Move away from SebastianBergmann\Git

[drzraf]

1. This is an additional dependency
2. This dep' is unmaintained for 2 years
3. This dep' depends upon PHP exec() = not making things actually safer

Simply wrapping exec(bin/git) code could be done by git-sync plugin itself without the need of a packagist dependency at all.

If wrapping /usr/bin/git is better (IMHO it only makes sense in order to avoid having git installed or exec enabled), then below solution exist (but none seems maintained):

• http://gitonomy.com/doc/gitlib/master/ seems better in that it's a pure-PHP git implementation
• https://github.com/garvins/php-git
• https://github.com/patrikf/glip

[w00fz]

I have been thinking about moving away from the sebastianbergmann/git dependency myself since I know it's been an archived dependency. However, every time I go and look at it, I realize how simple of a dependency it is that i feel it's not worth worrying about.

Really all the library does is wrapping the git execution command and add exceptions management (which arguably could be get rid of), which is exactly all I need for GitSync. Although you are right in saying I could basically just do it myself without loading the library, I don't think I would do it any differently than SebastianBergmann is doing which is why I just ended up keeping that dependency.

All the other libraries I found around are either doing more than I actually need/want or have requirements that I am not willing to put on the GitSync users.

For instance with the libraries you bring up I have these issues:

1. gitonomy/gitlib this library is mainly meant to be used as a server/client solution. It is quite interesting but it's definitely way beyond GitSync scope. All I would probably end up using is the run command.
2. php-git requires that every user of GitSync has this php-git binding compiled on their servers. I definitely cannot and don't want to do this, I know it will be a problem for many.
3. glip aside from the fact that also glip is unmaintained, I am not a big fan of this implementation. It is way too low-level and frankly manipulating the .git files via php like that is hardly any better than just letting git do it. The risk of failing a repository is just too high and I wouldn't want to put GitSync under such responsibility. It is definitely a fascinating concept, just not for me.

I am doing some advanced git operations with GitSync and I like the idea of having total freedom and control in how I build up the commands. I don't think it should be a concern the fact that SebastianBergmann\Git library is archived, however I am definitely considering getting away from it and just keep everything in-house.

Thanks for bringing this up by the way, I really appreciate it. If you feel like contributing with a PR the dependency removal and keeping the class within GitSync that would be appreciated, otherwise I will be looking at this at some point.

Cheers!