How to reduce duplication in your GitHub Actions workflows

Recently ReactJS v18 was released. I started to look into its improvements, and checked which of my projects could benefit from them.The main react-based project I maintain at the moment of writing this article is <a target="_blank" rel="noopener noreferrer" href="https://github.com/shlinkio/shlink-web-client">shlink-web-client</a>, so I naturally created a new branch and started the process.The update was quite smooth, as most of the other dependencies I was using from the react ecosystem were already updated to support v18. All but one, <a target="_blank" rel="noopener noreferrer" href="https://enzymejs.github.io/enzyme/">enzyme</a>, the testing framework I was using to unit-test react components.To be precise, I was able to continue running my tests, but some of them (those using <code>mount</code> instead of <code>shallow</code>) were still rendering components with the &quot;old&quot; React v17 approach, causing them to behave as in that version and a warning being printed in the console.<h3>First fix attempt</h3>The way enzyme integrates with the react version you are using is through an adapter library. The last official one supports only React v16, but someone released an <a target="_blank" rel="noopener noreferrer" href="https://github.com/wojtekmaj/enzyme-adapter-react-17">unofficial adapter for v17</a> which, with close to 650k weekly downloads, quickly became the way to go.I checked if there was one for React 18, but sadly there wasn&#x27;t.Also, the author of the adapter for v17 posted an article indicating <a target="_blank" rel="noopener noreferrer" href="https://dev.to/wojtekmaj/enzyme-is-dead-now-what-ekl">enzyme is dead</a>, he was not going to release one for v18, and publishing one for v17 was a mistake.With those facts in mind, I started to face what was probably going to be the moment to migrate to <a target="_blank" rel="noopener noreferrer" href="https://testing-library.com/docs/react-testing-library/intro">react testing library</a>.<h3>Migration strategy</h3>I decided to follow a migration strategy similar to the one suggested in the article above, but with a couple of modifications:<ul><li>I update to React 18 anyway, as tests still pass.</li><li>Migrate right away all tests using <code>mount</code>, as those are the ones behaving differently.</li><li>New tests should be written directly with react testing library (RTL from now on).</li><li>When an existing test needs to be changed, consider migrating it to RTL, and do it if there&#x27;s time.</li><li>Introduce some PR from time to time just migrating a handful of tests.</li><li>Once everything is migrated, get rid of everything related with enzyme.</li></ul><h3>First contact and impressions</h3>I was a bit sceptical with RTL, as it was focused more on integration tests, instead of unit tests, which meant I had to completely change the mindset to write tests.It also didn&#x27;t support shallow rendering, meaning that you will end up sometimes rendering a bigger component tree when testing container-like components, potentially causing side effects that could affect your test.On the other hand there&#x27;s more and more people stating that <a target="_blank" rel="noopener noreferrer" href="https://kentcdodds.com/blog/why-i-never-use-shallow-rendering">shallow rendering is an anti-pattern</a>, and that&#x27;s probably the reason of enzyme getting &quot;discontinued&quot;.Also, RTL has become the <a target="_blank" rel="noopener noreferrer" href="https://reactjs.org/docs/testing.html#tools">officially recommended framework</a> to test react components, it has become very popular, and it has even joined a wider group of testing libraries under the <a target="_blank" rel="noopener noreferrer" href="https://testing-library.com/"><code>@testing-library</code></a> organization.The thing is that I started to use it, and I was quickly surprised with how it felt to work with it, and all the benefits it was bringing to my tests.<h3>Benefits I have experienced</h3>Once I started migrating the first tests I noticed some benefits:<ul><li>Changing my mindset was actually easier than I thought. The docs are very well written, so it&#x27;s relatively easy to start using RTL.</li><li>My tests got simpler, and required less of those nasty global mocks that jest allows (I&#x27;m looking at you, <a target="_blank" rel="noopener noreferrer" href="https://jestjs.io/es-ES/docs/mock-functions#mocking-modules"><code>jest.mock</code></a>).</li><li>Tests were way less coupled with implementation details. I moved from testing the component props, to test what the user would see on the screen.</li><li>Related with previous point, I started to write my tests by looking at the screen instead of the component&#x27;s implementation.</li><li>Changes in source code led to fewer tests requiring to be changed.</li><li>A progressive migration was possible, where some tests still use enzyme and others are already using RTL.</li></ul>And overall, it felt good and I have already dedicated a couple of PRs just to migrate more tests.<h3>Challenges I faced</h3>But of course, migrating to a new tool always comes with its own challenges, and this was not an exception. I&#x27;ll explain the main ones I have faced so far and how I tackled them:<ul><li>RTL lets you do some things in a couple of different ways, and the docs may not be super clear about what&#x27;s the recommended option.For this I recommend reading <a target="_blank" rel="noopener noreferrer" href="https://acel.me/DCMb1">this article</a> from Kent C. Dodds, RTL&#x27;s author, which explains some common mistakes when using the library.</li><li>At first, I struggled a bit with asynchronous side effects and state changes in components, which can easily end up printing a warning like <code>Warning: An update to MyComponent inside a test was not wrapped in act</code>.The warning also explains how you are supposed to solve this by wrapping your code in <code>act()</code>, but this warning comes from React, not RTL, and what it is not telling you is that RTL already wraps all needed operations in <code>act()</code>.What this error usually mean is that you are not waiting for something to happen. <a target="_blank" rel="noopener noreferrer" href="https://acel.me/jnUdT">This other article</a>, also from Kent C. Dodds, explains everything you need to know about the things that can lead to this warning, and how to solve them.</li><li>Since you start testing from the user point of view, some use cases can be challenging to test without coupling with implementation details. For example, when you have a component which dynamically renders different images or icons, I used to directly check the component properties.For this I found the best solution was to use <a target="_blank" rel="noopener noreferrer" href="https://jestjs.io/docs/snapshot-testing">jest snapshots</a>. I didn&#x27;t want to manually check which SVG was being rendered in the DOM, just that different ones were being used in every case.<pre><pre><code class="language-tsx">// I went from this...
test(&#x27;...&#x27;, () =&gt; {
 const wrapper = shallow(&lt;MyComp dynamicValue=&quot;foo&quot; /&gt;);
 expect(wrapper.find(FontAwesomeIcon).prop(&#x27;icon&#x27;)).toEqual(someIcon);
})

