On Fri, Feb 1, 2019 at 12:27 PM Nikita Popov <nikita....@gmail.com> wrote:
> Hi internals, > > I would like to suggest that installation of PEAR is disabled by default > in PHP 7.4. PR: https://github.com/php/php-src/pull/3781 > > I think the reasons for this should be obvious. It's not really the recent > security breach itself, but rather the underlying issue that PEAR simply > isn't actively maintained anymore. > > Currently PEAR is broken on master due to the removal of each(), which was > deprecated in PHP 7.2. Apparently, since that time nobody noticed that PEAR > is throwing deprecation errors, or at least nobody bothered to fix them. > (I've submitted https://github.com/pear/Console_Getopt/pull/3 to fix at > least this particular issue.) > > It's somewhat unfortunate that PEAR and PECL are coupled projects, but I > don't think that should prevent us from changing this default. > > Regards, > Nikita > To reiterate what Peter has said: This is not about whether you personally like PEAR or Composer. There is no suggestion here to replace PEAR with Composer in our distribution. We simply shouldn't be making an endorsement either way. I understand that distros are having a hard time dealing with the fact that pretty much all modern package management (in PHP and elsewhere) has moved towards per-project rather than global dependencies. However, complaining about that on this thread is not going to bring PEAR back to popularity. We have to deal with the situation as it is, not as we would like it to be. Nikita
