Replies: 1 comment 3 replies
-
No no no, that's completely unsupported. Because it simply does not work for analysing projects. Everybody should be using the PHAR from phpstan/phpstan. I'm happy to help you with any PHAR-related questions, but you should really avoid using phpstan-src like that. |
Beta Was this translation helpful? Give feedback.
3 replies
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
-
Hello,
I've been packaging PHPStan in Nix using the
phpstan-src
repository. Just a heads-up, we're all in on using source code instead of PHARs (nix recommandations). But let's not get sidetracked by that debate now; we can save it for another day if you really want to get into it.I'm opening this discussion because while building PHPStan (just running
composer install
basically), we noticed that thecomposer validate
step is failing:This validation step is a blocker in the process of publishing a PHP app in Nix. To get around it for PHPStan, I added a specific flag
composerStrictValidation
and set it tofalse
to chill out the validation step, making it not so strict. And guess what? It's been working out pretty well since then.So, why am I bringing this up? I'm curious about the logic behind using exact version constraints in
composer.json
when we've already got acomposer.lock
to keep our dependencies in check. Ifcomposer.lock
does the job, why double down incomposer.json
?I'd love to hear your thoughts on this.
To give you an idea on the effort needed to fix the issue, this simple patch fixes it, let me know if you'd be keen to merge it.
Thanks
Beta Was this translation helpful? Give feedback.
All reactions