brayniverse
commented
8 years ago Migrations ask you to confirm when on production env, maybe we can prompt people before performing the tasks.
Closed kevinvdburgt closed 6 years ago
brayniverse
commented
8 years ago Migrations ask you to confirm when on production env, maybe we can prompt people before performing the tasks.
jlaswell
commented
8 years ago There is a package that allows for this functionality if required. I'm not a fan of making decisions to inhibit developers by disabling or hiding things, but I can understand a prompt. I don't this this should be part of core either way.
brayniverse
commented
8 years ago I concur that to inhibit developers from executing certain artisan commands in production environments is not a good idea. However, I disagree that precautions should not be part of the core framework. Confirming before migrating in a production environment has saved my arse on multiple occasions. That said, I don't see value in confirming before executing or disabling any of the "make" commands because I don't see them as harmful like migrations and seeding can be.
What arguments are there for preventing "make" commands on production? Other than you don't think you would ever need to do it. And are there any other commands that we should consider?
kevinvdburgt
commented
6 years ago The reason behind this is that server admins are messing around with artisan commands (some sysadmin of a client was already messing around with the make command...).
However, I think the package @jlaswell mentioned kinda will do the trick.
sisve
commented
6 years ago ... server admins are messing around ...
There's an attack vector that cannot be solved with code. Have you tried shock collars?
Yesterday i was thinking of the following situation:
What if you are running
php artisanon a production environment, why should i ever usephp artisan make:(model, controller etc..)? Instead, isnt it just a better option to disable/hide some artisan commands when theAPP_ENVhas been set onproduction?