Twig templates
  • New helper functions in REST API.

How to test

  • Install FOSSology
  • Check if every UI is working
  • Check if reports are working
  • Check if PHP agents are working
  • Check if REST API is working

shaheemazmalmmd
shaheemazmalmmd approved these changes Oct 6, 2021
View reviewed changes
Copy link
Contributor

@shaheemazmalmmd shaheemazmalmmd left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Code looks good. Needs test

@github-actions github-actions bot added the has merge conflicts PR to be rebased label Oct 29, 2021
@github-actions
Copy link

This pull request has conflicts, please rebase with master to resolve those before we can evaluate the pull request.

@github-actions github-actions bot removed the has merge conflicts PR to be rebased label Nov 3, 2021
@GMishx GMishx force-pushed the feat/php/update-deps branch 3 times, most recently from 9aafaf6 to d733d78 Compare November 3, 2021 10:49
@GMishx GMishx force-pushed the feat/php/update-deps branch 2 times, most recently from e2d2505 to 77a0893 Compare December 9, 2021 09:34
@GMishx GMishx added the WIP label Dec 9, 2021
@GMishx GMishx force-pushed the feat/php/update-deps branch 2 times, most recently from 0e59bfe to 1b94510 Compare December 9, 2021 12:37
@GMishx GMishx removed the WIP label Dec 9, 2021
@github-actions github-actions bot added the has merge conflicts PR to be rebased label Dec 28, 2021
@github-actions
Copy link

This pull request has conflicts, please rebase with master to resolve those before we can evaluate the pull request.

@github-actions github-actions bot removed the has merge conflicts PR to be rebased label Jan 4, 2022
@github-actions
Copy link

This pull request has conflicts, please rebase with master to resolve those before we can evaluate the pull request.

@github-actions github-actions bot added the has merge conflicts PR to be rebased label Jan 19, 2022
@github-actions github-actions bot removed the has merge conflicts PR to be rebased label Jan 31, 2022
@GMishx GMishx added this to the 4.1.0 milestone Feb 3, 2022
@shaheemazmalmmd
Copy link
Contributor

Can you please fix the warning.

[Fri Feb 11 11:16:22.932065 2022] [php7:notice] [pid 173601] [client 10.0.2.2:62359] PHP Warning:  require(/usr/local/share/fossology/vendor/composer/../symfony/deprecation-contracts/function.php): failed to open stream: No such file or directory in /usr/local/share/fossology/vendor/composer/autoload_real.php on line 66, referer: http://localhost:2211/repo/?mod=showjobs
[Fri Feb 11 11:16:22.932087 2022] [php7:notice] [pid 173601] [client 10.0.2.2:62359] PHP Stack trace:, referer: http://localhost:2211/repo/?mod=showjobs
[Fri Feb 11 11:16:22.932091 2022] [php7:notice] [pid 173601] [client 10.0.2.2:62359] PHP   1. {main}() /usr/local/share/fossology/www/ui/index.php:0, referer: http://localhost:2211/repo/?mod=showjobs
[Fri Feb 11 11:16:22.932095 2022] [php7:notice] [pid 173601] [client 10.0.2.2:62359] PHP   2. bootstrap() /usr/local/share/fossology/www/ui/index.php:39, referer: http://localhost:2211/repo/?mod=showjobs
[Fri Feb 11 11:16:22.932098 2022] [php7:notice] [pid 173601] [client 10.0.2.2:62359] PHP   3. require_once() /usr/local/share/fossology/lib/php/bootstrap.php:117, referer: http://localhost:2211/repo/?mod=showjobs
[Fri Feb 11 11:16:22.932101 2022] [php7:notice] [pid 173601] [client 10.0.2.2:62359] PHP   4. require_once() /usr/local/share/fossology/lib/php/common.php:38, referer: http://localhost:2211/repo/?mod=showjobs
[Fri Feb 11 11:16:22.932105 2022] [php7:notice] [pid 173601] [client 10.0.2.2:62359] PHP   5. ComposerAutoloaderInitd95853548ec9d3b7b620987614732d24::getLoader() /usr/local/share/fossology/vendor/autoload.php:7, referer: http://localhost:2211/repo/?mod=showjobs
[Fri Feb 11 11:16:22.932108 2022] [php7:notice] [pid 173601] [client 10.0.2.2:62359] PHP   6. composerRequired95853548ec9d3b7b620987614732d24() /usr/local/share/fossology/vendor/composer/autoload_real.php:56, referer: http://localhost:2211/repo/?mod=showjobs

@github-actions github-actions bot removed the has merge conflicts PR to be rebased label Feb 11, 2022
@github-actions
Copy link

This pull request has conflicts, please rebase with master to resolve those before we can evaluate the pull request.

