Tsugi - Dependencies advanced

[Charles Severance]

Hi all,

It is summer when I catch up the dependencies of Tsugi and your next “git pull” looks super scary but is not.

In the past six months, I have refactored and cleaned up the dependencies in Tsugi so advancing them was easier.   Dependabot keeps a close eye on us and this clears all the dependabot backlog.

I keep vendor in github (yes many feel this is insane) but it means an instant deploy from git rather than a deploy, install composert, run composer and hope you are running the same image that all my servers run.   So vendor goes into git so you know it is tested under a lot of load and complex conditions.  Sorry not sorry.

Like always I snap a boring, safe, "retreat to tag" in case things go wrong:

https://github.com/tsugiproject/tsugi/releases/tag/26.6.1

Master is already running in my largest servers - so I am that confident in master.

We are on PHP 8.4 - and Security support ends Dec 31, 2028.

Probably later this summer, I will start exploring PHP 8.5 - and upgrading - usually PHP upgrades are forced on my when I start minting new AWS servers and the latest Linux wants a later “sweet spot” PHP. 

So my steps are upgrade dependencies without advancing PHP - tentatively advance PHP - and see if a few dependencies get kicked forward from that and then see where to go.

We don’t want to get too far behind on PHP versions and Linux versions.

Thanks and questions always welcome.

/Chuck