Comments (8)
phily245
commented on July 17, 2024
1
We've just tested & locked to a specific commit on master to support composer v2 alpha testing and remove the deprecation warnings, a return to semver would be good :)
Wish I could submit a PR for this!
from phpcs-security-audit.
danepowell
commented on July 17, 2024
Note that Composer 2 will be released in a few weeks, at which point these won't be just warnings any more, but potentially critical errors.
from phpcs-security-audit.
danepowell
commented on July 17, 2024
@jmarcil or @jrfnl looks like maybe you are the maintainers, are you able to cut a release?
from phpcs-security-audit.
jrfnl
commented on July 17, 2024
@danepowell I'm not an official maintainer, but if we're talking Composer 2.0, PR #82 will need to be merged before any release.
from phpcs-security-audit.
danepowell
commented on July 17, 2024
I'm not talking about supporting Composer 2, I'm just talking about getting rid of the scary (to some people, especially our customers) yellow warnings for Composer 1 users. I think these warnings were already fixed in master, all we need is a new stable release (i.e. 2.0.2) to take advantage of the fix.
Composer 2 support is of course important as well, but not as immediate :)
from phpcs-security-audit.
jmarcil
commented on July 17, 2024
Hello everyone!
I'm sadly currently the sole maintainer of this project, and hopefully we all can fix this soon.
With what is happening in the world this year, this project has been hard backlogged on my end. I won't have time to verify and merge PRs anymore for the foreseeable future. Same goes of course with any required fix, code modifications or documentation changes.
I've asked around and I'm ready to move this repository to it's own GitHub organization, where people can be added as collaborators. I'm more than willing to give away merge and other required access. I'll remain the primary owner to manage the org itself.
So two questions:
- Can you see what will break if I do the organization move right now?
- Who wants to join in?
from phpcs-security-audit.
danepowell
commented on July 17, 2024
@jmarcil I understand and sympathize with those challenges, and don't want to create more work for you. We're not asking for any new development as part of this ticket, all we need is a release tag, would you be able to accommodate that?
from phpcs-security-audit.
jrfnl
commented on July 17, 2024
- Can you see what will break if I do the organization move right now?
As long as the name in the composer.json file doesn't change, this will not break anything for Composer users.
And as long as the move is done by using the GH "Transfer repo" feature, GH will automatically redirect to the moved repo for all typical uses (clone commands used in CI, forks linked to this repo, bookmarked URLs etc).
So I currently can't think of anything which would break.
I would recommend mentioning it in the changelog all the same.
- Who wants to join in?
See my previous reply to this: #56 (comment)
from phpcs-security-audit.
Related Issues (20)
- Fix compliance of project with PHPCS HOT 10
- Strings as assert expressions are deprecated. HOT 4
- Figure out repo organization and ownership for the future
- Add CI/build testing HOT 6
- Add sniff specific unit tests HOT 6
- PR #50 breaks drupal7 usage HOT 1
- phpcs built from Dockerfile gives an error HOT 9
- $utils::is_token_false_positive is fiddly and unstable HOT 1
- Solving EasyRFI via new EasyRFINotice severity HOT 7
- Unable to view Security coding standard after Composer install HOT 3
- ERROR: Referenced sniff "Security.BadFunctions.Asserts" does not exist HOT 2
- Windows user, Unable to find phpcs command or bin file HOT 1
- Update security rulesets
- Potential vulnerabilities are being hidden with concatenation
- Installation instructions not working HOT 1
- Add support for native function imports
- Callback functions warnings
- file_put_contents warning about dynamic parameter
- Question for ErrMiscIncludeMismatchNoExt
Recommend Projects
-
React
A declarative, efficient, and flexible JavaScript library for building user interfaces.
-
Vue.js
🖖 Vue.js is a progressive, incrementally-adoptable JavaScript framework for building UI on the web.
-
Typescript
TypeScript is a superset of JavaScript that compiles to clean JavaScript output.
-
TensorFlow
An Open Source Machine Learning Framework for Everyone
-
Django
The Web framework for perfectionists with deadlines.
-
Laravel
A PHP framework for web artisans
-
D3
Bring data to life with SVG, Canvas and HTML. 📊📈🎉
-
Recommend Topics
-
javascript
JavaScript (JS) is a lightweight interpreted programming language with first-class functions.
-
web
Some thing interesting about web. New door for the world.
-
server
A server is a program made to process requests and deliver data to clients.
-
Machine learning
Machine learning is a way of modeling and interpreting data that allows a piece of software to respond intelligently.
-
Visualization
Some thing interesting about visualization, use data art
-
Game
Some thing interesting about game, make everyone happy.
Recommend Org
-
Facebook
We are working to build community through open source technology. NB: members must have two-factor auth.
-
Microsoft
Open source projects and samples from Microsoft.
-
Google
Google ❤️ Open Source for everyone.
-
Alibaba
Alibaba Open Source for everyone
-
D3
Data-Driven Documents codes.
-
Tencent
China tencent open source team.
from phpcs-security-audit.