@github-actions github-actions bot added the has merge conflicts PR to be rebased label Feb 11, 2022
@github-actions github-actions bot removed the has merge conflicts PR to be rebased label Feb 11, 2022
@github-actions
Copy link

This pull request has conflicts, please rebase with master to resolve those before we can evaluate the pull request.

@github-actions github-actions bot added the has merge conflicts PR to be rebased label Feb 14, 2022
@github-actions github-actions bot removed the has merge conflicts PR to be rebased label Feb 14, 2022
@GMishx
chore(composer): Update composer dependencies
8d245be 
Since least version of PHP on supported OS is 7.2.24, updating all
composer dependencies to highest possible version.
This brings various new features and some vulnerability fixes as well.

| Dependency | Old version | New version | Remarks |
| --- | --- | --- | --- |
| container-interop/container-interop | 1.2.0 | - | Abandoned, replaced with `psr/container`. |
| doctrine/instantiator               | 1.0.5   | 1.4.0   ||
| easyrdf/easyrdf                     | 0.9.0   | 1.1.1   ||
| firebase/php-jwt                    | v5.2.0  | v5.4.0  ||
| guzzlehttp/guzzle                   | 6.5.5   | 7.3.0   ||
| mockery/mockery                     | 1.3.3   | 1.3.5   ||
| monolog/monolog                     | 1.25.5  | 2.3.4   ||
| myclabs/deep-copy                   | 1.7.0   | 1.10.2  ||
| php-coveralls/php-coveralls         | v2.4.2  | v2.4.3  ||
| phpoffice/phpspreadsheet            | 1.8.2   | 1.18.0  ||
| phpoffice/phpword                   | 0.17.0  | 0.18.2  ||
| phpstan/phpstan                     | 0.9.3   | 0.12.99 ||
| phpunit/phpunit                     | 6.5.14  | 8.5.20  ||
| sebastian/phpcpd                    | 3.0.1   | 4.1.0   ||
| slim/slim                           | 3.12.3  | 4.8.1   ||
| squizlabs/php_codesniffer           | 3.5.8   | 3.6.0   ||
| symfony/config                      | v3.4.46 | v5.3.4  ||
| symfony/dependency-injection        | v3.4.46 | v5.3.7  ||
| symfony/http-foundation             | v3.4.46 | v5.3.7  ||
| symfony/yaml                        | v3.4.46 | v5.3.6  ||
| twig/extensions                     | v1.5.4  | v1.5.4  | Abandoned, replaced with `symfony/translate` for `trans` filter |
| twig/twig                           | v2.12.5 | v3.3.3 ||
| symfony/translation | - | v5.3.9 | Required for trans filter |
| symfony/mime | - | v5.3.8 | Required to guess mimetype of files to download |

Other changes:
* RDF patch is no longer required as dependency is updated.
* Update services.xml as by default they are private.
* Fix monolog functions
* Fix Twig class names and namespaces
* New custom filter for `trans` with symfony
* Some UI fixes
* Convert all trans tags to trans filters
* Fixes in Twig templates
* Fix EasyRdf imports and license dao changes.

Signed-off-by: Gaurav Mishra <mishra.gaurav@siemens.com>
@GMishx
fix(phpunit): Fix function signature for PHPUnit
b37948f 
Signed-off-by: Gaurav Mishra <mishra.gaurav@siemens.com>
@GMishx
fix(rest): Slim fixes for REST API
fc603ef 
Make changes required for Slim framework v4.

Signed-off-by: Gaurav Mishra <mishra.gaurav@siemens.com>
@shaheemazmalmmd shaheemazmalmmd merged commit da87766 into fossology:master Feb 15, 2022
@shaheemazmalmmd shaheemazmalmmd deleted the feat/php/update-deps branch February 15, 2022 07:12
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@shaheemazmalmmd shaheemazmalmmd shaheemazmalmmd approved these changes

Assignees
No one assigned
Labels
enhancement ready
Projects
None yet
Milestone
4.1.0
Development

Successfully merging this pull request may close these issues.

None yet
2 participants
@GMishx @shaheemazmalmmd