Le dim. 20 sept. 2015 à 00:07, Hugues Peccatte hugues.peccatte@gmail.com a écrit :
Hi,
I just saw that in our composer.json, the dependencies in require-dev section are using ">=". Composer deals with version number, considering that projects are following semantic versioning (see http://semver.org/). And in this "standard", there is one important thing: "Given a version number MAJOR.MINOR.PATCH, increment the MAJOR version when you make incompatible API changes". That means that 4.8 (current version) of PHPUnit might not be compatible with 3.7, while an hypothetical 3.50 should be compatible. (In reality… 3.7.7 is the last, for now.) Knowing this, and to be sure that we won't have bad surprises, shouldn't we use "~3.7"? And so replace:
- "require-dev": {*
"satooshi/php-coveralls": ">=0.6",*
"phpunit/phpunit": ">=3.7",*
"phpunit/phpunit-selenium": ">=1.2",*
"squizlabs/php_codesniffer": "2.*"*
- },*
by
- "require-dev": {*
"satooshi/php-coveralls": "~0.6",*
"phpunit/phpunit": "~3.7",*
"phpunit/phpunit-selenium": "~1.2",*
"squizlabs/php_codesniffer": "2.*"*
- },*
? And if we really want to use PHPUnit 4.*, so let's fill the version with "~4.8". All these dependencies are for dev, so this won't be a big deal if versions are not compatible, but this could leads to errors with PHPUnit the day it will have an incompatible version.
What do you think about this?
Thanks for your feedbacks, H.
I forgot the link about the "~": https://getcomposer.org/doc/articles/versions.md#tilde The "^" may also be interesting. But I think that it is useless for us, until we only limit version to minor version number and not to patch.
H.