Codeception: php-timer dependency not explicitly defined, causing issues with version 2.x+

Created on 19 Feb 2018  路  9Comments  路  Source: Codeception/Codeception

What are you trying to achieve?

installing a working codeception via composer

What do you get instead?

PHP Fatal error:  Uncaught Error: Class 'PHP_Timer'```

### Details

The issue is that https://packagist.org/packages/phpunit/phpunit#5.3.0 has no upper bound on the `phpunit/php-timer` dependency and so I ended up with a 2.x version which is not compatible with codeception. So codeception should probably make the depdendency explicit, ie. `composer require phpunit/php-timer:^1.0` or move to a newer PHPUnit version as the minimal requirement (which will require to refactor to the newer php-timer version).

* Codeception version: 2.3.6
* PHP Version: 7.1.12
* Operating System: Linux
* Installation type: Composer
* List of installed packages (`composer show`)

lsmith@pooteeweet-4 project (feature/tests)$ composer show | grep phpunit
phpunit/php-code-coverage 3.3.3 Library that provides collection, processing, and rendering functional...
phpunit/php-file-iterator 1.4.5 FilterIterator implementation that filters files based on a list of su...
phpunit/php-text-template 1.2.1 Simple template engine.
phpunit/php-timer 2.0.0 Utility class for timing
phpunit/php-token-stream 1.4.12 Wrapper around PHP's tokenizer extension.
phpunit/phpunit 5.3.0 The PHP Unit Testing framework.
phpunit/phpunit-mock-objects 3.1.3 Mock Object library for PHPUnit

after running composer require phpunit/php-timer:^1.0

lsmith@pooteeweet-4 project (feature/tests)$ composer show | grep codeception
codeception/codeception 2.3.6 BDD-style testing framework
lsmith@pooteeweet-4 project (feature/tests)$ composer show | grep phpunit
phpunit/php-code-coverage 3.3.3 Library that provides collection, processing, and rendering functional...
phpunit/php-file-iterator 1.4.5 FilterIterator implementation that filters files based on a list of su...
phpunit/php-text-template 1.2.1 Simple template engine.
phpunit/php-timer 1.0.9 Utility class for timing
phpunit/php-token-stream 1.4.12 Wrapper around PHP's tokenizer extension.
phpunit/phpunit 5.3.0 The PHP Unit Testing framework.
phpunit/phpunit-mock-objects 3.1.3 Mock Object library for PHPUnit
```

  • Suite configuration:
picture lsmith77

Most helpful comment

That is of course correct.

My point is that in https://packagist.org/packages/codeception/codeception you still rely on phpunit supplying you the correct php-timer version, which isn't a safe strategy. Since your code directly calls php-timer, imho you also need to add an explicit dependency.

picture lsmith77 on 19 Feb 2018
👍3

All 9 comments

Why did you install PhpUnit 5.3.0?
If you are using PhpUnit 5, at least upgrade to the last release, which was 5.7.27

Naktibalda picture Naktibalda on 19 Feb 2018

@Naktibalda It can be part of the constraints dictated by other libs.
You still need to properly declare your dependencies in composer.json if you declare support for PHPUnit 5.3

dereuromark picture dereuromark on 19 Feb 2018

I guess my point, which I didn't make sufficiently clear, codeception is relying on a transitive dependency, where it actually should be an explicit direct dependency. ie. relying on phpunit to supply a dependency to you is what is causing the issue.

ie. if codeception relies on a specific php-timer version, then codeception needs to "own" this dedepdency, rather than relying on phpunit to pull the correct version for you.

lsmith77 picture lsmith77 on 19 Feb 2018
👍3

We don't declare support for PhpUnit 5.3 - the lowest supported version of PhpUnit 5 was bumped to 5.6.3 in Codeception 2.3.7, but you installed Codeception 2.3.6 which can't be modified.
We can't update composer constraints in historical versions in the same way as phpunit can't do that.
The solution is for you to change version constraint of codeception/codeception to ^2.3.7

Naktibalda picture Naktibalda on 19 Feb 2018

That is of course correct.

My point is that in https://packagist.org/packages/codeception/codeception you still rely on phpunit supplying you the correct php-timer version, which isn't a safe strategy. Since your code directly calls php-timer, imho you also need to add an explicit dependency.

lsmith77 picture lsmith77 on 19 Feb 2018
👍3

So maybe one more comment, with this new release you probably solved the symptom of the issue I encountered which is great. But the root cause remains and so the issue might come up again (and potentially also with other transitive dependencies into which you call directly).

lsmith77 picture lsmith77 on 19 Feb 2018
👍1

I agree with that, transitive dependency constraints get added when they break.
This is the first time for php_timer.

@DavertMik is extracting phpunit dependencies to a separate library right now: https://github.com/Codeception/phpunit-wrapper/
So that's the right place to add this new constraint.
Please make pull request to both branches.

Naktibalda picture Naktibalda on 19 Feb 2018

FYI this tool might help in finding such transitive dependencies https://github.com/maglnet/ComposerRequireChecker

lsmith77 picture lsmith77 on 19 Feb 2018

Codeception 2.4.0 will introduce upgrade to new PHPUnit libraries. Stay tuned!

DavertMik picture DavertMik on 26 Feb 2018
Was this page helpful?
0 / 5 - 0 ratings

Related issues

Renkas picture Renkas  路  3Comments
nikolaykolev picture nikolaykolev  路  3Comments
maxibello picture maxibello  路  3Comments
allen0817 picture allen0817  路  3Comments
joshhornby picture joshhornby  路  3Comments