Currently, we're using a crude workaround to avoid using test dependencies in production: We uninstall the test dependencies and run an external instance of PHPStan, packaged in a Docker Image. This has two problems: An additional docker image just to run PHPStan. And the PHPStan version in the docker image can get out of sync with the PHPStan version of the repository.
A better way to handle this check is using deptrac. It allows more fine-grained control over which namespaces are allowed to depend on other namespaces.
The payment repository and subscription repository show good examples on how to define dependency rules for a bounded context. Other bounded context that need similar dependency rules are:
- https://github.com/wmde/fundraising-donations
- https://github.com/wmde/fundraising-memberships
- https://github.com/wmde/fundraising-address-change
We have some libraries where the dependency rules can be simplified to "don't use dev dependencies":
- https://github.com/wmde/fun-validators
- https://github.com/wmde/Euro
- https://github.com/wmde/Clock
- https://github.com/wmde/fundraising-content-provider/
- https://github.com/wmde/email-address
- https://github.com/wmde/PsrLogTestDoubles
Our Applications need different, probably more complex rules: