Open keywan-ghadami-oxid opened 6 years ago
lemoinem
commented
6 years ago WoW, that's a great feature!
Thank you for your contribution. I'll need some time to review and provide you with constructive feedback, but I will try to come back to you soon.
lemoinem
commented
6 years ago @keywan-ghadami-oxid I'm sorry I haven't had the time to give you feedback on this, but I don't have much time lately. I'm not forgetting you. Hopefully I'll be able to look at your PR soon. Thanks for your patience.
keywan-ghadami-oxid
commented
5 years ago @lemoinem thank you for the feedback, I agree on all points. Unfortunately I am not sure if I will find time to fix that soon.
To all: any help by any volunteers are welcome, e.g. just
Webhooks
This is feature allows to get immediately updates to the composer registry if a new version (tag) was released. It comes with a lot of new security settings e.g. a webhook token can be defined, that is used to authenticate requests from gitlab, and a webhook url that is used to define the self url in a secure way. also some ip settings to restrict access to certain ips. Performance of webhooks is good, because they write directly in the cache files and by that they are avoiding the cache to become stale.
You may wonder about huge refactoring
Refactoring was made to make the script make object oriented with the idea of being able to reuse things easier and to separate things into different files. There is room for improvements because not everything was refactored yet. BTW the old code had it's beauty, anyway when continuing adding features it will hopefully be a benefit to move into this object oriented direction.
Outlook
The webhooks can be used to preserve the cache for a long time, but there is a known limitation: deleting a version/tag is not covered by the current logic (because it is not my major use case) and should be implemented in future to make things feature complete. Based on the refactoring maybe someone will add more features. The new authentication layer would allow to add new features e. G. a gitlab token based authenticate as alternative or addition to the IP based authentication.