DOCSLIB.ORG

Software Packaging in 2012

Total Page:16

File Type:pdf, Size:1020Kb

Download full-text PDF Read full-text
Software Packaging in 2012 Software Packaging in 2012 International PHP Conference 2012 | October, 15th | Arne Blankerts Your Goal? » Share your code » Distribute a library or framework » Release an application » Deploy to a production or stage server » Deploy identically to many servers » ...? sharing experience Share your code » You do not need a packaging system » Use a version control system » Get a github.com account !" sharing experience Distribute a library or framework » #ear » http://pear.php.net » #yrus aka Pear& » http://pear2.php.net » Composer » http://getcomposer.org sharing experience Release an ap lication » #ear » #(# )rchive *#()R" » +S Level Packages » R#- » D./ » ... sharing experience De loy to a production or stage server » #ear » +S Level Packages » 01 sharing experience The choice is yours. And depends on your goal. PE%R » The Legacy Installer » #ackages come as tar.gz file » Package.xml for meta information » Limited Dependency management » 'an install depended #.)R packages » Informs on version / extension mismatches » #ackages are organized in 'hannels sharing experience PE%R - Pirum » ) #.AR Channel Server » http://pirum.sensiolabs.org% » http://github.com/fabpot/Pirum » 0nstalled via #.AR » pear channel-discover pear.pirum-project.org » pear installes pirum/Pirum sharing experience 'reating a pear package » Create a package.3ml » /uild package$ » pear package » )dd to prium$ » pirum add package.tgz sharing experience Pyrus / PEAR 2 » Rewritten #.AR Installer » Same package.3ml » Comes as phar » Seems to be pretty much a dead project sharing experience 'omposer » .asy to install » curl 5s https://getcomposer.org/installer | php » Comes as phar » -akes heavy use of git » )nd github.com » #ackages listed on packagist.org » Limited dependency management sharing experience 'reating a Com oser Package » Create a composer.json » )dd it to your git project » et a github.com account » #ush your code » Register with packagist.org » 1echnically7 composer does not exactly create packages sharing experience GIT » Not e3actly a package either » Can be used for deployment » 'reate empty repository » 'hange configuration to a have working directory » Push to ”empty“ repository » Very limited dependency managament » 01 Submodules sharing experience OS Level Packages » Distribution specific format and handling » Yum on <edora/Redhat%'entOS and derivatives » )pt on Debian/Ubuntu and derivatives » Complete dependency management » )s long as they are available as distro package sharing experience 'reating RPM packages » Create an application.spec file » /uild package$ » rpmbuild -bb application.spec » )dd to repository » createrepo directory » 0nstall » yum install package sharing experience PHAR » )llows for all5in5one packages » Different file formats possible » 8ative » Basically a tar5alike format » ZIP 'ontainer » No dependency management » )ll Dependencies should be bundled sharing experience 'reating a PHAR » .nable #HAR write mode » phar.readonly = ? » For a library » phpab -p -o library.phar src » For an application » phpab --all -p -o application.phar 5t app.php src sharing experience ,anually creating a P-AR package » Use phar cli application » Use =0# » Simply rename the .zip to .phar » )dd a stub as needed sharing experience %nything else? Other ackaging options » Simple tar.gz / tar.bz2 / ... » Windows 0nstaller » =end Server Deployment » +ther proprietary formats sharing experience 'ontact » @eb http://theP(#.cc/ » Mail arne@the#(#.cc team@the#(#.cc » 1witter Aarneblankerts Athe#(#cc sharing experience.
Load more

Recommended publications
  • ELASTIC SEARCH – MAGENTO 2 COPYRIGHT 2018 MAGEDELIGHT.COM Page 2 of 6
    Elasticsearch - Magento 2 INSTALLATION GUIDE MAGEDELIGHT.COM Installation: Before installing the extension, please make below notes complete: Backup your web directory and store database. Elasticsearch – M2 Installation: Install elasticsearch on your webserver, here is the reference link http://blog.magedelight.com/how-to- install-elasticsearch-on-centos-7-ubuntu-14-10-linux-mint-17-1/ Unzip the extension package file into the root folder of your Magento 2 installation. Install elastic search library o Back up your current composer.json cp composer.json composer.json.bk o Edit composer.json file and add below code to required clause. “elasticsearch/elasticsearch” : “~5.0” o Update dependencies composer update Connect to SSH console of your server: o Navigate to root folder of your Magento 2 setup o Run command php -f bin/magento module:enable Magedelight_Elasticsearch o Run command php -f bin/magento setup:upgrade o Run command php -f bin/magento setup:static-content:deploy Flush store cache; log out from the backend and log in again ELASTIC SEARCH – MAGENTO 2 COPYRIGHT 2018 MAGEDELIGHT.COM Page 2 of 6 License Activation: Note: This section is not applicable for extension purchased from Magento Marketplace How to activate the extension? Step 1: Go to Admin Control Panel >Stores > Configuration > Magedelight > Elasticsearch > License Configuration, you will see Serial Key and Activation key fields in License Configuration. Please enter the keys you received on purchase of the product and save configuration. Step 2: Expand “General Configuration” tab, you will find list of domains for which license is purchased and configured, now select the domain you are going to use, you can select multiple domain by clicking “Ctrl + Select”.
    [Show full text]
  • File Operation Induced Unserialization Via the “Phar://” Stream Wrapper
    File Operation Induced Unserialization via the “phar://” Stream Wrapper Sam Thomas - @_s_n_t Contents Introduction ............................................................................................................................................ 2 Stream Wrappers .................................................................................................................................... 3 Phar Archives and the "phar://" Stream Wrapper ................................................................................. 4 Basic Attack Methodology ...................................................................................................................... 5 Identifying File Path Handling Vulnerabilities ......................................................................................... 6 The Phar File Format ............................................................................................................................... 7 Exploiting Induced Unserialization.......................................................................................................... 9 PHPGGC / PHARGGC ............................................................................................................................. 10 Case Studies .......................................................................................................................................... 11 Typo 3 ...............................................................................................................................................
    [Show full text]
  • PHP: Composer Orchestrating PHP Applications
    PHP: Composer Orchestrating PHP Applications Dayle Rees This book is for sale at http://leanpub.com/composer-php This version was published on 2016-05-16 This is a Leanpub book. Leanpub empowers authors and publishers with the Lean Publishing process. Lean Publishing is the act of publishing an in-progress ebook using lightweight tools and many iterations to get reader feedback, pivot until you have the right book and build traction once you do. © 2016 Dayle Rees Tweet This Book! Please help Dayle Rees by spreading the word about this book on Twitter! The suggested tweet for this book is: I’m reading Composer: Orchestrating PHP Applications by @daylerees - https://leanpub.com/composer-php #composer The suggested hashtag for this book is #composer. Find out what other people are saying about the book by clicking on this link to search for this hashtag on Twitter: https://twitter.com/search?q=#composer Contents Acknowledgements ..................................... i Errata ............................................. ii Feedback ............................................ iii Translations ......................................... iv 1. Introduction ....................................... 1 2. Concept .......................................... 2 Dependency Management ............................... 2 Class Autoloading .................................... 3 Team Collaboration ................................... 3 3. Packages ......................................... 5 Application Packages .................................. 5 Dependency
    [Show full text]
  • Today's Howtos Today's Howtos
    Published on Tux Machines (http://www.tuxmachines.org) Home > content > today's howtos today's howtos By Roy Schestowitz Created 23/11/2020 - 3:13pm Submitted by Roy Schestowitz on Monday 23rd of November 2020 03:13:32 PM Filed under HowTos [1] An introduction to Prometheus metrics and performance monitoring | Enable Sysadmin[2] Use Prometheus to gather metrics into usable, actionable entries, giving you the data you need to manage alerts and performance information in your environment. Why does Wireshark say no interfaces found ? Linux Hint [3] Wireshark is a very famous, open-source network capturing and analyzing tool. While using Wireshark, we may face many common issues. One of the common issues is ?No Interfaces are listed in Wireshark?. Let?s understand the issue and find a solution in Linux OS.If you do not know Wireshark basic, then check Wireshark Basic first, then come back here. How to Solve ?Sub-process /usr/bin/dpkg returned an error code (1)? In Ubuntu[4] It?s not uncommon to run into an issue of broken packages in Ubuntu and other Debian-based distributions. Sometimes, when you upgrade the system or install a software package, you may encounter the ?Sub-process /usr/bin/dpkg returned an error code? error. For example, a while back, I tried to upgrade Ubuntu 18.04 and I bumped into the dpkg error as shown below. [...] This type of dpkg error points to an issue with the package installer usually caused by the interruption of an installation process or a corrupt dpkg database. Any of the above-mentioned solutions should fix this error.
