Le dim. 20 sept. 2015 à 00:07, Hugues Peccatte <hugues.peccatte(a)gmail.com>
a écrit :
Hi,
I just saw that in our composer.json, the dependencies in require-dev
section are using ">=".
Composer deals with version number, considering that projects are
following semantic versioning (see
http://semver.org/). And in this
"standard", there is one important thing: "Given a version number
MAJOR.MINOR.PATCH, increment the MAJOR version when you make incompatible
API changes". That means that 4.8 (current version) of PHPUnit might not be
compatible with 3.7, while an hypothetical 3.50 should be compatible. (In
reality… 3.7.7 is the last, for now.)
Knowing this, and to be sure that we won't have bad surprises, shouldn't
we use "~3.7"? And so replace:
* "require-dev": {*
* "satooshi/php-coveralls": ">=0.6",*
* "phpunit/phpunit": ">=3.7",*
* "phpunit/phpunit-selenium": ">=1.2",*
* "squizlabs/php_codesniffer": "2.*"*
* },*
by
* "require-dev": {*
* "satooshi/php-coveralls": "~0.6",*
* "phpunit/phpunit": "~3.7",*
* "phpunit/phpunit-selenium": "~1.2",*
* "squizlabs/php_codesniffer": "2.*"*
* },*
?
And if we really want to use PHPUnit 4.*, so let's fill the version with
"~4.8".
All these dependencies are for dev, so this won't be a big deal if
versions are not compatible, but this could leads to errors with PHPUnit
the day it will have an incompatible version.
What do you think about this?
Thanks for your feedbacks,
H.
The "^" may also be interesting. But I think that it is useless for us,
until we only limit version to minor version number and not to patch.
H.