// To this
test(&#x27;...&#x27;, () =&gt; {
 const { container } = render(&lt;MyComp dynamicValue=&quot;foo&quot; /&gt;);
 expect(container.firstChild).toMatchSnapshot();
})
</code></pre></pre></li><li>Something very similar happens if you use some library that renders canvas. There&#x27;s no way to test that from a DOM point of view, which is what RTL does.In my case I was using <a target="_blank" rel="noopener noreferrer" href="https://www.chartjs.org/">Chart.js</a> to render some charts, so I used <a target="_blank" rel="noopener noreferrer" href="https://github.com/hustcc/jest-canvas-mock">jest-canvas-mock</a>, which exposes a method on the canvas to see which are all the events invoked from the library.Then I used snapshots again to verify they had the expected &quot;shape&quot;.<pre><pre><code class="language-tsx">// I went from this...
test(&#x27;...&#x27;, () =&gt; {
 const wrapper = shallow(&lt;MyCompWithCanvas /&gt;);
 expect(wrapper.find(Chart).prop(&#x27;data&#x27;).datasets).toEqual(...);
})

// To this
test(&#x27;...&#x27;, () =&gt; {
 const { container } = render(&lt;MyCompWithCanvas /&gt;);
 const events = container.querySelector(&#x27;canvas&#x27;)?.getContext(&#x27;2d&#x27;)?.__getEvents();

 expect(events).toBeTruthy();
 expect(events).toMatchSnapshot();
})
</code></pre></pre></li></ul><h3>Conclusion</h3>For better or worst, enzyme should no longer be considered an option. If you are starting a new project or are using it on small ones, consider migrating to RTL as soon as possible.If you are using it in bigger projects, following the process described in this article will probably help you.In any case, you will get surprised. React testing library is a great tool and provides many benefits over enzyme.Its main issue is that it&#x27;s not a drop-in replacement for enzyme, so you will have to change a bit your mindset.

My experience migrating from enzyme to react testing library

Capturing code coverage for a test suite is a very useful way to know which parts of your source code are actually getting executed by tests.This is useful not only to know if you need to add more tests to your project (in case the coverage is too low), but also, if you want to apply technics like mutation testing, having a properly generated code coverage report will dramatically speed up te execution and help you know if a non-killed mutant is relevant.<h3>Generating the code coverage</h3>Capturing code coverage is usually easy in the most common types of tests, like unit tests, where the source code is executed in the same process.Tools like <a target="_blank" rel="noopener noreferrer" href="https://phpunit.de/">PHPUnit</a>, one of the most extended PHP testing frameworks, ships with tools like <a target="_blank" rel="noopener noreferrer" href="https://github.com/sebastianbergmann/php-code-coverage">php-code-coverage</a>, designed to capture the code under execution, just by providing a couple of lines of configuration.However, generating a reliable code coverage report is not always that easy for other types of tests.In contexts like E2E tests, where you may spin-up an API on a different process, and make your tests just call this API via HTTP and assert on the responses, PHPUnit will not be able to capture the code coverage, because the source code is actually being loaded on a different process.<h3>Remote code coverage</h3>A couple of weeks ago, I faced the issue described above. I had a web service for which I had a decent API test suite, but I wanted to capture code coverage for two main reasons:<ul><li>Be able to merge this coverage with the one generated by other tests suites, to know what&#x27;s the &quot;total&quot; code coverage, regardless the test producing it.</li><li>Apply mutation testing to the API tests, as I was already doing that for the rest of the test suites in the project. For this, I also needed to know exactly what tests were covering every line of the source code.</li></ul>After some investigation, I couldn&#x27;t find a built-in feature, where PHPUnit itself was able to &quot;remotely&quot; capture te code under test, so I had to think on a way to manually use <code>php-code-coverage</code> by myself.<h3>Code coverage reports</h3>In order to be able to capture code coverage, I had to make sure the instances of the objects provided by <code>php-code-coverage</code> where &quot;spin-up&quot; with the server, and then, the code coverage report was dumped at the end.Also, you usually define the code to include/exclude from coverage in PHPUnit&#x27;s config, but since this time we are the ones creating the coverage objects, this was not possible.I tried a couple of different approaches (more on this at the end), but the most accurate one for me, was to define two routes in my server, that were dynamically configured only when running the server in the context of these tests, and were responsible for creating and dumping the code coverage.<pre><pre><code class="language-php">use PHPUnit\Runner\Version;
use SebastianBergmann\CodeCoverage\CodeCoverage;
use SebastianBergmann\CodeCoverage\Driver\Selector;
use SebastianBergmann\CodeCoverage\Filter;
use SebastianBergmann\CodeCoverage\Report\Html\Facade as Html;
use SebastianBergmann\CodeCoverage\Report\PHP;
use SebastianBergmann\CodeCoverage\Report\Xml\Facade as Xml;

// Define directories containing the code you want to cover
$filter = new Filter();
$filter-&gt;includeDirectory(...);
$filter-&gt;includeDirectory(...);
$coverage = new CodeCoverage((new Selector())-&gt;forLineCoverage($filter), $filter);

// This is &quot;pseudo-code&quot;. Defining the routes depends on the framework you use
$app-&gt;get(&#x27;/api-tests/start-coverage&#x27;, function () use (&amp;$coverage) {
 $coverage-&gt;start(&#x27;API tests&#x27;);
 return new EmptyResponse();
});
$app-&gt;get(&#x27;/api-tests/stop-coverage&#x27;, function () use (&amp;$coverage) {
 $basePath = &#x27;...&#x27;; // Wherever you want the reports to be dumped
 $coverage-&gt;stop();

 // I generated coverage reports in a couple of different formats
 (new PHP())-&gt;process($coverage, $basePath . &#x27;/coverage.cov&#x27;);
 (new Xml(Version::getVersionString()))-&gt;process($coverage, $basePath . &#x27;/coverage-xml&#x27;);
 (new Html())-&gt;process($coverage, $basePath . &#x27;/coverage-html&#x27;);

 return new EmptyResponse();
});
</code></pre></pre>Then, I added the next snippet to my PHPUnit <code>bootstrap.php</code> file, to make sure the endpoints configured above are invoked at the proper times:<pre><pre><code class="language-php">// when starting up the test suite, call the endpoint to start collecting coverage
$httpClient-&gt;request(&#x27;GET&#x27;, &#x27;http://localhost:8080/api-tests/start-coverage&#x27;);

// When the tests process shuts down, call the endpoint to stop the coverage
register_shutdown_function(function () use ($httpClient): void {
 $httpClient-&gt;request(&#x27;GET&#x27;, &#x27;http://localhost:8080/api-tests/stop-coverage&#x27;);
});
</code></pre></pre><blockquote>Learn more about how to configure PHPUnit&#x27;s <a target="_blank" rel="noopener noreferrer" href="https://phpunit.readthedocs.io/en/9.5/configuration.html#the-bootstrap-attribute">bootstrap script</a>.</blockquote>This was fine from a pure code coverage point of view, but if you try it yourself, you will notice the report says all the code has been covered by <code>API tests</code>, which is what we provide when calling <code>$coverage-&gt;start(&#x27;API tests&#x27;);</code><img src="/assets/img/remote-coverage/invalid-api-coverage.png" alt="Invalid API coverage"/>To properly do mutation testing we need to know which are the exact tests that cover every part of the code. That requirement took me to the next approach.<h3>Supporting mutation testing</h3>To be more precise with the generated reports, I needed some way to notify the server about the specific test performing the request.One way to do this is by sending a custom header when performing a request from your tests, and registering some event handler or middleware which starts the coverage for that request with the value coming from that header.With that, I evolved the configuration above, and added a middleware handler (the framework I use is <a target="_blank" rel="noopener noreferrer" href="https://www.php-fig.org/psr/psr-15/">PSR-15</a> based, but the framework of your choice will probably have a way to do this).<pre><pre><code class="language-php">use ...

$coverage = new CodeCoverage();

// This ensures the coverage is started and stopped on every request, using the &quot;x-coverage-id&quot; header as the ID.
$app-&gt;middleware(function (ServerRequestInterface $req, RequestHandlerInterface $handler) use (&amp;$coverage) {
$coverage?-&gt;start(&#x27;API Tests&#x27;);
 $coverage-&gt;start($req-&gt;getHeaderLine(&#x27;x-coverage-id&#x27;));

 try {
 return $handler-&gt;handle($req);
 } finally {
 $coverage-&gt;stop();
 }
});

// This route is no longer needed. You can also remove the request from your bootstrap script
// $app-&gt;get(&#x27;/api-tests/start-coverage&#x27;, ...);
$app-&gt;get(&#x27;/api-tests/stop-coverage&#x27;, ...);
</code></pre></pre>Then, inside your test you can do something like this:<pre><pre><code class="language-php">use PHPUnit\Framework\TestCase;

class MyApiTest extends TestCase
{
 private ClientInterface $httpClient;

 public function setUp(): void
 {
 $this-&gt;httpClient = ...;
 }

 public function testMyEndpoint(): void
 {
 $resp = $this-&gt;httpClient-&gt;request(&#x27;POST&#x27;, &#x27;...&#x27;, [
 &#x27;headers&#x27; =&gt; [
 &#x27;x-coverage-id&#x27; =&gt; static::class,
 ],
 ])

 // Asserts go here...
 }
}
</code></pre></pre>After this, the code coverage reports will properly show the actual tests covering them.<img src="/assets/img/remote-coverage/valid-api-coverage.png" alt="Valid API coverage"/><h3>Alternative approach</h3>The approach explained here is functional, but it&#x27;s a bit hacky. I had to do it like this because of limitations with how I serve the API with <a target="_blank" rel="noopener noreferrer" href="https://openswoole.com">openswoole</a>.However, instead of defining routes that need to be actively called to start/stop the code coverage (or just to dump the report, as in the second approach), you could try to register the shutdown function directly in the server side.If that works for you, it&#x27;s much more straightforward, and you won&#x27;t need to bother changing your tests bootstrap script.<h3>Conclusion</h3>Even though there&#x27;s room for improvement, this allows to generate code coverage reports for code that&#x27;s running on a different process.I plan to apply something similar for E2E tests for a command line app, so maybe I extend this article at some point.Also, I decided to write this article, because at the moment of having to implement this myself, I didn&#x27;t find too much useful information out there.I hope this helped you, and now you can collect code coverage reports on your API tests.

Capturing remote code coverage in API tests with PHPUnit

In the last couple of days I have been playing around with the idea of combining GitHub Actions and GitHub Pages to be able to dynamically build preview environments every time a pull request is opened against a repository hosting a client-side web app.The idea is that you can quickly preview the changes made by some contributor, without having to clone their branch and running everything locally, something specially useful for open source projects.In this article I will explain how to set everything up, and what are some considerations and problems you may face during the process.<h3>Enable github pages</h3>The first thing you need to do is enable your project to publish pages on some branch. I recommend creating a new branch for this, let&#x27;s say <code>preview-env</code>, and then enabling publishing on it.In order to do that go to your repository and then Settings -&gt; Pages, look for the Source section, and you should see something like this:<img src="/assets/img/preview-envs/github-pages-before-enabling.png" alt="GitHub pages before enabling"/>Click in the dropdown and select your new branch, <code>preview-env</code>. Then click Save.<img src="/assets/img/preview-envs/github-pages-after-enabling.png" alt="GitHub pages after enabling"/>After saving you will see a message at the top of this section telling you what&#x27;s the URL in which the pages are published. It always follows the same pattern. If your organization is <code>my-org</code> and your repository is <code>my-repo</code>, the url will be <code>https://my-org.github.io/my-repo/</code>.<h3>Configure the workflow</h3>Now we need to configure a workflow that will &quot;deploy&quot; the preview environment for the branch every time a new pull request is created or updated:Let&#x27;s imagine we have a React web app that is built with node.js. The configuration could look like this.<pre><pre><code class="language-yml"># .github/workflows/deploy-preview.yml
name: Deploy preview

on:
 pull_request: null

jobs:
 deploy:
 runs-on: ubuntu-20.04
 continue-on-error: true
 steps:
 - name: Checkout code
 uses: actions/checkout@v2
 - name: Use node.js 14.15
 uses: actions/setup-node@v1
 with:
 node-version: 14.15
 - name: Generate slug
 id: generate_slug
 run: echo &quot;##[set-output name=slug;]$(echo ${GITHUB_HEAD_REF#refs/heads/} | sed -r &#x27;s/[~\^]+//g&#x27; | sed -r &#x27;s/[^a-zA-Z0-9]+/-/g&#x27; | sed -r &#x27;s/^-+\|-+$//g&#x27; | tr A-Z a-z)&quot;
 - name: Build
 run: npm ci &amp;&amp; npm run build
 - name: Deploy
 uses: JamesIves/github-pages-deploy-action@4.1.1
 with:
 branch: preview-env
 folder: build
 target-folder: ${{ steps.generate_slug.outputs.slug }}
 - name: Publish env
 uses: marocchino/sticky-pull-request-comment@v2
 with:
 header: Preview environment
 message: |
 ## Preview environment
 https://my-org.github.io/my-repo/${{ steps.generate_slug.outputs.slug }}/
</code></pre></pre><blockquote>If you are not familiar with GitHub Actions yet, take a look at the <a target="_blank" rel="noopener noreferrer" href="https://docs.github.com/en/actions">official documentation</a>.</blockquote>This workflow will follow the next steps:<ul><li>Checkout the code from the repository.</li><li>Set-up node.js 14.15</li><li>Based on the branch name, generate a slug that we will use to have separated deployment folders for every pull request we receive. The slug is exposed to next steps as an output.</li><li>Build the project. This step will obviously depend on the needs of your project.</li><li>Using <a target="_blank" rel="noopener noreferrer" href="https://github.com/JamesIves/github-pages-deploy-action">JamesIves/github-pages-deploy-action</a>, deploy the contents we previously built in the GitHub page, under a sub-folder matching the slug we generated a few steps above, and under the branch <code>preview-env</code> (remember we enabled GitHub pages for this branch).</li><li>Finally, using <a target="_blank" rel="noopener noreferrer" href="https://github.com/marocchino/sticky-pull-request-comment">marocchino/sticky-pull-request-comment</a>, post a comment in the pull request with a link to the preview environment, so that you can just click on it and see the deployment.</li></ul>The steps may change depending on your needs and how you build your project. For example, I have an extra step to update a property in the <code>package.json</code> that is then used to allow serving the app in a sub-path instead of the root of the domain.You may also not build your site with node.js, as you could be using any of the multiple existing static site generators out there, but you get the idea.Finally, you have probably noticed the config includes <code>continue-on-error: true</code>. This will allow the pull request to be merged even if this process fails for some reason.<h3>Considerations when using forks</h3>While the configuration above will work perfectly when creating pull requests inside the same repository, there are some limitations when the pull request comes from a fork (which is the usual in OSS projects).For security reasons, the <code>GITHUB_TOKEN</code> injected in those cases doesn&#x27;t have write permissions, which will make the &quot;deploy&quot; step fail.Also, you cannot define your own token with more permissions and inject it as a secret, as the secrets are not exposed to workflows running on forks.However, with a couple small config changes, we can work around these limitations:<h4>Change event</h4>The first thing we need to do is use the <code>pull_request_target</code> event instead of the <code>pull_request</code> one.<pre><pre><code class="language-diff">on:
- pull_request: null
+ pull_request_target: null
</code></pre></pre>According to the documentation, this is equivalent to the <code>pull_request</code> event, but it runs in the scope of the base repository.Thanks to this, the <code>GITHUB_TOKEN</code> will come with write permissions, and we will have access to secrets if needed.<h4>Checkout the fork</h4>The second thing we are going to change is that we now need to specify the repository to checkout.In order to do that, we need to add two inputs to the &quot;Checkout code&quot; step, like this:<pre><pre><code class="language-diff"> steps:
 - name: Checkout code
 uses: actions/checkout@v2
+ with:
+ repository: ${{ github.event.pull_request.head.repo.full_name }}
+ ref: ${{ github.event.pull_request.head.ref }}
</code></pre></pre>This will ensure we checkout from the fork repository, instead of the base one, which is the default, as it&#x27;s the one where the <code>pull_request_target</code> event is scoped to.And that&#x27;s it. With these two changes you can now deploy preview environments for pull requests coming from forks.<blockquote>IMPORTANT! The limitations of the <code>pull_request</code> event are there for a reason. People could potentially get access to your secrets or manipulate your code. Proceed at your own risk.</blockquote><h3>Other considerations</h3>Other than the limitations for forks, there are a few other minor things to take into consideration.<ul><li>Changes in GitHub Pages do not reflect immediately. It may take up to a couple of minutes for the deployment to be available, but considering you will usually not review a PR right after it has been created, this should not be a big issue.</li><li>As you have seen, every time a pull request is created, the deployment will generate a new folder in your GitHub Pages branch. This may result in a lot of old folders to pile-up, so you may want to set up some way to clean them up periodically or after the pull request has been merged.</li><li>Due to the fact that GitHub Pages only allows static pages to be served, this process cannot be used with apps that require some kind of back-end or server-side logic.</li><li>If your project is already using GitHub Pages for something else (serve the project&#x27;s website or docs), that may conflict with this, preventing you from having this kind of preview envs.</li></ul>

Setting-up a preview environment for your client-side apps with GitHub Actions and GitHub Pages

I remember many years ago, when I released my first open source project, that every time I had a new release ready, I was never sure what should be the new version number.Versioning software is not as straightforward as it might look when you don&#x27;t have a lot of experience.In this article I&#x27;ll try to explain the <a target="_blank" rel="noopener noreferrer" href="https://semver.org/">SemVer</a> approach to version software, and some things you might want to take into account on top of that.<h3>Semantic Versioning</h3>The first thing you need is a solid set of rules that help you decide which should your next version be.I remember thinking &quot;is this version big enough as to jump from 1.0 to 2.0?&quot; or &quot;I have seen projects using three numbers for the version, X.Y.Z, should I do the same?&quot;Those questions are easier to answer if you stick to some standard that tells you what to do, and that will help others more easily understand your intention.My recommendation is to use <a target="_blank" rel="noopener noreferrer" href="https://semver.org/">Semantic Versioning</a>, as it defines a solid starting point, and it&#x27;s quite adopted by the community.Semantic Versioning states that you should use three numbers to identify versions, <code>MAJOR.MINOR.PATCH</code>, and follow these rules in order to decide which one to increase:<ul><li><code>PATCH</code>: the new release includes only bug fixes. People are encouraged to update to this release and no changes are needed in their code bases.</li><li><code>MINOR</code>: the new release includes new backwards-compatible features. People can update to this version without changing their code bases, and make use of the new features afterwards if they wish.</li><li><code>MAJOR</code>: the new release includes <a target="_blank" rel="noopener noreferrer" href="https://en.wikipedia.org/wiki/Backward_compatibility">backward compatibility</a> breaks. Changes in the code base will be needed when updating to this version.</li></ul><blockquote>These rules are easier to apply to libraries and frameworks than it is for apps and services. More about this later.</blockquote><h3>Try to keep backwards-compatibility</h3>Ok, we have some rules now. However, I have seen very frequently people mistaking what can be done with what should be done.Yes, if you introduce a breaking change, you can update the major version and that&#x27;s it. However, if you do it too frequently, people won&#x27;t be happy, and you will end up with a fragmented user base, that stop updating to newer versions.I remember using a library to deploy stuff that had a new major version every couple of months, changing things like &quot;The <code>host</code> function is now called <code>server</code>&quot;. Yes, ok, but why do I have to change my stuff so frequently.It&#x27;s usually better to try to implement things in a backwards-compatible way, and keep track of the things you want to change and do it all at a time.You can also deprecate things, and document the way you want those things to be done moving forward. That way you give people the chance to start changing their code and simplify a hypothetical upcoming major release.<h3>Provide clear upgrade paths</h3>As mentioned above, too frequent major version changes are not desirable, but sooner or later you will want to release a new major version for different reasons.<ul><li>Getting rid of that feature which is hard to maintain, introduces lots of bugs, and provides little value.</li><li>Supporting something new which is very hard to implement without breaking backwards compatibility.</li><li>Removing all those deprecated methods you have been dragging for months.</li><li>Fix design issues, where something was architected in the wrong way, and only spotted after some time.</li></ul>At the time this happens you will want your users to upgrade to the newer version, as you don&#x27;t want people to report bugs that only affect older versions, or to expect you to backport fixes to older versions because they haven&#x27;t updated to the new one.The best way to achieve this is to provide clear and simple upgrade paths:<ul><li>Prepare your releases for the things to come: If you want to introduce new ways of doing things, do it before the major release, and deprecate the older ones. For example, you can have a new method that gets called by an older one, while you mark the old one as deprecated.People will be more willing to update and change their code afterwards. By the time the major release is published, their code will be ready to upgrade.</li><li>Include a CHANGELOG file in your project, explaining the changes introduced in every version. A very good way to document a change log is the <a target="_blank" rel="noopener noreferrer" href="https://keepachangelog.com/">Keep a changelog</a> initiative.You can also use some other platform to document the change log, like GitHub releases.</li><li>Include documentation on how to upgrade to a major release: This is probably the most important one. Document all the steps that need to be followed and all the required changes to update from a release to the next major one.A good way to do this is by including an UPGRADE file in your project. You can see <a target="_blank" rel="noopener noreferrer" href="https://github.com/acmailer/acmailer/blob/main/UPGRADE.md">this example</a>.</li></ul><h3>Versioning libraries vs apps</h3>Semantic Versioning is a good standard to version software, but it plays much better with libraries and frameworks that are installed using some kind of package manager, than it does with apps and services that are not directly depended on.For example, how do you identify a backward compatibility break on a web user interface?With this kind of software there are more grey areas, and you will end up using your intuition.For example, not long ago I released a <a href="/2020/12/24/released-shlink-web-client-v3-0-0/">new major version</a> for a web app I maintain, and it was completely compatible with the previous one. However, it introduced a larger amount of features than usual, and big UI changes, so I decided it was worth the bump.Because of this there are projects that use different approaches to version apps. For example:<ul><li>Firefox and Chrome have 6-week cycles, and after each one of them they release a new major version no matter what.</li><li>Jetbrains publishes a few releases of their IDEs every year (I think 3) which always start with the year they were released on, like <code>2020.3.0</code>, and they increase the patch number for bugfixes.</li><li>Ubuntu releases 2 versions every year, one in April and one in October, and they are always identified by the year and month they were released on, like <code>19.04</code> or <code>20.10</code>.</li></ul><h3>Special versions</h3>There&#x27;s also a set of special versions that can be used to publish the so-called pre-release versions. These <a target="_blank" rel="noopener noreferrer" href="https://semver.org/#spec-item-9">are covered</a> by Semantic Versioning, but sometimes they are not so easy to understand.It is also very likely that you never have to use these, as only relatively big projects will need this level of granularity, but it&#x27;s still good to know what&#x27;s their purpose and what do they imply.<h4>0.x.y</h4>It is possible to release a version of your software where the major number is <code>0</code>. When this happens, it means your software is still in its early stages.It does not mean it&#x27;s necessarily unstable, but it means you are still introducing frequent changes on it, and therefore, it might be a bit more fragile than a version starting with a number greater than <code>0</code>.<h4>Alpha</h4>The intention of an alpha release is that a subset of people con test some new functionality, but you don&#x27;t want people to use it in productionAlpha versions are on their very early stages. Their public API is very likely to change, and they probably contain bugs.Semantic Versioning states that alpha versions are identified by this pattern: <code>MAJOR.MINOR.PATCH-alpha.NUMBER</code>, for example <code>2.0.0-alpha.1</code>.<h4>Beta</h4>Similar to alpha versions, beta versions are also prone to contain bugs, but their API will in theory not change. That means that you could potentially adapt your software to start using a beta version, and when the corresponding stable release is published, you shouldn&#x27;t need that many changes.Semantic Versioning defines a pattern similar to the one for alpha versions: <code>MAJOR.MINOR.PATCH-beta.NUMBER</code>, for example <code>2.0.0-beta.1</code>.<h4>Release candidate</h4>Release candidates (RC) are pre-release versions that you will want to publish for the general user-base to test an upcoming release. You want to publish a RC so that it&#x27;s battle tested by as many people as possible, in order to find possible bugs and edge cases.They should not contain many bugs, but some could be found. The public API should not change anymore.According to Semantic Versioning, the pattern to identify a RC is <code>MAJOR.MINOR.PATCH-rc.NUMBER</code>, for example <code>2.0.0-rc.1</code>.<h3>Conclusion</h3>We have seen some approaches and considerations to properly version your software.Versioning is not so straightforward when you don&#x27;t have a lot of experience, but as you have seen, you just need to know a small set of rules and use a bit your intuition.With those tools, you will be able to properly version your software.

What to take into account when versioning software

<div class="well well-sm">This article was first published in <a target="_blank" rel="noopener noreferrer" href="https://devzone.zend.com/7245/project-scalability-with-zend-expressive/">Zend Developer Zone</a></div>I&#x27;ve been working with some different frameworks lately. One of them is <a target="_blank" rel="noopener noreferrer" href="https://docs.zendframework.com/zend-expressive/">Zend Expressive</a>, and I&#x27;ve come to the conclusion that I don&#x27;t need to choose between different frameworks; depending on the project, Expressive always fits my needs and scales from small projects to bigger applications.<h3>The Microframework approach</h3>The first thing that one could see on the <a target="_blank" rel="noopener noreferrer" href="https://docs.zendframework.com/zend-expressive/getting-started/standalone/">&quot;Hello world&quot; example</a> is that Expressive seems like a typical microframework: you create an application object and register routes with it.Something like this:<pre><pre><code class="language-php">use zend\Expressive\AppFactory;

include __DIR__ . &#x27;/../vendor/autoload.php&#x27;;

$app = AppFactory::create();

$app-&gt;get(&#x27;/greet/{name}&#x27;, function ($request, $response, callable $out = null) {
 $response-&gt;getBody()-&gt;write(sprintf(&#x27;Hello %s!!&#x27;, $request-&gt;getAttribute(&#x27;name&#x27;)));
 return $response;
});
$app-&gt;(&#x27;/about&#x27;, function ($request, $response, callable $out = null) {
 ob_start();
 include &#x27;templates/about.html&#x27;;
 $response-&gt;getBody()-&gt;write(ob_get_clean());
 return $response;
});

