Improve add missing workflow, update CVE checks #31
Conversation
The 'missing' command is great for updates, but needs some TLC to make it easier to use. * Added option 'save-results' to allow the results to be automatically added to the checks.json * Enforce sorting of the checks.json file every time the missing command is ran * Save the timestamp to checks.json as 'updatedAt' to give a reference period for how old the checks are * Add php7 changelog to the missing checker * 'sunra/php-simple-html-dom-parser' is dead and throwing a ton of errors for newer versions of PHP. Replace it with an updated fork 'kub-at/php-simple-html-dom-parser' * Bump min php version since the array syntax is not avaliable before php 5.4 * Add ext-json as a dependency
lightswitch05
force-pushed
the
feature/improve-add-missing-workflow
branch
from
078535a
to
5af2463
Compare
|
With the improved workflow - I think there might be a path forward to have an automated run of the 'missing' command in travis ci. Automation could be done on a separate branch, with a manual review of the results before merging into master. |
|
@enygma I wouldn't mind setting up the automation if that is something you are interested in. I also would be interested in helping you maintain this project if you need assistance. Automation with travis-ci would certainly require maintenance and more review work. Having more people with merge ability would help get the CVE updates out faster. Just for reference, there was a new release today - 7.3.9 - that fixes a CVE in 7.3.8. I didn't even know about it until I was testing my updates here. |
I have not tested this out myself, but I do like the proposed approach here.
|
It would be nice if more then one person had pull permissions on this repo |
|
@enygma is this tool abandoned? |
I have permissions on this repo and would be happy to merge this :)
I was hoping for @enygma to weigh in here, since I generally only help with updating checks.json and minor bugfixes, leaving the larger things (plus releasing new versions) up to him. But I feel this change isn't too massive and is obviously beneficial so let's merge it :)
|
Thanks @colinodell! Do you also have access to packagist? |
|
I do not, just the Github repo. |
|
Er, the version on Packagist updates when a new release is tagged here, not manually on the service. I can definitely push a new tag if that's needed! |
The 'missing' command is great for updates, but needs some TLC to make it easier to use.
Finally, I ran the 'missing' command with the changes I made and committed the updated checks.