Using Phive to manage PHPUnit
I recently came across the Phive project and have had a play with it. Phive is part of phar.io and is intended to manage development tools such as PHPUnit in preference to using Composer's dev dependencies. The main advantages of Phive are that it uses the phar file of the tool and only keeps one copy of each version rather than downloading a new copy into each project.
How it works
Phive stores one copy of each phar file within ~/.phive/ and then for each project, it creates a symlink. For example, to install PHPUnit into a project, you simply change directory to the root of your project and type:
$ phive install phpunit
This will download the phpunit phar file (if it's not already downloaded) to your ~/.phive directory, It will then create a tools directory in your project with the symlink to phpunit.phar.
$ ls -l tools total 8 lrwxrwxr-x 1 rob staff 42 3 Jan 07:34 phpunit -> /Users/rob/.phive/phars/phpunit-5.7.5.phar
You can now run PHPUnit using ./tools/phpunit, however if you would rather install to a different directory, e.g. bin, then use the --target switch:
$ phive install --target bin/ phpunit
The phive.xml file
Phive also creates a phive.xml file to keep track of what it has installed. You should add this file to your git repository and ignore the installed files in tools.
$ echo -e "phpunit" >> tools/.gitignore $ git add phive.xml tools/.gitignore $ git commit -m "Add phpunit via Phive"
Other users of the project can now install all the Phive tools using:
$ phive install
Installing for global use
Phive also supports global installation with the -g switch:
$ phive install -g phpunit Phive 0.6.2 - Copyright (C) 2015-2017 by Arne Blankerts, Sebastian Heuer and Contributors Downloading https://phar.phpunit.de/phive.xml Copying phpunit-5.7.5.phar to /usr/local/Cellar/php71/7.1.0_11/bin/phpunit
You may need sudo privileges, but for my HomeBrew installation, this wasn't necessary.
GPG signatures required
Note that Phive only works with projects that also release a GPG signature for their tools. This is good security, but currently a significant limitation if you use anything else other than the few tools listed on phar.io.
The most significant missing tool for me is PHP_CodeSniffer. There's an open issue on their bug tracker but as it's been open for 6 months now, I assume that it isn't important for that project which is frustrating.
As such, this limits the usefulness of Phive for me today, but it's certainly a project to watch.