SymfonyCasts stands united with the people of Ukraine
If you liked what you've learned so far, dive in!
Subscribe to get access to this tutorial plus
video, code and script downloads.
With a Subscription, click any sentence in the script to jump to that part of the video!
Login SubscribeRun:
composer recipes
Our goal is to update all of the recipes starting with symfony/. The hardest ones are at the beginning: symfony/console and symfony/framework-bundle. But right now, let's update symfony/flex itself. Run:
composer recipes symfony/flex
... because that's an easy way to get the update command. Run it:
composer recipes:install symfony/flex --force -v
Hmm, it looks like it only modified one file: .env. Take a look with:
git status
Yup! Just that one. Check it out:
git diff
Ok: two changes. The first one is a fix for a typo in a comment. Then... it deleted a bunch of my code. Rude! Ok, we expected that: this is not a true update process: the new .env file from the recipe overrode mine completely.
So this recipe update was to fix a meaningless typo. That's super minor, but I guess we want that change. Hit "Q" to get out of this mode. Then run:
git add -p
I will accept the typo change - y - but not the rest - n. Add the symfony.lock changes as usual. Ok, run:
git status
Two changes staged and ready to commit and one unstaged change to .env. Let's commit the staged updates:
git commit -m "updating symfony/flex"
Cool! Now git diff tells us that the only remaining change is the removal of the stuff that we do want in .env. Revert all of that by running:
git checkout .env
Done!
Let's check our progress:
composer recipes
Another one done! Take a deep breath and move onto the biggest, most important recipe: symfony/framework-bundle. Run:
composer recipes symfony/framework-bundle
Hmm, yea, we're upgrading from version 3.3 of the recipe to 4.4: that might be a fairly big upgrade. Copy the recipes:install command and run it:
composer recipes:install symfony/framework-bundle --force -v
Apparently this modified several files. You know the drill: let's start walking through the changes by running:
get add -p
The first change is inside .env - it updated APP_SECRET. This recipe has a special power: each time you install it, it generates a new unique value for APP_SECRET, which is used to generate some cryptographic stuff in your app. We don't really need or want to change this value.
What about the change right below it - for TRUSTED_PROXIES? We're not using that value anyways - you can see that both the old and new code are commented out.
But, as a challenge, let's see if we can find what this change is all about. Go back to the homepage of the symfony/recipes repository and then navigate to symfony/framework-bundle/. We're installing the 4.4 recipe, so start there.
Most of the time, a recipe simply copies files into your project. And so we're usually comparing the contents of a file between two recipes.
But there are a couple of other things a recipe can do, like modify your .env or .gitignore files. In those cases, you won't see a .env or .gitignore file in the recipe: those changes are described in this manifest.json file.
Ah! A symlink - this points to the 4.2 version. I'll take a shortcut and change the URL to jump to that file.
manifest.json is the config file that describes everything the recipe does. The env key says:
Hey! I want you to update the
.envfile to addAPP_ENV,APP_SECRETand these twoTRUSTEDcomment lines.
Let's "blame" this file. The TRUSTED_PROXIES line was modified about three months ago. Click that commit... and jump to the pull request - 654 - to get the full details.
Ok: "Trusted proxies on private and local IPs". This links to another issue on the main Symfony repository where someone proposes that private IP address ranges should be trusted by default.
If you're not familiar with TRUSTED_PROXIES, then you probably don't care much about this and... you might as well just accept the update. If you do care, you'll understand that this PR marks private IP ranges as "trusted", which may or may not be useful for you. The point is: we figured out the reason for this change and - if we use this feature - we can accept or reject these changes intelligently.
Because we don't want the APP_SECRET change... and I don't really care about the updated comment line, I'll say "n" to skip both changes.
The next file that's modified is .gitignore. Let's talk about this next as well as changes to framework.yaml and super important updates to the Kernel class.
Hey Michael,
Hm, not sure, probably you can do "git add -i" instead of for using interactive picking, but I haven't tried it yet. Or, just use UI tool for this like GitHub Desktop, or just tweak the file as you need and commit the specific file only
I hope this helps!
Cheers!
lost my .env file when i ran the update... i guess it's because it was on my gitignore file so it doesn't tracked the change, right?
Yo Contabexpress L.!
> lost my .env file when i ran the update
Was it fully deleted? Or did you just lost the "contents" of it?
If you just lost the "contents" of it, I can explain that :) - we talk about it around 0:46 of the video - the updated recipe *replaces* the contents of your file completely (it's not a smart update process). It doesn't relate to being ignored by git - it's just because the updated recipe "overwrote it".
But if you meant that the file was actually *deleted*, I'm not sure I could explain that. Let me know!
Cheers!
yeah, it was replaced* and I wasn't able to check with git diff like you did so I kinda lost my configs.
Hey Contabexpress L.!
Yea, that's the problem with the update system - it's not a "smart" update - it's just a replace. Using git to look at the diff and intelligently "put back" your custom stuff is the only way, at the moment. I would love to improve that, but it's a tricky problem :).
Cheers!
// composer.json
{
"require": {
"php": "^7.3.0",
"ext-iconv": "*",
"antishov/doctrine-extensions-bundle": "^1.4", // v1.4.2
"aws/aws-sdk-php": "^3.87", // 3.110.11
"composer/package-versions-deprecated": "^1.11", // 1.11.99
"doctrine/doctrine-bundle": "^2.0", // 2.0.6
"doctrine/doctrine-migrations-bundle": "^1.3|^2.0", // 2.1.2
"doctrine/orm": "^2.5.11", // v2.7.2
"doctrine/persistence": "^1.3.7", // 1.3.8
"easycorp/easy-log-handler": "^1.0", // v1.0.9
"http-interop/http-factory-guzzle": "^1.0", // 1.0.0
"knplabs/knp-markdown-bundle": "^1.7", // 1.8.1
"knplabs/knp-paginator-bundle": "^5.0", // v5.0.0
"knplabs/knp-snappy-bundle": "^1.6", // v1.7.0
"knplabs/knp-time-bundle": "^1.8", // v1.11.0
"league/flysystem-aws-s3-v3": "^1.0", // 1.0.23
"league/flysystem-cached-adapter": "^1.0", // 1.0.9
"league/html-to-markdown": "^4.8", // 4.8.2
"liip/imagine-bundle": "^2.1", // 2.3.0
"nexylan/slack-bundle": "^2.1", // v2.2.1
"oneup/flysystem-bundle": "^3.0", // 3.3.0
"php-http/guzzle6-adapter": "^2.0", // v2.0.1
"sensio/framework-extra-bundle": "^5.1", // v5.5.3
"symfony/asset": "5.0.*", // v5.0.2
"symfony/console": "5.0.*", // v5.0.2
"symfony/dotenv": "5.0.*", // v5.0.2
"symfony/flex": "^1.0", // v1.17.6
"symfony/form": "5.0.*", // v5.0.2
"symfony/framework-bundle": "5.0.*", // v5.0.2
"symfony/mailer": "5.0.*", // v5.0.2
"symfony/messenger": "5.0.*", // v5.0.2
"symfony/monolog-bundle": "^3.5", // v3.5.0
"symfony/security-bundle": "5.0.*", // v5.0.2
"symfony/sendgrid-mailer": "5.0.*", // v5.0.2
"symfony/serializer-pack": "^1.0", // v1.0.2
"symfony/twig-bundle": "5.0.*", // v5.0.2
"symfony/twig-pack": "^1.0", // v1.0.0
"symfony/validator": "5.0.*", // v5.0.2
"symfony/webpack-encore-bundle": "^1.4", // v1.7.2
"symfony/yaml": "5.0.*", // v5.0.2
"twig/cssinliner-extra": "^2.12", // v2.12.0
"twig/extensions": "^1.5", // v1.5.4
"twig/inky-extra": "^2.12" // v2.12.0
},
"require-dev": {
"doctrine/doctrine-fixtures-bundle": "^3.0", // 3.3.0
"fzaninotto/faker": "^1.7", // v1.8.0
"symfony/browser-kit": "5.0.*", // v5.0.2
"symfony/debug-bundle": "5.0.*", // v5.0.2
"symfony/maker-bundle": "^1.0", // v1.14.3
"symfony/phpunit-bridge": "5.0.*", // v5.0.2
"symfony/profiler-pack": "^1.0", // v1.0.4
"symfony/var-dumper": "5.0.*" // v5.0.2
}
}
How would I do a "partial yes" for the TRUSTED_PROXIES. I mean - git add -p put it together. Is there a way to split this?