icanhazstring
Repos
43
Followers
79
Following
27

Show unused composer dependencies by scanning your code

1097
41

PHP wrapper for systemctl

65
13

Select a random issue from github or gitlab by certain criteria

25
9

Events

Only produce Github action output for cases that result in exitCode > 0

Ref #397

Created at 11 hours ago
Only produce Github action output for cases that result in exitCode > 0

Describe the bug

Right now, it happens that ignored packages are actually emitting a warning log state for composer.json when a package is being ignored while running a github action.

This should not happen, as ignore packages do not count towards an exitCode > 0. https://github.com/composer-unused/composer-unused/blob/main/src/OutputFormatter/GithubFormatter.php#L57

TODO

  • [ ] simple log message that this package was ignored
  • [ ] no link to composer.json about a warning
  • the [ ] message should be a/b was ignored instead of is invalid
Created at 11 hours ago
Don't report Github output when package ignored

But be aware, that "finding" errors (unused dependencies) now requires you to open the build log for that action. So it might be a little inconvenient :)

Created at 11 hours ago
composer-unused.phar - PHP Fatal error: Uncaught Error: Typed property

Describe the bug

I have just downloaded the latest composer-unused.phar file

➜ sha256sum composer-unused.phar 
796b27d142e07179857458fe66840e09afd14be4ee98ab37623d152d941d89c9  composer-unused.phar

When I run the command, I get an error instantly.

$ php composer-unused.phar  

PHP Fatal error:  Uncaught Error: Typed property __ComposerUnused__\ComposerUnused\ComposerUnused\Composer\Config::$name must not be accessed before initialization in phar:///path/to/project/composer-unused.phar/src/Composer/Config.php:23
Stack trace:
#0 phar:///path/to/project/composer-unused.phar/src/Composer/PackageFactory.php(12): __ComposerUnused__\ComposerUnused\ComposerUnused\Composer\Config->getName()
#1 phar:///path/to/project/composer-unused.phar/src/Console/Command/UnusedCommand.php(67): __ComposerUnused__\ComposerUnused\ComposerUnused\Composer\PackageFactory->fromConfig()
#2 phar:///path/to/project/composer-unused.phar/vendor/symfony/console/Command/Command.php(259): __ComposerUnused__\ComposerUnused\ComposerUnused\Console\Command\UnusedCommand->execute()
#3 phar:///path/to/project/composer-unused.phar/vendor in phar:///path/to/project/composer-unused.phar/src/Composer/Config.php on line 23

Additional information

I'm on PHP 7.4.28 so should be a compatible PHP version according to composer.json of the main branch.

Let me know if you need any additional information, or help testing etc.

Created at 11 hours ago
Feature: Interactive remove of unused packages

After listing the unused packages, there should be an interactive mode to remove unused packages.

Describe the solution you'd like After finding unused packages the user should get asked what to do with unused packages:

  • remove
  • skip
  • ignore (should be added to composer.json extra for ignore)

Additional information This kind of behavior should be optional and might be enabled with a cli parameter --interactive. Using an opt-in parameter this should not interfere with CI usage of this tool.

Created at 11 hours ago
Feature: Interactive remove of unused packages

No active need right now.

Created at 11 hours ago
False positives after using `readonly` modifier

Describe the bug

I'm changing one of my libs to require and use features from PHP 8.1. After the commit that introduces the readonly modifier, composer-unused started to report false positives.

I'm ignoring it for now but it might be good to investigate the cause :+1:

Created at 11 hours ago
False positives after using `readonly` modifier

@lcobucci can you check again with 0.8.3 as we added a fix for lexer so that readonly should work now.

Created at 11 hours ago
0.8.x: detects various used packages as unused
  • git clone https://github.com/api-platform/api-platform
  • cd api-platform/api
  • composer install
  • (add name in composer.json, see #345)
  • composer-unused

Expected:

Marks all packages that provide classes referenced in config/bundles.php as used

Actual:

They are all marked as unused.

For example: doctrine/doctrine-migrations-bundle or symfony/monolog-bundle

This used to work with 0.7.x

Created at 11 hours ago
0.8.x: detects various used packages as unused

As we did more improvements about how additional packages/folders are scanned, I am closing this issue for now, as it accumulates multiple different issues right now.

If you have a specific problem still unsolved, feel free to open a new issue.

Created at 11 hours ago
DI leading to error

Describe the bug

Installed composer-unused, immediately ran into error. This is in a PHP 7.4 docker instance.

Additional information

bash-5.1$ composer require composer-unused/composer-unused-plugin
Info from https://repo.packagist.org: #StandWithUkraine
Using version ^0.8.1 for composer-unused/composer-unused-plugin
./composer.json has been updated
Running composer update composer-unused/composer-unused-plugin
Loading composer repositories with package information
Updating dependencies
Lock file operations: 8 installs, 0 updates, 0 removals
  - Locking composer-unused/composer-unused-plugin (0.8.1)
  - Locking composer-unused/contracts (0.2.0)
  - Locking composer-unused/symbol-parser (0.1.9)
  - Locking icanhazstring/composer-unused (0.8.2)
  - Locking ondram/ci-detector (4.1.0)
  - Locking symfony/finder (v5.4.11)
  - Locking symfony/serializer (v5.4.11)
  - Locking webmozart/glob (4.6.0)
Writing lock file
Installing dependencies from lock file (including require-dev)
Package operations: 8 installs, 0 updates, 0 removals
  - Installing webmozart/glob (4.6.0): Extracting archive
  - Installing symfony/serializer (v5.4.11): Extracting archive
  - Installing ondram/ci-detector (4.1.0): Extracting archive
  - Installing symfony/finder (v5.4.11): Extracting archive
  - Installing composer-unused/contracts (0.2.0): Extracting archive
  - Installing composer-unused/symbol-parser (0.1.9): Extracting archive
  - Installing icanhazstring/composer-unused (0.8.2): Extracting archive
composer-unused/composer-unused-plugin contains a Composer plugin which is currently not in your allow-plugins config. See https://getcomposer.org/allow-plugins
Do you trust "composer-unused/composer-unused-plugin" to execute code and wish to enable it now? (writes "allow-plugins" to composer.json) [y,n,d,?] y
  - Installing composer-unused/composer-unused-plugin (0.8.1): Extracting archive
    Install of composer-unused/composer-unused-plugin failed

In services.php line 30:
                                                                                                  
  [Error]                                                                                         
  Call to undefined function Symfony\Component\DependencyInjection\Loader\Configurator\service()  
                                                                                                  

Exception trace:
  at phar:///app/vendor/composer-unused/composer-unused-plugin/composer-unused.phar/config/services.php:30
 Symfony\Component\DependencyInjection\Loader\ProtectedPhpFileLoader::{closure}() at /app/vendor/symfony/dependency-injection/Loader/PhpFileLoader.php:50
 Symfony\Component\DependencyInjection\Loader\PhpFileLoader->load() at phar:///app/vendor/composer-unused/composer-unused-plugin/composer-unused.phar/config/container.php:12
 ComposerUnused\ComposerUnusedPlugin\UnusedPlugin::{closure}() at phar:///app/vendor/composer-unused/composer-unused-plugin/composer-unused.phar/config/container.php:21
 require() at /app/vendor/composer-unused/composer-unused-plugin/src/UnusedPlugin.php:36
 ComposerUnused\ComposerUnusedPlugin\UnusedPlugin->activate() at phar:///usr/local/bin/composer/src/Composer/Plugin/PluginManager.php:400
 Composer\Plugin\PluginManager->addPlugin() at phar:///usr/local/bin/composer/src/Composer/Plugin/PluginManager.php:291
 Composer\Plugin\PluginManager->registerPackage() at phar:///usr/local/bin/composer/src/Composer/Installer/PluginInstaller.php:85
 Composer\Installer\PluginInstaller->Composer\Installer\{closure}() at phar:///usr/local/bin/composer/vendor/react/promise/src/FulfilledPromise.php:28
 React\Promise\FulfilledPromise->then() at phar:///usr/local/bin/composer/vendor/react/promise/src/Promise.php:134
 React\Promise\Promise::React\Promise\{closure}() at phar:///usr/local/bin/composer/vendor/react/promise/src/Promise.php:168
 React\Promise\Promise->settle() at phar:///usr/local/bin/composer/vendor/react/promise/src/Promise.php:231
 React\Promise\Promise::React\Promise\{closure}() at phar:///usr/local/bin/composer/vendor/react/promise/src/FulfilledPromise.php:42
 React\Promise\FulfilledPromise->done() at phar:///usr/local/bin/composer/vendor/react/promise/src/Promise.php:135
 React\Promise\Promise::React\Promise\{closure}() at phar:///usr/local/bin/composer/vendor/react/promise/src/Promise.php:168
 React\Promise\Promise->settle() at phar:///usr/local/bin/composer/vendor/react/promise/src/Promise.php:231
 React\Promise\Promise::React\Promise\{closure}() at phar:///usr/local/bin/composer/vendor/react/promise/src/FulfilledPromise.php:42
 React\Promise\FulfilledPromise->done() at phar:///usr/local/bin/composer/vendor/react/promise/src/Promise.php:66
 React\Promise\Promise::React\Promise\{closure}() at phar:///usr/local/bin/composer/vendor/react/promise/src/Promise.php:168
 React\Promise\Promise->settle() at phar:///usr/local/bin/composer/vendor/react/promise/src/Promise.php:231
 React\Promise\Promise::React\Promise\{closure}() at phar:///usr/local/bin/composer/vendor/react/promise/src/FulfilledPromise.php:42
 React\Promise\FulfilledPromise->done() at phar:///usr/local/bin/composer/vendor/react/promise/src/Promise.php:135
 React\Promise\Promise::React\Promise\{closure}() at phar:///usr/local/bin/composer/vendor/react/promise/src/Promise.php:168
 React\Promise\Promise->settle() at phar:///usr/local/bin/composer/vendor/react/promise/src/Promise.php:231
 React\Promise\Promise::React\Promise\{closure}() at phar:///usr/local/bin/composer/vendor/react/promise/src/FulfilledPromise.php:42
 React\Promise\FulfilledPromise->done() at phar:///usr/local/bin/composer/vendor/react/promise/src/Promise.php:135
 React\Promise\Promise::React\Promise\{closure}() at phar:///usr/local/bin/composer/vendor/react/promise/src/Promise.php:168
 React\Promise\Promise->settle() at phar:///usr/local/bin/composer/vendor/react/promise/src/Promise.php:231
 React\Promise\Promise::React\Promise\{closure}() at phar:///usr/local/bin/composer/vendor/react/promise/src/FulfilledPromise.php:42
 React\Promise\FulfilledPromise->done() at phar:///usr/local/bin/composer/vendor/react/promise/src/Promise.php:135
 React\Promise\Promise::React\Promise\{closure}() at phar:///usr/local/bin/composer/vendor/react/promise/src/Promise.php:168
 React\Promise\Promise->settle() at phar:///usr/local/bin/composer/vendor/react/promise/src/Promise.php:231
 React\Promise\Promise::React\Promise\{closure}() at n/a:n/a
 call_user_func() at phar:///usr/local/bin/composer/src/Composer/Util/ProcessExecutor.php:321
 Composer\Util\ProcessExecutor->countActiveJobs() at phar:///usr/local/bin/composer/src/Composer/Util/Loop.php:98
 Composer\Util\Loop->wait() at phar:///usr/local/bin/composer/src/Composer/Installer/InstallationManager.php:506
 Composer\Installer\InstallationManager->waitOnPromises() at phar:///usr/local/bin/composer/src/Composer/Installer/InstallationManager.php:479
 Composer\Installer\InstallationManager->executeBatch() at phar:///usr/local/bin/composer/src/Composer/Installer/InstallationManager.php:390
 Composer\Installer\InstallationManager->downloadAndExecuteBatch() at phar:///usr/local/bin/composer/src/Composer/Installer/InstallationManager.php:282
 Composer\Installer\InstallationManager->execute() at phar:///usr/local/bin/composer/src/Composer/Installer.php:763
 Composer\Installer->doInstall() at phar:///usr/local/bin/composer/src/Composer/Installer.php:590
 Composer\Installer->doUpdate() at phar:///usr/local/bin/composer/src/Composer/Installer.php:279
 Composer\Installer->run() at phar:///usr/local/bin/composer/src/Composer/Command/RequireCommand.php:425
 Composer\Command\RequireCommand->doUpdate() at phar:///usr/local/bin/composer/src/Composer/Command/RequireCommand.php:288
 Composer\Command\RequireCommand->execute() at phar:///usr/local/bin/composer/vendor/symfony/console/Command/Command.php:298
 Symfony\Component\Console\Command\Command->run() at phar:///usr/local/bin/composer/vendor/symfony/console/Application.php:1024
 Symfony\Component\Console\Application->doRunCommand() at phar:///usr/local/bin/composer/vendor/symfony/console/Application.php:299
 Symfony\Component\Console\Application->doRun() at phar:///usr/local/bin/composer/src/Composer/Console/Application.php:335
 Composer\Console\Application->doRun() at phar:///usr/local/bin/composer/vendor/symfony/console/Application.php:171
 Symfony\Component\Console\Application->run() at phar:///usr/local/bin/composer/src/Composer/Console/Application.php:130
 Composer\Console\Application->run() at phar:///usr/local/bin/composer/bin/composer:88
 require() at /usr/local/bin/composer:29

require [--dev] [--dry-run] [--prefer-source] [--prefer-dist] [--prefer-install PREFER-INSTALL] [--fixed] [--no-suggest] [--no-progress] [--no-update] [--no-install] [--update-no-dev] [-w|--update-with-dependencies] [-W|--update-with-all-dependencies] [--with-dependencies] [--with-all-dependencies] [--ignore-platform-req IGNORE-PLATFORM-REQ] [--ignore-platform-reqs] [--prefer-stable] [--prefer-lowest] [--sort-packages] [-o|--optimize-autoloader] [-a|--classmap-authoritative] [--apcu-autoloader] [--apcu-autoloader-prefix APCU-AUTOLOADER-PREFIX] [--] [<packages>...]
Created at 11 hours ago
DI leading to error