    [Show full text]
  • Sebastian Neubauer [email protected] @Sebineubauer
    There Should be One Obvious Way to Bring Python into Production Sebastian Neubauer [email protected] @sebineubauer 1 Agenda • What are we talking about and why? • Delivery pipeline • Dependencies • Packaging • What is the current state? • A walk through the different possibilities • Summarizing all the pros and cons • Can we fnd a better solution? • How does the future look like? • Discussion: what could the „one obvious way“ be? 2 What are we talking about and why? 3 Delivery pipeline Production Staging/QA Testing Building/Packaging Development @sebineubauer 4 Delivery pipeline Production Staging/QA Testing Building/Packaging Development @sebineubauer 5 Development Required: • Fast iteration cycles, fast changes • Automated tests can be executed Nice to have: • Production like local environment Risks: • „Works on my machine!“ • Dirty working directory @sebineubauer 6 Delivery pipeline Production Staging/QA Testing Building/Packaging Development @sebineubauer 7 Building/Packaging Required: • Build once, use everywhere • Possibility to compile for the target systems • Build uniquely versioned, signed packages Nice to have: • Upload to an artifact repository Risks: • Misconfguration of the build environment @sebineubauer 8 Delivery pipeline Production Staging/QA Testing Building/Packaging Development @sebineubauer 9 Testing Required: • Automated • Near production like conditions • Reproducible conditions • Minimal changes for testing reasons Nice to have: • Fast feedback • Running after each commit on all branches Risks:
    [Show full text]
  • Xcode Package from App Store
    KH Computational Physics- 2016 Introduction Setting up your computing environment Installation • MAC or Linux are the preferred operating system in this course on scientific computing. • Windows can be used, but the most important programs must be installed – python : There is a nice package ”Enthought Python Distribution” http://www.enthought.com/products/edudownload.php – C++ and Fortran compiler – BLAS&LAPACK for linear algebra – plotting program such as gnuplot Kristjan Haule, 2016 –1– KH Computational Physics- 2016 Introduction Software for this course: Essentials: • Python, and its packages in particular numpy, scipy, matplotlib • C++ compiler such as gcc • Text editor for coding (for example Emacs, Aquamacs, Enthought’s IDLE) • make to execute makefiles Highly Recommended: • Fortran compiler, such as gfortran or intel fortran • BLAS& LAPACK library for linear algebra (most likely provided by vendor) • open mp enabled fortran and C++ compiler Useful: • gnuplot for fast plotting. • gsl (Gnu scientific library) for implementation of various scientific algorithms. Kristjan Haule, 2016 –2– KH Computational Physics- 2016 Introduction Installation on MAC • Install Xcode package from App Store. • Install ‘‘Command Line Tools’’ from Apple’s software site. For Mavericks and lafter, open Xcode program, and choose from the menu Xcode -> Open Developer Tool -> More Developer Tools... You will be linked to the Apple page that allows you to access downloads for Xcode. You wil have to register as a developer (free). Search for the Xcode Command Line Tools in the search box in the upper left. Download and install the correct version of the Command Line Tools, for example for OS ”El Capitan” and Xcode 7.2, Kristjan Haule, 2016 –3– KH Computational Physics- 2016 Introduction you need Command Line Tools OS X 10.11 for Xcode 7.2 Apple’s Xcode contains many libraries and compilers for Mac systems.
    [Show full text]
  • Peter Jaap Blaakmeer CTO Elgentos @Peterjaap
    Magento 2 and Composer Peter Jaap Blaakmeer CTO elgentos @PeterJaap Also; co-organizer MUG050, volunteer Meet Magento NL, beer home-brewing & board games (so I like IPA’s and API’s). What is composer? Dependency management in PHP Not a package manager; composer by default installs modules on a per-project basis, not globally. Why would you use Composer? Time save Code reuse Code sharing Easy upgrades Same code usage Easy removal Forces you to write clean code; no hacking Install composer brew update && brew install homebrew/php/composer Composer components (see what I did there?) composer.phar composer.json composer.lock composer.phar Binary used to work with composer composer.phar Most used commands $ composer update $ composer install $ composer require $ composer create-project Projects’ composer.json Extensions’ composer.json { "name": “elgentos/mage2importer", "description": “Fast refactored Magento 2 product importer", "type": “magento2-module", // or magento2-theme / magento2-language / metapackage "version": "1.3.37", "license": [ "OSL-3.0", "AFL-3.0" ], "require": { "php": "~5.5.0|~5.6.0|~7.0.0", "magento/framework": "~100.0" }, "extra": { "map": [ [ "*", "Elgentos/Mage2Importer" ] ] } } composer.lock Lockfile created when running composer update composer.lock What is the lock file for? It ensures every developer uses the same version of the packages. composer update - installs the latest versions referenced in composer.json & save commit hash in lock file. composer install - installs a specific version identified by a commit hash in the lock file. How to handle composer files in Git? You should commit composer.json to keep track of which extensions are installed. You can commit composer.lock but it is not necessary, depends on your deployment structure, but you’ll probably get a lot of merge conflicts.
