search

phar-io / phive

The Phar Installation and Verification Environment (PHIVE)
https://phar.io
BSD 3-Clause "New" or "Revised" License
580 stars 45 forks source link

Unpredictable executable-names #220

Open temp opened 4 years ago

temp commented 4 years ago

When I installed phpdocumentor several times, I get different executable names... phpDocumentor and phpdocumentor.

Here is a recording of an example, inside of an alpine docker image with php 7.3:

$ cd /tmp/
$ mkdir foo
$ mkdir bar
$ cd foo
$ phive install phpdocumentor
Phive 0.13.2 - Copyright (C) 2015-2019 by Arne Blankerts, Sebastian Heuer and Contributors
Fetching repository list
Downloading https://phar.io/data/repositories.xml
Downloading https://api.github.com/repos/phpdocumentor/phpdocumentor2/releases
[WARNING]  phpdocumentor 3.0.0-alpha.4: No GPG Signature
[WARNING]  phpdocumentor 3.0.0-alpha.3: No GPG Signature
[WARNING]  phpdocumentor 3.0.0-alpha.2: No GPG Signature
[WARNING]  phpdocumentor 3.0.0-alpha1: No GPG Signature
Downloading https://github.com/phpDocumentor/phpDocumentor/releases/download/v2.9.0/phpDocumentor.phar
Downloading https://github.com/phpDocumentor/phpDocumentor/releases/download/v2.9.0/phpdocumentor.phar.asc
Downloading key 86BED3D6EFA8B121
Trying to connect to keys.openpgp.org (37.218.245.50)
Downloading https://keys.openpgp.org/pks/lookup?op=get&options=mr&search=0x86BED3D6EFA8B121
Successfully downloaded key.
[WARNING]  Parsing key data failed with error code 0: No UIDs in key found
Trying to connect to keys.fedoraproject.org (140.211.169.207)
Downloading https://keys.fedoraproject.org/pks/lookup?op=get&options=mr&search=0x86BED3D6EFA8B121
Successfully downloaded key.

    Fingerprint: 2D5F 68AB 6625 9357 38FB 23CA 86BE D3D6 EFA8 B121

    Jaapio (Jaap van Otterdijk) <jaap@polderknowledge.nl>
    Jaapio (Jaap van Otterdijk) <jaap@ijaap.nl>

    Created: 2017-01-30

Import this key? [y|N] y
Linking /root/.phive/phars/phpdocumentor-2.9.0.phar to /tmp/foo/tools/phpDocumentor

$ cd ..
$ cd bar/
$ phive install phpdocumentor
Phive 0.13.2 - Copyright (C) 2015-2019 by Arne Blankerts, Sebastian Heuer and Contributors
Linking /root/.phive/phars/phpdocumentor-2.9.0.phar to /tmp/bar/tools/phpdocumentor
$ cd ..
$ cat foo/phive.xml
<?xml version="1.0" encoding="UTF-8"?>
<phive xmlns="https://phar.io/phive">
  <phar name="phpdocumentor" version="^2.9.0" installed="2.9.0" location="./tools/phpDocumentor" copy="false"/>
</phive>
$ cat bar/phive.xml
<?xml version="1.0" encoding="UTF-8"?>
<phive xmlns="https://phar.io/phive">
  <phar name="phpdocumentor" version="^2.9.0" installed="2.9.0" location="./tools/phpdocumentor" copy="false"/>
</phive>
$ cat ~/.phive/phars.xml
<?xml version="1.0" encoding="UTF-8"?>
<phars xmlns="https://phar.io/phive/installdb">
  <phar name="phpdocumentor" version="2.9.0" location="/root/.phive/phars/phpdocumentor-2.9.0.phar">
    <hash type="sha1">ab1a4dce3c884d5187f4dff2833122c796cded24</hash>
    <signature fingerprint="2D5F68AB6625935738FB23CA86BED3D6EFA8B121"/>
    <usage destination="/tmp/foo/tools/phpDocumentor"/>
    <usage destination="/tmp/bar/tools/phpdocumentor"/>
  </phar>
</phars>

Relevant lines: Linking /root/.phive/phars/phpdocumentor-2.9.0.phar to /tmp/foo/tools/phpDocumentor and Linking /root/.phive/phars/phpdocumentor-2.9.0.phar to /tmp/bar/tools/phpdocumentor

theseer commented 4 years ago

Short assessment:

Name is actually not "unpredictable". It's case is changed to all lower.

The main difference between the two installations is that the first actually downloads the phar while the second uses the one from our local phar storage.

It further looks like that we, for the first, use the name as provided by the download location but store it in an all lower case variant in our storage. Given that the following installation relies on the name from the storage, the case changes.

That's clearly broken ;) but not sure yet if it's easy to fix in a BC compliant way.

I'll think about it. Nice catch!

temp commented 4 years ago

Another example, this time changing not only upper/lower case:

$ phive.phar install --force-accept-unsigned wapmorgan/PhpCodeAnalyzer
Phive 0.13.2 - Copyright (C) 2015-2020 by Arne Blankerts, Sebastian Heuer and Contributors
Downloading https://github.com/wapmorgan/PhpCodeAnalyzer/releases/download/1.0.6/phpca.phar
Linking /Users/swentz/.phive/phars/wapmorgan/phpcodeanalyzer-1.0.6.phar to /Users/swentz/bla/tools/phpca

$ phive.phar install --force-accept-unsigned wapmorgan/PhpCodeAnalyzer
Phive 0.13.2 - Copyright (C) 2015-2020 by Arne Blankerts, Sebastian Heuer and Contributors
Linking /Users/swentz/.phive/phars/wapmorgan/phpcodeanalyzer-1.0.6.phar to /Users/swentz/bla/tools/phpcodeanalyzer

$ ls tools/
phpca              
phpcodeanalyzer
theseer commented 4 years ago

Same original problem though: We use the name from the download (phpca.phar) for one, and our stored project name for the other.

Certainly an interesting bug but still not sure what a BC compliant fix would be?

buffcode commented 4 years ago

Certainly an interesting bug but still not sure what a BC compliant fix would be?

Use symlinks and create both files as BC layer. The next major only uses one clearly specified name.