Manifest file strategy (updated) #37

padraic · 2017-05-13T22:46:10Z

A revision of the original #15, to work around not having write access on older PRs.

Update tests for PHPUnit 6
Address review points raised by @theofidry
Check setter methods to other strategies for consistency (use setters vs constructor params)
Implement additional features where warranted as noted in Manifest file strategy #15 (comment)
Update file hash checks to optionally use SHA-256 over SHA-1 (so we don't have to update them later!)
Where relevant, migrate to use Composer\Semver
Review test coverage and add where needed.
Update README

…updater into pjcdawkins-manifest-strategy

aik099 · 2017-05-14T07:41:01Z

src/Strategy/ManifestStrategy.php

+            throw new RuntimeException(sprintf('Failed to write file: %s', $tmpFilename));
+        }
+
+        $tmpSha = sha1_file($tmpFilename);


Are you sure, that sha1 should be used for version verification? Considering recent findings on http://shattered.io/ it is possible to create another phar with same sha1 hash.

It's on the todo list. I'm thinking about scrapping sha1 altogether since this is a new feature.

Slight backtrack. I'm allowing SHA-1, but not by default, to allow for any transitioning, e.g. platform.sh which this is based of off.

…rams)

padraic · 2017-05-14T17:31:13Z

@humbug/core Ready for review.

pjcdawkins and others added 6 commits December 16, 2015 22:03

Add ManifestStrategy

a241016

Write ManifestStrategy tests

a35b4c1

Merge branch 'manifest-strategy' of git://github.com/pjcdawkins/phar-…

6cee97b

…updater into pjcdawkins-manifest-strategy

Update tests to PHPUnit 6. Resolve risky test.

5244f20

Address review points from @theofidry

809200c

Properly set json_decode depth

ae8a3a0

padraic added the enhancement label May 13, 2017

aik099 suggested changes May 14, 2017

View reviewed changes

padraic added 8 commits May 14, 2017 13:17

Integrate additional features; switch to SHA-256

163dd04

Revise API to better reflect current approach (methods v construct pa…

760cab6

…rams)

Adjustments and README entry blurb

fc2093c

Update README with code examples

39d005c

Add tests and some fixes for note retrieval; update README

44176d5

Missing test for hasUpdate() and getNewVersion()

acb6710

Allow optional SHA-1 support if specifically enabled

b72e183

Add missing manifest file for SHA1 test

24e836f

padraic changed the title ~~[WIP] Manifest file strategy (updated)~~ Manifest file strategy (updated) May 14, 2017

This was referenced May 14, 2017

Manifest file strategy #15

Open

Allow disabling updates across major versions with Github strategy #38

Open

padraic added this to the 1.1.0 milestone May 14, 2017

padraic added 2 commits May 14, 2017 22:48

Include setStability() function similar to GH strategy

42c4e3c

Fix typo

18101d9

theofidry approved these changes May 15, 2017

View reviewed changes

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

Manifest file strategy (updated) #37

Manifest file strategy (updated) #37

padraic commented May 13, 2017 •

edited

aik099 May 14, 2017

padraic May 14, 2017

padraic May 14, 2017

padraic May 14, 2017

padraic commented May 14, 2017

Manifest file strategy (updated) #37

Are you sure you want to change the base?

Manifest file strategy (updated) #37

Conversation

padraic commented May 13, 2017 • edited

aik099 May 14, 2017

Choose a reason for hiding this comment

padraic May 14, 2017

Choose a reason for hiding this comment

padraic May 14, 2017

Choose a reason for hiding this comment

padraic May 14, 2017

Choose a reason for hiding this comment

padraic commented May 14, 2017

padraic commented May 13, 2017 •

edited