Should be solved in 0.8.3

Created at 11 hours ago

Add JsonFormatter with test

add test coverage for requried by

add json to console help note

Created at 11 hours ago
pull request closed
Add JsonFormatter with test

Follow up to https://github.com/composer-unused/composer-unused/pull/280#issuecomment-1265958116

So other tools can pick up the result easily and parse it to standardized json :+1:

Created at 11 hours ago
Add JsonFormatter with test

Awesome. Love it. Thank you 🙏

Created at 11 hours ago
Don't report Github output when package ignored

On the other hand. I think ignored packages should not be warning level output 🤔 Don't know what might be the best solution here.

Remove the output altogether for github actions, or mark it as info? What do you think?

Created at 13 hours ago
Don't report Github output when package ignored

Yes, you are correct. This is clearly a bug and should be checked in the GithubFormatter.

Also, there might be an issue with the partition from unused to ignored dependencies here: https://github.com/composer-unused/composer-unused/blob/main/src/Console/Command/UnusedCommand.php#L228-L242

This should remove ignored packages from unused ones, so they actually should not be printed out by the OutputFormatter. I got a slight suspicion that the PatterFilter does not work correctly here.

Created at 13 hours ago
Add AnnotationStrategy

@LeoVie nice work. Could we add more test cases? So that we cover some more cases.

/** @var My\Class */
/** @param My\Class */
Created at 14 hours ago
issue comment
Use better composer-unused

it possibly reported by GithubFormatter

https://github.com/composer-unused/composer-unused/blob/d1d0c6707215767ca423c44b6ea954025c0feab3/src/OutputFormatter/GithubFormatter.php#L12

/cc @icanhazstring any way to not show github report when ignored by PatternFilter?

Can you give an example? Or just create a ticket and we can check 🙂

Created at 15 hours ago
Ignore exit code option doesn't work

Describe the bug

Hello, I think the --ignore-exit-code doesn't work anymore because, in the UnusedCommand, I can't find a mention of it except for as an attribute.

I hope you can fix this when you have some time.

Thank you, and have a good day

Created at 16 hours ago
override exit code with "0" if option `--ignore-exit-code` is used

Awesome. Thanks 👍

Created at 16 hours ago

override exit code with 0 if option --ignore-exit-code is used

Add testcase for option ignore-exit-code

Created at 16 hours ago
pull request closed
override exit code with "0" if option `--ignore-exit-code` is used

All Submissions:

This handles the issue #378

Created at 16 hours ago
Add --output-format

@TomasVotruba you can add a new case here

https://github.com/composer-unused/composer-unused/blob/main/src/OutputFormatter/FormatterFactory.php#L33

And add a new Implementation alongside the GithubFormatter.

Created at 17 hours ago
override exit code with "0" if option `--ignore-exit-code` is used

Nice. Thanks, could you also provide a test for that?

Created at 1 day ago
Add AnnotationStrategy

Wow. Thanks a lot. Had quick look using my phone. Will take a deeper look at it later that day.

But so far looks promising 💪

Created at 1 day ago

composer(deps): update icanhazstring/composer-unused requirement (#11)

Updates the requirements on icanhazstring/composer-unused to permit the latest version.


updated-dependencies:

  • dependency-name: icanhazstring/composer-unused dependency-type: direct:production ...

Signed-off-by: dependabot[bot] support@github.com

Signed-off-by: dependabot[bot] support@github.com Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>

Created at 4 days ago
composer(deps): update icanhazstring/composer-unused requirement from ^0.8.2 to ^0.8.3

Updates the requirements on icanhazstring/composer-unused to permit the latest version.

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.


You can trigger Dependabot actions by commenting on this PR:

  • @dependabot rebase will rebase this PR
  • @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
  • @dependabot merge will merge this PR after your CI passes on it
  • @dependabot squash and merge will squash and merge this PR after your CI passes on it
  • @dependabot cancel merge will cancel a previously requested merge and block automerging
  • @dependabot reopen will reopen this PR if it is closed
  • @dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
  • @dependabot ignore this major version will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
  • @dependabot ignore this minor version will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
  • @dependabot ignore this dependency will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)
Created at 4 days ago
issue comment
StrictTypesAssember

Cool. Thanks for picking it up 👍

Created at 4 days ago