Increase minimum requirement to PHP 5.6

ezyang / htmlpurifier

Standards compliant HTML filter written in PHP

http://htmlpurifier.org

GNU Lesser General Public License v2.1

3.07k stars 327 forks source link

Increase minimum requirement to PHP 5.6 #331

Closed TimWolla closed 2 years ago

TimWolla commented 2 years ago

This PR is intended to spark a discussion.

While creating the PHP 8.2 deprecation corrections I've found it very painful to work with the codebase, because it is just so different from anything I regularly work with. At a certain points will also become really painful to support such a broad range of versions, requiring to add workarounds for ancient PHP versions no one really uses in practice any longer.

I've opted to upgrade to PHP 5.6 as a conservative-ish suggestion:

5.2 and 5.3 are technically supported based on composer.json. However they are not tested in CI, so who knows if they actually work.
5.4 and 5.5 are no longer supported even by WordPress which itself is very conservative with increasing its PHP requirements.

Thus 5.6 it is, following WordPress' lead. Personally I'd prefer 7.0 if you are comfortable with it, as that allows one to completely disregard everything that happened before the PHP 7 major.

bytestream commented 2 years ago

I'm not against increasing the version requirements.

However:

The library hasn't had any new features for a while, it's pretty much been in maintenance mode. I'm not sure there's adequate reason to bump the requirement.

At a certain points will also become really painful to support such a broad range of versions, requiring to add workarounds for ancient PHP versions no one really uses in practice any longer.

In my experience, most of the pain comes from other packages changing their dependencies. That argument hasn't come to fruition yet, mainly because the only external dependency we have is simpletest. That being said, now that we're pretty much having to maintain simpletest ourselves, at some point that's likely to become burdensome and increasingly difficult. There could be argument, at that time, to switch to something like PHPUnit which would then dictate the PHP requirements for HTMLPurifier...

TimWolla commented 2 years ago

The library hasn't had any new features for a while, it's pretty much been in maintenance mode. I'm not sure there's adequate reason to bump the requirement.

There's already some changes which effectively "increase" the requirements, e.g. this one: #326.

I'd also claim that maintenance is easier when you don't need to concern yourself with all the details of those older PHP versions. Do you know what changed between 5.2 and 5.3 from the top of your head? I certainly don't and even php.net does not have an upgrading guide for these versions. The oldest one is from 5.5 to 5.6.

I'm not saying that this increase in requirements should be used to make useless changes such as array() to [], but if a [] slips in when making a necessary change then it's a good thing if you don't need to point that out during review.

ezyang commented 2 years ago

If it's not in CI it doesn't exist. 5.6 sgtm.