$app-&gt;pipeRoutingMiddleware();
$app-&gt;pipeDispatchMiddleware();
$app-&gt;run();
</code></pre></pre>This is a super simple example, which I feel is the best approach for prototyping and small applications. You can write an entire app in hours.This is the so called &quot;programmatic approach&quot;, and you can read more about it <a target="_blank" rel="noopener noreferrer" href="https://mwop.net/blog/2016-05-16-programmatic-expressive.html">here</a>. This same approach is used by other microframeworks.However, if your application grows, this could be hard to maintain.<ul><li>What if your application has 100 different routes instead of 2?</li><li>What if you need to render dynamic templates?</li><li>What if you need to use complex services while dispatching your routes? They will need to be created somewhere.</li></ul>In the past, you had to take this into account. A microframework was good for small projects (websites, blogs, and such), but for bigger projects, one would choose frameworks like Symfony, Laravel or Zend Framework with the MVC stack. This is no longer necessary with Zend Expressive.Zend Expressive allows the previously described approach, but also other approaches reminiscent of these bigger frameworks. Some of the features that make Zend Expressive my framework of choice for any kind of project are:<ul><li>Decoupled from specific implementations for dependency injection, templating, or routing</li><li>Supports a configuration-driven approach.</li><li>Supports complex dependency injection by using advanced dependency injection containers like zend-servicemanager.</li><li>Supports modular applications, easing code reuse.</li><li>It is based on middleware.</li><li>It is not hard to implement a mvc-like system with controllers.</li></ul><h3>Choosing implementations</h3>The first thing that makes Expressive different from other frameworks is that it doesn&#x27;t come with its own implementation for everything. It doesn&#x27;t try to reinvent the wheel; instead, it relies on interfaces. You can use the component of your choice for routing, templating, and dependency injection. You could also implement your own if you prefer.For example, by default, Expressive supports three routers: FastRoute, Aura router, and zend-router. In my website I needed a router with support for optional parameters at the beginning of the route, and none of them supports it.My solution was integrating <a target="_blank" rel="noopener noreferrer" href="https://github.com/acelaya/expressive-slim-router">Slim 2 router</a>, which allows that.Something similar is possible while choosing the template renderer. Expressive comes with built-in support for Twig, Plates, and zend-view, but you can use whichever renderer you like. It wouldn&#x27;t be hard to integrate Laravel&#x27;s Blade, for example.For dependency injection, Zend Expressive supports any container implementing <code>Interop\Container\ContainerInterface</code>, so there are plenty of options to choose from.<h3>Configuration-driven applications</h3>One of the best things about Zend Expressive is that you can move all the configuration to dynamic configuration files, including:<ul><li>Definition of routes</li><li>Definition of middlewares to pipe</li><li>Definition of template renderer, router, and container implementations</li><li>Definition of configuration consumed by other services</li></ul>This approach also allows to define environment-specific configuration, and override production configurations with local configurations, like disabling cache or having a more verbose error handler (which is not desired in production but will help during development).In order to achieve this, instead of creating the application with the static factory (<code>Zend\Expressive\AppFactory</code>), you have to use the container factory (<code>Zend\Expressive\Container\ApplicationFactory</code>).It is intended to be used with a dependency injection container, and a more complex process is used while creating the application.It fetches the configuration of the application itself from a <code>config</code> service, which should contain an array (or ArrayObject) with keys like <code>routes</code> or <code>middleware-pipeline</code>.For example, if we want to register the same routes defined in the first example via configuration, we need to define something like this.<pre><pre><code class="language-php">return [

 &#x27;routes&#x27; =&gt; [
 [
 &#x27;name&#x27; =&gt; &#x27;greet&#x27;,
 &#x27;path&#x27; =&gt; &#x27;/greet/{name}&#x27;,
 &#x27;middleware&#x27; =&gt; function ($request, $response, callable $out = null) {
 $response-&gt;getBody()-&gt;write(sprintf(&#x27;Hello %s!!&#x27;, $request-&gt;getAttribute(&#x27;name&#x27;)));
 return $response;
 },
 &#x27;allowed_methods&#x27; =&gt; [&#x27;GET&#x27;],
 ],
 [
 &#x27;name&#x27; =&gt; &#x27;about&#x27;,
 &#x27;path&#x27; =&gt; &#x27;/about&#x27;,
 &#x27;middleware&#x27; =&gt; function ($request, $response, callable $out = null) {
 ob_start();
 include &#x27;templates/about.html&#x27;;
 $response-&gt;getBody()-&gt;write(ob_get_clean());
 return $response;
 },
 &#x27;allowed_methods&#x27; =&gt; [&#x27;GET&#x27;],
 ],
 ],

];
</code></pre></pre><blockquote>I have used middleware closures to demonstrate that any middleware used in the programmatic approach is valid here, but you should avoid it while working with the configuration-driven approach, since it will break the configuration caching process.</blockquote>With this, the <code>ApplicationFactory</code> preregisters all the routes before returning the <code>Application</code> instance.The same happens with non-routable middleware (we&#x27;ll talk about middleware later), and other configurations.With this approach, the first thing we need to do is create the dependency injection container, which will be responsible of creating the application object. Something like this:<pre><pre><code class="language-php">use Interop\Container\ContainerInterface;
use Zend\Expressive\Application;

/** @var ContainerInterface $container */
$container = include __DIR__ . &#x27;/../config/container.php&#x27;;
/** @var Application $app */
$app = $container-&gt;get(Application::class);
$app-&gt;run();
</code></pre></pre><blockquote>Note that Expressive projects can be easily created from scratch by using the <a target="_blank" rel="noopener noreferrer" href="https://docs.zendframework.com/zend-expressive/getting-started/skeleton/">skeleton installer</a>, which in the process will ask you for the concrete implementations to use and initialize all the code above, including base configuration files.</blockquote>While the configuration-driven approach would be my choice, it is also possible to take a hybrid approach between the programmatic and the config-driven options.You can use the container factory so that the environment-specific configuration system is applied, and dependencies and service-specific configs are properly loaded, but still define routes programmatically.<pre><pre><code class="language-php">use Interop\Container\ContainerInterface;
use Zend\Expressive\Application;

