phpc.social is one of the many independent Mastodon servers you can use to participate in the fediverse.
A server for PHP programmers & friends. Join us for discussions on the PHP programming language, frameworks, packages, tools, open source, tech, life, and more.

Administered by:

Server stats:

837
active users

> 23% appear abandoned, making dependency audits essential.

How do you know that the package is abandoned versus it is just stable and needs little to no maintenance 🤔

Also have "only" 136 package instead of a gazillon of package seems to show strong stable basis.

Among those 136 packages that represents 50% of all monthly downloads the percentage of PSR related interfaces (and implementation) is a fascinating thing to see. For all the bashing the PHP-FIG is receiving everytime someone mention them aka the PHP-FIG should just stop existing vs its real deep impact on the ecosystem just says a lot about myth vs reality

@nyamsprod The concept of feature-complete is elusive to many people.

@afilina @nyamsprod "it hasn't been updated for two years so is probably unmaintained and full of vulnerabilities" - in reality it is a validation library and there are only so many times you can rewrite a check for string length before it gets ridiculous. I suppose updating a change log each week with, "still no need for a change" is a solution to satisfy the need some have for something new every week.