Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Package sebastian/resource-operations is abandoned, you should avoid using it. #4828

Closed
anegve opened this issue Nov 24, 2021 · 8 comments
Closed

Package sebastian/resource-operations is abandoned, you should avoid using it. #4828

anegve opened this issue Nov 24, 2021 · 8 comments
Labels
type/bug Something is broken

Comments

@anegve
Copy link

anegve commented Nov 24, 2021

Q A
PHPUnit version 9.5.10
PHP version 7.4.3
Installation Method Composer

Summary

In #4806 sebastian/resource-operations got un-abandoned and then abandoned again. Can sebastian/resource-operations be made un-abandoned once more or changed on different package?
@anegve anegve added the type/bug Something is broken label Nov 24, 2021
@sebastianbergmann
Copy link
Owner

@Seldaek I keep un-abandoning this package and somehow Packagist seems to automatically abandon it. Is this because the repository is archived on GitHub?

@Seldaek
Copy link
Contributor

Seldaek commented Nov 24, 2021

Yes if it's archived we automatically abandon. Is there a good reason not to?

@sebastianbergmann
Copy link
Owner

Thank you for the explanation, Jordi.

I have no intention to ever work on https://github.com/sebastianbergmann/resource-operations again. Because of this, I have archived the repository. But there are versions of PHPUnit that are still supported that depend on this component. Apparently telling people to simply ignore the warning from Composer that an abandoned dependency is used is not an option.

I do not know what the right course of action is, but for now I will unarchive the repository so that the package will not get automatically abandoned on Packagist.

@Seldaek
Copy link
Contributor

Seldaek commented Nov 24, 2021

Ah perhaps you can set "abandoned": false in the composer.json of the default branch, and then archive it again, I'm thinking that should work to avoid the automatic behavior

@davereid
Copy link

FYI this was marked as archived again on March 13 2024 without the addition of abandoned: false so anything using PHPUnit 9 is getting marked as security failures again.

@davereid davereid mentioned this issue Mar 14, 2024
Closed
@sebastianbergmann
Copy link
Owner

PHPUnit 9 no longer receives bug fixes and a new release of PHPUnit 9 will only be made if a change in a new version PHP requires adaptation.

sebastianbergmann added a commit to sebastianbergmann/resource-operations that referenced this issue Mar 14, 2024
@sebastianbergmann
Follow suggestion by @Seldaek in sebastianbergmann/phpunit#4828 (comm…
692ecda 
…ent)
@sebastianbergmann
Copy link
Owner

I unarchived the repository, added abandoned: false to composer.json, tagged a new release, and archived the repository again.

As of right now, https://packagist.org/packages/sebastian/resource-operations shows the package as "not abandoned".

Hope that helps.

@davereid
Copy link

@sebastianbergmann Yes, thank you! Understood about PHPUnit 9 not getting any more fixes. The changes and updated release of resource-operations helps address the issue for the whole Drupal community since we currently depend on PHPUnit 9, although I'm sure there is an effort to update to the latest version.

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
type/bug Something is broken
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
4 participants
@sebastianbergmann @davereid @Seldaek @anegve