    [Show full text]
  • Software Soloist Motion Composer Suite
    SOFTWARE SOLOIST MOTION COMPOSER SUITE The Power to Differentiate Your Process Connect and Go The Soloist Motion Composer Suite is the development solution Setting up your smart drive solution is easy. Quickly set up your motion control application needs. Part of the Soloist single- drives, motors, and stages with the Configuration Manager axis motion control platform, the Motion Composer Suite allows application. This is just one of several tools integrated in the you to deploy advanced automation that outpaces competitive Motion Composer Suite that makes drive, controller, and servo solutions. The suite includes the following products: configuration fast and effective. • Soloist Configuration Manager Setting up an automation process is also quick and easy. The Soloist smart drives include an integrated controller that can talk • Soloist Motion Composer IDE over EtherNet/IP, Ethernet TCP/IP, RS-232, RS-485, and Modbus • Soloist Digital Scope TCP. Powerful Technology, Simply Integrated Fieldbus I/O and expandable I/O on Aerotech drive hardware is The Soloist solution is a powerful performance tool that can directly accessible within the AeroBasic real-time programming be simply integrated into your system. The Motion Composer language. Suite gives you more precision at your fingertips through Develop and Test Real-Time Applications a user-friendly interface with tools for each aspect of your The Soloist Motion Composer Suite includes a powerful development process. Using the Motion Composer Suite, you can environment for real-time developers. The Motion Composer IDE deploy real-time application code to a smart, single-axis drive allows real-time application code to be developed, debugged, and which includes an integrated controller.
    [Show full text]
  • PHP Composer 9 Benefts of Using a Binary Repository Manager
    PHP Composer 9 Benefts of Using a Binary Repository Manager White Paper Copyright © 2017 JFrog Ltd. March 2017 | www.jfrog.com Executive Summary PHP development has become one of the most popular platforms for client and server side web development. Each framework used for PHP development has its own set of advantages, but they all use PHP Composer to manage dependencies, alongside Packagist as the central repository. PHP Composer may be able to fnd the right packages for you, but comes up short in case of network issues and cannot ensure that all developers in your organization are using the same version of a package. It’s issues like these that Artifactory solves for you. This white paper describes the benefts of using PHP Composer together with Artifactory, including: Reliable Access Overcome network issues restricting you from being able to download or update packages. Optimized Build Process Manage resource sharing within your organization to eliminate unnecessary network trafc. Full Support for Docker Support all Docker Registry APIs providing security features needed by enterprise Docker users. Secure Solution Enable controlled access through secure private PHP Composer repositories. Smart Search and Artifactory Query Language (AQL) Find the packages you need using advanced search tools and top-level search capabilities. Distribution and Sharing Enable efcient distribution of proprietary packages to give developers access to the same package version, resolve dependencies, and seamlessly share proprietary code regardless of physical location. Artifactory High Availability Give access to PHP Composer packages in a high availability confguration providing up to fve-nines availability for PHP development. Maintenance and Monitoring Keep an organized managed system with automatic, timed cleanup processes, eliminating old and irrelevant artifacts.
