Update symfony dependencies to keep only used ones #424
Conversation
|
The build for the |
|
@Pierstoval : Can you just try with a fixed version and more recent of the |
|
You mean when we have the |
|
I mean explicitly add the requirement in the composer.json, which should normally be done by the bundles in the proper 2.3 version, but it's just to test. |
|
It works well but the build for Symfony 2.8-dev does not work because now we have many packages to update, not only the whole framework. Any idea on how to update all packages without ugly things like this : ❓ |
|
The |
|
Yeah it's ok, but actually this does not solve the packages update in tests :D Before we could do |
Indeed, I don't see any better solution right now. |
composer.json
Outdated
There was a problem hiding this comment.
For which feature is it actually needed ?
There was a problem hiding this comment.
To check app.user in the navigation bar
There was a problem hiding this comment.
But this is not a hard requirement right ? The feature will simply be activated if the security is used, and the bundle will not fail if the package doesn't exist in the application ?
There was a problem hiding this comment.
Actually I have not tested in proper app, only using phpunit, and it's required. But I don't know if it should be in require or require-dev 😕
|
So, there are still many issues with requiring only pieces of the framework. First, we require 30 of them (of 44 for And there's a big bug with the twig bridge that requires security component that is splitted in several packages. Only for We cannot require them explicitly because it would need SF2.4+ (first split of the component). Any idea ? Should it be proposed in the symfony main repo ? |
There was a problem hiding this comment.
This list looks too large. Are you sure that all of them a really required?
There was a problem hiding this comment.
Actually this list is large because we need "few" dependencies, but each of them require some other packages, so to avoid having last-stable installations (which may cause conflicts), I had to require them all in the composer.json. Some other are required in the tests so I put them in the require-dev part.
There was a problem hiding this comment.
Imho it's wrong to add packages that are required by packages you require. This totally contradicts why semver was introduced. You should simply load the packages you need and they should properly manage what they need.
There was a problem hiding this comment.
When I tested the basic requirements, I had some issues in the tests about some packages having "higher" requirements that broke some tests. Especially for the different versions of symfony where dependencies about security that were splitted, twig-bundle requiring splitted components, etc.
IMO we should keep requiring the whole framework.
There was a problem hiding this comment.
Do you remember an example of a conflict you had?
Also added event dispatcher to force version minimum
|
Closing it as fixed by #438. @Pierstoval thanks a lot for working on this PR and for all the help provided in the merged PR. Your continuous help is truly appreciated! |
This fixes #408
This update is only made for working tests, but actually there's no guarantee that the whole bundle will work without problem.
I'm gonna test this a bit more.