search

humbug / phar-updater

A thing to make PHAR self-updates easy and secure
BSD 3-Clause "New" or "Revised" License
368 stars 27 forks source link

Added support for PHP 5.3.3 #8

Closed webmozart closed 9 years ago

webmozart commented 9 years ago

This branch replaces the short by the long array notation to add support for PHP 5.3.3.

GrahamCampbell commented 9 years ago

:-1:

GrahamCampbell commented 9 years ago

I really don't want to see new libraries supporting EOL php. :(

webmozart commented 9 years ago

@GrahamCampbell That depends largely on the target audience. For very low-level libraries with a large target audience, support for 5.3 is unfortunately still mandatory.

For high-level libs or frameworks, that's a different story, of course..

stof commented 9 years ago

@GrahamCampbell not supporting PHP 5.3 in this library means that any tools which wants to keep support for 5.3 would have to implement phar-updating themselves rather than using this secure implementation. So supporting 5.3 here is a good idea

GrahamCampbell commented 9 years ago

Or it just forces them off php 5.3...

stof commented 9 years ago

@padraic tests checking that phars signed with openssl are updated should be skipped if the system running the tests does not have Openssl

webmozart commented 9 years ago

@GrahamCampbell You can do that if you change the min version for large and established projects (ZF, Symfony, Typo3, ..). New and yet unused libraries won't force anyone.

GrahamCampbell commented 9 years ago

@webmozart Symfony is moving forward though. 2.7 needs more than just php 5.3.3 now, and 3.0 will need 5.5.9+.

stof commented 9 years ago

@GrahamCampbell sure. but phar-updater does not have the same power. If it requires 5.4+, projects allowing 5.3 today will just avoid switching to phar-updater

webmozart commented 9 years ago

I added 5.3 to travis.yml and marked the tests as skipped now that fail if openssl is not installed. Travis is green now.

padraic commented 9 years ago

I'd prefer to see folk adopt secure updates, and the reality is that phar-updater is genuinely too small with the sole 5.4 feature used being short array syntax. 5.4 adoption is better driven by larger units of functionality. I already have Humbug and Mockery at 5.4, so compromise is fine by me on this significantly smaller focused package.

padraic commented 9 years ago

I'll tag a new release in a few hours @webmozart.

webmozart commented 9 years ago

Thanks a lot, much appreciated :)

padraic commented 9 years ago

And tagged.

webmozart commented 9 years ago

Awesome! :clap: