Download the PHP package mediact/dependency-guard without Composer

On this page you can find all versions of the php package mediact/dependency-guard. It is possible to download/install these versions without Composer. Possible dependencies are resolved automatically.

FAQ

After the download, you have to make one include require_once('vendor/autoload.php');. After that you have to import the classes with use statements.

Example:
If you use only one package a project is not needed. But if you use more then one package, without a project it is not possible to import the classes with use statements.

In general, it is recommended to use always a project to download your libraries. In an application normally there is more than one library needed.
Some PHP packages are not free to download and because of that hosted in private repositories. In this case some credentials are needed to access such packages. Please use the auth.json textarea to insert credentials, if a package is coming from a private repository. You can look here for more information.

  • Some hosting areas are not accessible by a terminal or SSH. Then it is not possible to use Composer.
  • To use Composer is sometimes complicated. Especially for beginners.
  • Composer needs much resources. Sometimes they are not available on a simple webspace.
  • If you are using private repositories you don't need to share your credentials. You can set up everything on our site and then you provide a simple download link to your team member.
  • Simplify your Composer build process. Use our own command line tool to download the vendor folder as binary. This makes your build process faster and you don't need to expose your credentials for private repositories.
Please rate this library. Is it a good library?

Informations about the package dependency-guard

Abandoned

This package is abandoned in favor of maglnet/composer-require-checker, which is well maintained and is natively supported by GrumPHP. Composer require checker is more rich in features, it is kept up-to-date, and importantly, uses the same MIT license.

Packagist Packagist PHP from Packagist Scrutinizer Code Quality Code Coverage Build Status Build status Code Intelligence Status

Introduction

MediaCT Dependency Guard is a static code analyzer that determines whether your package is depending on code that is installed as a side-effect of your developer and / or test environment.

Installation

The tool can then be used in 3 ways:

  1. As a composer command
  2. As a stand-alone command
  3. As GrumPHP task

Composer command

Stand-alone

GrumPHP task

Invoke GrumPHP using the provided configuration.

Usage

When running the DependencyGuard, it will look for all files that are accessible through the autoload configuration of composer.json.

It will traverse all files, trying to detect PHP files and then determining the symbols (class, interface, trait) used by each file.

When the symbols are gathered, it determines to which package each symbol belongs. If a package is detected that is not installed because of the require section, but because of the require-dev section in composer.json, a violation is registered.

Also, when it is determined that a package is installed, while no code is using that package, another violation is registered.

In the example above, the package mediact/data-container is installed as dev package, yet used directly in the code of the current package.

Additionally, the package league/container is installed, but none of its code is directly used.

To use custom reporting of these violations, JSON is supported as export format:

Configuring exceptions

There are circumstances when dependency violations happen intentionally.

Suggest

For instance, when a package is supplying factories for multiple implementations of a specific factory, that require different packages for each factory. In that case, the package would require those implementations as dev-package, and also list them under the suggest section of their composer.json.

When a package is added to the suggest section, its violations are ignored by the dependency guard:

Exclude symbols

To exclude specific symbols, add the following to the extra.dependency-guard.exclude section of composer.json:

Symbols can be excluded using an exact match, a namespace match or a pattern used by fnmatch.

The configuration above will exclude:

Ignore packages

To ignore violation messages for a specific package, add the following to the extra.dependency-guard.ignore section of composer.json:

Packages can be ignored using an exact match, a vendor match or a pattern used by fnmatch.

The configuration above will ignore violations for the following packages:

Known limitations

Some scenarios cannot be covered by Dependency Guard, in its current form. Known limitations are listed below:

🦊 Pokémon exception handling combined with integration tests

Pókemon exception handling is also known as:

This methodology catches any and all exceptions and either forwards them or ignores them:

When this is used to handle exceptions in an application, the following issue is caused by running integration tests on that code.

When the test sets an expectation / assertion, the assertion may fail. When the assertion fails, it throws a corresponding exception, which is meant to be caught by the test framework.

Instead it is caught by the exception handling as described above. To counteract this, the following ends up in production code:

The code above causes DependencyGuard, to detect that \PHPUnit\Framework\AssertionFailedError is a symbol that can only be available when a development installation is used. It may be expected that, since this symbol is only used within a catch, it is not "really" a dependency, as it will only be autoloaded when that specific exception is thrown. DependencyGuard does no such specific inspection of the symbol at hand. The exception is thus marked as dependency violation.

There are currently no plans to solve this. That being said, pull requests and open discussions on this matter are welcomed.


All versions of dependency-guard with dependencies

PHP Build Version
Package Version
Requires php Version ^7.1
ext-spl Version ^7.1
ext-json Version *
composer-plugin-api Version ^1.1 | ^2.0
composer/composer Version ^1.6
nikic/php-parser Version ^3.0 | ^4.0
roave/better-reflection Version ^2.0 | ^3.1
symfony/options-resolver Version ^4.1
Composer command for our command line client (download client) This client runs in each environment. You don't need a specific PHP version etc. The first 20 API calls are free. Standard composer command

The package mediact/dependency-guard contains the following files

Loading the files please wait ....