Improve CI/QA process
Closed this issue · 2 comments
Also see PRs #55, #57, #61 and #62.
I'd like to suggest expanding the automated CI/QA checks done via Travis to prevent the above mentioned issues and/or get earlier warning about them.
Suggestions for things to add to the Travis build:
- Linting the code against all supported PHP versions.
- An automated scan of the code with PHPCompatibility
- Security check of the Composer dependencies.
- Validation of the Composer file.
Linting the code against all supported PHP versions.
This has been extensively discussed in #65. Summary: I don't think this is necessary.
An automated scan of the code with PHPCompatibility
Nice to have.
Security check of the Composer dependencies
As a development-only library, so nothing that should leave local environment, I don't think this is much relevant. It does not hurt though, even because it does not need any additional code, just requiring a no-code meta package, so why not.
Validation of the Composer file.
Not necessary. Dependencies are installed in CI, and Composer does itself a validation of composer.json (exactly same validation that could be done via composer validate) before installing dependencies.
Running validation separately would mean to do a double validation when the file is valid (most of the times) and will only cause an error to be discovered just a few milliseconds earlier. No real benefit and unnecessary slow down of build time (tiny, but still).