Hi all, this is about the PHP dependencies for Windows which are available at <https://downloads.php.net/~windows/php-sdk/deps/>. As is, new dependency builds are uploaded manually. This has a couple of problems:
* only few people can do these uploads At first, that is a good thing, because many people could easily step on each other's toes, since there are no locks when uploading. However, whenever a new dependency build needs to be uploaded, you need to get one of these few people to actually do the upload. It is not clear who is allowed to do it, and who has time. * the process is not transparent I.e. there is no easy way of being informed about updates, so you would need to regularly run `phpsdk_deps -u`, often just to see that there are no updates available. * there is no history of the series While not super important, it would be nice to able to fetch an older set of dependencies to be able to build an older PHP version with its original dependency version (a step towards reproducible builds). * the process is prone to error It's all too easy to make some mistakes when editing the series files. Sometimes you forget to updates one of the series files, sometimes you have a typo (e.g. you add an x64 dependency to an x86 series file), sometimes you may update a series file which is not supposed to be updated. And not so rarely, you may forget to archive a dependency version which is no longer required. All these problems could be solved, or at least mitigated, by setting up a Github repository for the dependency builds and the series files. The upload could be as simple as a cron'd `git pull` on the server. The history of the series would be implicitly tracked (or even explicitly when using tags). Users who want to be informed about new dependencies could subscribe to that repository. And mistakes are less likely to occur due to the improved transparency, and there could be even GH actions which do some basic sanity checks. The only potential drawback I see would be the size of the repository. While I believe the new repo would be way smaller than our distribution repo[1], and we might exclude vc11 and vc15 builds, it may still be too large for practical handling. But in this case we can consider using Git LFS[2] which has been developed to address this issue. What do you think? Would this require the RFC process? Note that I am deliberately referring to php-sdk/deps/ only, since this appears to be the most important part for now. Uploading the QA and release builds of PHP is not supposed to be an issue, and the PECL dependencies are less important than the PHP dependencies (besides these do not have series files, which simplifies the upload process). [1] <https://github.com/php/web-php-distributions> [2] <https://git-lfs.com/> Christoph
