Download the PHP package sonatype-nexus-community/bach without Composer
On this page you can find all versions of the php package sonatype-nexus-community/bach. It is possible to download/install these versions without Composer. Possible dependencies are resolved automatically.
Download sonatype-nexus-community/bach
More information about sonatype-nexus-community/bach
Files in sonatype-nexus-community/bach
Package bach
Short Description Dependency vulnerability auditor for PHP
License Apache-2.0
Homepage https://github.com/sonatype-nexus-community/bach
FAQ
Example:
In general, it is recommended to use always a project to download your libraries. In an application normally there is more than one library needed.
- Some hosting areas are not accessible by a terminal or SSH. Then it is not possible to use Composer.
- To use Composer is sometimes complicated. Especially for beginners.
- Composer needs much resources. Sometimes they are not available on a simple webspace.
- If you are using private repositories you don't need to share your credentials. You can set up everything on our site and then you provide a simple download link to your team member.
- Simplify your Composer build process. Use our own command line tool to download the vendor folder as binary. This makes your build process faster and you don't need to expose your credentials for private repositories.
Informations about the package bach
Bach
Dependency vulnerability auditor for PHP
Install
Help
Example usage
Development notes
-
PHP version - 7.4+ required
On macos, while
phpwas already installed,we need a newer version of
php: at least 7.4. To install this, I ran the following commands:This installed
php 7.4into:/usr/local/Cellar/php/7.4.11. In order to ensure this new version of php would be found before the macos pre-installed version, I prepended the new phpbinfolder to my path via:Ensure the intended version will be used by running:
-
Composer
I also had to do a one time install of composer using brew on macos:
After running
composer install, I could run unit tests using:I'm not sure it is actually needed, but while updating
brewand things, I ran into a case that needed access to write to my localbinfolders, and had to follow these steps to temporarily disablecsrutil. see: https://www.imore.com/how-turn-system-integrity-protection-macos. Be sure to undo such changes if you need 'em. -
You can cleanup
composer.lock(remove stale dependencies from thecomposer.lockfile) using the command: - If you need to add new dependencies, I found the following commands would ensure the new dependency was installed and available to unit tests, etc:
Releasing bach
Releasing is conducted by simply tagging the repository from the main branch as per guidlines on packagist.org.
We follow standard semantic versioning.
A GitHub Hook is fired which will cause packagist.org to re-index this Git repository and discover new version/release tags.
The Fine Print
Remember:
It is worth noting that this is NOT SUPPORTED by Sonatype, and is a contribution of ours to the open source community (read: you!)
- Use this contribution at the risk tolerance that you have
- Do NOT file Sonatype support tickets related to
bachsupport in regard to this project - DO file issues here on GitHub, so that the community can pitch in
Phew, that was easier than I thought. Last but not least of all - have fun!
All versions of bach with dependencies
codedungeon/php-cli-colors Version ^1.11.0
eloquent/composer-config-reader Version ^2.1
guzzlehttp/guzzle Version ^6.5.6
hoa/console Version ^3.17
laminas/laminas-text Version ^2.7
laravel-zero/framework Version >=5.8 || <9.0
nadar/php-composer-reader Version ^1.2
vierbergenlars/php-semver Version ^3.0