[GH-ISSUE #415] Loose version constraint composer dependencies #345

New issue

Closed

opened 2026-02-25 21:34:48 +03:00 by kerem · 2 comments

kerem commented

2026-02-25 21:34:48 +03:00

Owner

Originally created by @xorti on GitHub (Jul 29, 2020).
Original GitHub issue: https://github.com/cypht-org/cypht/issues/415

Originally assigned to: @jasonmunro on GitHub.

🗣 Suggestion

Loose version composer dependencies in order to use newer versions.

Currently, on composer.json:

"paragonie/random_compat": "2.0.18",
"erusev/parsedown": "1.8.0-beta-5",
"christian-riesen/base32": "1.3.2",
"ezyang/htmlpurifier": "4.10.0",
"codeitnowin/barcode": "3.0.3",

Suggestion:

"paragonie/random_compat": "^2.0.18",
"erusev/parsedown": "^1.8.0-beta-5",
"christian-riesen/base32": "^1.3.2",
"ezyang/htmlpurifier": "^4.10.0",
"codeitnowin/barcode": "^3.0.3",

That will allow, for example, to install ezyang/htmlpurifier with v4.13.0 that includes some fixes with curly braces in PHP7.4 and PHP8.

Thank you.

Originally created by @xorti on GitHub (Jul 29, 2020). Original GitHub issue: https://github.com/cypht-org/cypht/issues/415 Originally assigned to: @jasonmunro on GitHub. ## 🗣 Suggestion Loose version composer dependencies in order to use newer versions. Currently, on composer.json: ``` "paragonie/random_compat": "2.0.18", "erusev/parsedown": "1.8.0-beta-5", "christian-riesen/base32": "1.3.2", "ezyang/htmlpurifier": "4.10.0", "codeitnowin/barcode": "3.0.3", ``` Suggestion: ``` "paragonie/random_compat": "^2.0.18", "erusev/parsedown": "^1.8.0-beta-5", "christian-riesen/base32": "^1.3.2", "ezyang/htmlpurifier": "^4.10.0", "codeitnowin/barcode": "^3.0.3", ``` That will allow, for example, to install `ezyang/htmlpurifier` with v4.13.0 that includes some fixes with curly braces in PHP7.4 and PHP8. Thank you.

kerem

2026-02-25 21:34:48 +03:00

closed this issue
added the
enhancement
label

kerem commented

2026-02-25 21:34:48 +03:00

Author

Owner

@jasonmunro commented on GitHub (Jul 29, 2020):

I'm happy to do this. I presume the leading "^" means this version or newer (I will read up on it). If there are newer compatible versions I'm open to bumping the minimums up as well.

@jasonmunro commented on GitHub (Jul 29, 2020): I'm happy to do this. I presume the leading "^" means this version or newer (I will read up on it). If there are newer compatible versions I'm open to bumping the minimums up as well.

kerem commented

2026-02-25 21:34:48 +03:00

Author

Owner

@xorti commented on GitHub (Jul 29, 2020):

I'm doing the PR at this moment!
There is no need to bump the minimums, composer itself will manage that, and it will be wider the options. The minimums should be bumped only if the cypth code changes and the minimum version for dependencies brake the functionality.

The "^" will allow versions for example in the ezyang/htmlpurifier to be up to <5.0.0. Using "~" will just allow <4.11.0.

@xorti commented on GitHub (Jul 29, 2020): I'm doing the PR at this moment! There is no need to bump the minimums, composer itself will manage that, and it will be wider the options. The minimums should be bumped only if the cypth code changes and the minimum version for dependencies brake the functionality. The "^" will allow versions for example in the ezyang/htmlpurifier to be up to <5.0.0. Using "~" will just allow <4.11.0.