Change Details

With the move to GitLab, we lost the "easy" (slightly hacky) method of checking for unwanted dependencies by uninstalling dev dependencies and then running PHPStan from a Container. The new method of doing this is using a PHP dependency tracking tool, disallowing certain namespace-dependent dependencies in the Fundraising App: Code in all namespaces starting with `WMDE\Fundraising\Frontend\` (except for code in `WMDE\Fundraising\Frontend\Test`) must not depend on namespaces of libaries listed as dev-dependencies in composer.json and must not depend on any class in the `WMDE\Fundraising\Frontend\Test` namespace. In a followup ticket we can further improve our architecture rules (e.g. nothing in `src` may depend on code in `app` or `cli`, etc), but that's out of scope. There are five candidates for dependency analysis: * https://github.com/mamuz/PhpDependencyAnalysis * https://github.com/j6s/phparch * https://github.com/mihaeu/dephpend * https://github.com/qossmic/deptrac * https://github.com/carlosas/phpat The decision on which library to use should be based on two criteria: 1. Does it allow to describe our restrictions? How readable and expressive is this description? 2. How fast is the analysis?

Code in all production namespaces must not depend on namespaces of libraries listed as dev-dependencies in composer.json and must not depend on any class in the test namespace. Currently we're checking for unwanted dependencies by uninstalling dev dependencies and then running PHPStan from a Container. A better approach would be to use https://github.com/mediact/dependency-guard

With the move to GitLab, we lost the "easy" (slightly hacky) method of checking for unwanted dependencies by uninstalling dev dependencies and then running PHPStan from a Container. The new method of doing this is using a PHP dependency tracking tool, disallowing certain namespace-dependent dependencies in the Fundraising App:Code in all production namespaces must not depend on namespaces of libraries listed as dev-dependencies in composer.json and must not depend on any class in the test namespace. Code in all namespaces starting with `WMDE\Fundraising\Frontend\` (except for code in `WMDE\Fundraising\Frontend\Test`) must not depend on namespaces of libaries listed as dev-dependencies in composer.json and must not depend on any class in the `WMDE\Fundraising\Frontend\Test` namespace.urrently we're checking for unwanted dependencies by uninstalling dev dependencies and then running PHPStan from a Container. A better approach would be to use https://github.com/mediact/dependency-guard In a followup ticket we can further improve our architecture rules (e.g. nothing in `src` may depend on code in `app` or `cli`, etc), but that's out of scope. There are five candidates for dependency analysis: * https://github.com/mamuz/PhpDependencyAnalysis * https://github.com/j6s/phparch * https://github.com/mihaeu/dephpend * https://github.com/qossmic/deptrac * https://github.com/carlosas/phpat The decision on which library to use should be based on two criteria: 1. Does it allow to describe our restrictions? How readable and expressive is this description? 2. How fast is the analysis?