    [Show full text]
  • Drupal & Composer
    Drupal & Composer Matthew Grasmick & Jeff Geerling Speakers Matthew Grasmick Jeff Geerling @grasmash @geerlingguy Acquian Acquian BLT maintainer Drupal VM maintainer 10+ years of Drupal Agenda ● Composer Overview ~40 min ● Hands-on exercises ~30 min ● Advanced Topics ~20 min ● Hands-on free-for-all ~30 min Total ~2 hrs. What is Composer? Composer is a dependency management tool for PHP. It allows you to install, update, and load the PHP libraries that your PHP application depends on. What does that mean? Let’s look at the type of problem Composer solves Say you have a Drupal 7 application. It requires jCarousel. A third party, external dependency. You download the tarball, decompress, move it into place. Voila! Easy, right? Except when it isn’t. Versions matter. Your hypothetical Drupal 7 site requires: ● Drupal Core, which requires jQuery 1.2.0. ● jCarousel, which requires jQuery 1.3.0. 1.2.0 != 1.3.0 Uh oh! What do you do? In Drupal 7, we used ● Various contributed modules ● Hacky workarounds to load multiple versions of jQuery. That worked for dealing with a single library incompatibility. Enter Drupal 8 Drupal 8 In Drupal 8, we use lots of third-party, external dependencies, like ● Symfony ● Doctrine ● Twig ● Etc. This is good. ● We’re getting of the island and using libraries used by the rest of the PHP community! ● We’re using software that is Proudly Found Elsewhere (and tested / supported elsewhere) ● We’re not re-inventing the wheel! But it gets complicated fast. Say you have a Drupal 8 site that requires... ● Drupal Core, which requires ..
    [Show full text]
  • Composer 101
    ______ / ____/___ ____ ___ ____ ____ ________ _____ / / / __ \/ __ `__ \/ __ \/ __ \/ ___/ _ \/ ___/ / /___/ /_/ / / / / / / /_/ / /_/ (__ ) __/ / \____/\____/_/ /_/ /_/ .___/\____/____/\___/_/ /_/ Composer 101 Mike Miles | Drupalcon Nashville 2018 events.drupal.org/node/20624 About Me Work: Genuine (wearegenuine.com) Podcast: Developing Up (developingup.com) Online Handle: mikemiles86 (@mikemiles86) Security Update!! PHP projects that have a few dependencies may be able simple to maintain. But complex projects with many layers of dependencies, frustrate developers and waste project time on managing those dependencies. Every project has limited time & budget The more project time is spent on maintaining 3rd party code, the less time there is available to focus on building what will deliver project value. Composer getcomposer.org Composer is a PHP project dependency manager, that handles 3rd party project code, so that the developers do not have to. Adding a few files and utilizing a few commands, composer can be added to any PHP project. Composer takes care of 3rd party code dependencies, installation and maintenance. Composer project structure root/ [composer.phar] composer.json composer.lock vendor/ // everything else... Every Composer based project has a composer.json file, composer.lock file, and vendor director. Optionally it can contain the composer executable. Secure Project Structure root/ [composer.phar] composer.json composer.lock vendor/ webroot/ // everything else... For security purposes, keep all composer related files and directories above the webroot of the project. Access vendor code using the composer autoload.php. root/ [composer.phar] composer.json composer.lock Install vendor/ // everything else..
    [Show full text]
  • Arxiv:1710.04936V1 [Cs.SE] 13 Oct 2017 A
    Manuscript preprint submitted for publication to Empirical Software Engineering Journal An Empirical Comparison of Dependency Network Evolution in Seven Software Packaging Ecosystems Alexandre Decan · Tom Mens · Philippe Grosjean Abstract Nearly every popular programming language comes with one or more package managers. The software packages distributed by such package managers form large software ecosystems. These packaging ecosystems con- tain a large number of package releases that are updated regularly and that have many dependencies to other package releases. While packaging ecosys- tems are extremely useful for their respective communities of developers, they face challenges related to their scale, complexity, and rate of evolution. Typ- ical problems are backward incompatible package updates, and the risk of (transitively) depending on packages that have become obsolete or inactive. This manuscript uses the libraries.io dataset to carry out a quantitative empirical analysis of the similarities and differences between the evolution of package dependency networks for seven packaging ecosystems of varying sizes and ages: Cargo for Rust, CPAN for Perl, CRAN for R, npm for JavaScript, NuGet for the .NET platform, Packagist for PHP, and RubyGems for Ruby. We propose novel metrics to capture the growth, changeability, resuability and fragility of these dependency networks, and use these metrics to analyse and compare their evolution. We observe that the dependency networks tend to grow over time, both in size and in number of package updates, while a minority of packages are responsible for most of the package updates. The majority of packages depend on other packages, but only a small proportion of packages accounts for most of the reverse dependencies.
    [Show full text]