On Fri, Jun 30, 2023 at 3:04 PM Brian Wolff <bawolff@gmail.com> wrote:
>
> You could install composer from its official website instead of using the system package manager. It can be downloaded as a single .phar file.

Thanks Brian.

We don't want to switch hosting providers or download third party
stuff. In the case of Composer, we don't have the expertise to
evaluate it. Hence we rely on the distro.

(I personally don't trust Composer because it is willing to run
arbitrary code. It's very sloppy in its security practices).

Jeff

> On Fri, Jun 30, 2023 at 11:42 AM Jeffrey Walton <noloader@gmail.com> wrote:
>>
>> On Fri, Jun 30, 2023 at 12:47 PM Sam Reed <reedy@wikimedia.org> wrote:
>> >
>> > As per the MediaWiki version lifecycle[1], I would like to announce the formal end of life (EOL) of MediaWiki 1.38 as of today, Friday June 30, 2023.
>> >
>> > 1.38.7 is expected to be the last release for this branch.
>> >
>> > This means that MediaWiki 1.38 will no longer receive maintenance or security backports. It is therefore strongly discouraged that you continue to use it.
>> >
>> > It is recommended to upgrade either to MediaWiki 1.39 (LTS), which will be supported until November 2025 or to 1.40 (released today), which will be supported until June 2024.
>>
>> Is there a path available to folks who use MW 1.38 and have hosting
>> providers that only offer Ubuntu 20.04 with Composer 1? My testing
>> revealed we could not update to MW 1.39 because of the Composer 2
>> requirement.
>>
>> I think our options are... we need to wait until our hosting provider
>> offers Ubuntu 22.04, or MediaWiki drops the Composer 2 requirement for
>> MW 1.39.
>>
>> It is an uncomfortable position to be in.
>>
>> Jeff
>> _______________________________________________
>> MediaWiki-l mailing list -- mediawiki-l@lists.wikimedia.org
>> To unsubscribe send an email to mediawiki-l-leave@lists.wikimedia.org
>> https://lists.wikimedia.org/postorius/lists/mediawiki-l.lists.wikimedia.org/