/** @var ContainerInterface $container */
$container = include __DIR__ . &#x27;/../config/container.php&#x27;;
/** @var Application $app */
$app = $container-&gt;get(Application::class);

// After getting the application from the container, it is still possible to define routes
$app-&gt;get(&#x27;/home&#x27;, ...);
$app-&gt;post(&#x27;/contact&#x27;, ...);

$app-&gt;run();
</code></pre></pre><h3>Complex dependency injection</h3>We have already seen that Zend Expressive allows you to use the implementation of your choice for dependency injection.In a medium project you can use a simple DI container, like pimple or aura DI. However, in a bigger project you will probably need a more advanced container, like php-di or zend-servicemanager. Expressive allows you to use any container that implements <code>Interop\Container\ContainerInterface</code>.If none is defined, the static <code>AppFactory</code> uses zend-servicemanager, and the <code>ApplicationFactory</code> injects into the application the same container that was used to invoke it.Other microframeworks assume that you are working on a small project, and you are a little bit limited by their DI implementation. Expressive gives you the freedom to use the implementation that best suits your needs.<h3>Modular applications</h3>For big projects, modularity is very important.You can wrap classes, configuration, language files, templates, tests, etc, in a self-contained package that can be installed in other projects.Other frameworks like Zend Framework and Symfony provide great solutions for this (modules and bundles), and it is easy to do this with Expressive too, while you can still work in a single-module way if the project doesn&#x27;t need more complexity.In order to add modularity to an Expressive project, you can use the <a target="_blank" rel="noopener noreferrer" href="https://github.com/mtymek/expressive-config-manager">mtymek/expressive-config-manager</a> package. It includes a simple class that is able to merge the configuration from many sources (while working with the configuration-driven approach), so that the application is created by being aware of all of those modules, and thus, get preconfigured services or override other configurations.You just need to define the configuration of every module and an invokable class that provides the configuration itself.Indeed, that package can be used in any project, not just Expressive-based projects, but it was built with Zend Expressive in mind.<h3>The middleware paradigm</h3>New microframeworks are working with the middleware paradigm. Expressive is one of them.Middleware is a great way of defining pieces of code that are easy to test and reuse in other middleware-based projects.If you need to learn more about middleware, <a target="_blank" rel="noopener noreferrer" href="https://mwop.net/blog/2015-01-08-on-http-middleware-and-psr-7.html">this is a great article</a> to read now.Expressive uses middleware not only before dispatching a route, but also for the route itself, so, in the end, everything is middleware.Also, unlike other microframeworks where you need to provide callables every time you need a middleware, Expressive supports passing service names, which makes it use the DI container in order to get the middleware instance. This improves performance and eases dependency injection.This approach can be used both in the programmatic and config-driven approaches.<pre><pre><code class="language-php">use Zend\ServiceManager\ServiceManager;

$sm = new ServiceManager([
 &#x27;invokables&#x27; =&gt; [
 \MyMiddleware::class =&gt; MyMiddleware::class,
 ],
]);

$app = AppFactory::create($sm);
$app-&gt;get(&#x27;/home&#x27;, \MyMiddleware::class);

// [...]
</code></pre></pre>When this app is run and the &quot;/home&quot; route is dispatched, the middleware used to dispatch the request will be lazily fetched from the DI container and invoked.This same thing could be done with the config-driven approach like this.<pre><pre><code class="language-php">use Zend\Expressive\Application;
use Zend\ServiceManager\ServiceManager;

$sm = new ServiceManager([
 &#x27;services&#x27; =&gt; [
 &#x27;config&#x27; =&gt; [
 &#x27;routes&#x27; =&gt; [
 [
 &#x27;name&#x27; =&gt; &#x27;home&#x27;,
 &#x27;middleware&#x27; =&gt; \MyMiddleware::class,
 &#x27;path&#x27; =&gt; &#x27;/home&#x27;,
 &#x27;allowed_methods&#x27; =&gt; [&#x27;GET&#x27;],
 ],
 ],
 ],
 ],
 &#x27;invokables&#x27; =&gt; [
 \MyMiddleware::class =&gt; MyMiddleware::class,
 ],
 &#x27;factories&#x27; =&gt; [
 Application::class =&gt; Zend\Expressive\Container\ApplicationFactory::class,
 ],
]);

$app = $sm-&gt;get(Application::class);

// [...]
</code></pre></pre><h3>Controller-style dispatch</h3>The last thing we need so that Expressive is as similar as possible to bigger frameworks, is being able to dispatch similar requests with the same controller class, allowing us to share dependencies and not having to repeat the same creation process for different middlewares.This is also possible by using <a target="_blank" rel="noopener noreferrer" href="https://twitter.com/samsonasik">Abdul</a>&#x27;s implementation, which is now part of the official <a target="_blank" rel="noopener noreferrer" href="https://docs.zendframework.com/zend-expressive/cookbook/using-routed-middleware-class-as-controller/">Expressive cookbook</a>.This approach is similar to that used in traditional full-stack MVC controllers.You can also easily define rest controllers as <a href="/2016/06/24/dispatch-rest-like-requests-with-a-single-controller-class-in-zend-expressive/">I explained in my blog</a> not so long ago.However, this should be primarily used if you want to migrate an existing application to Zend Expressive. For new projects it&#x27;s better to have a single middleware to handle each route. That approach improves granularity, and makes middlewares easier to test.The redundancy problem that is produced by this approach can be easily mitigated by reusing the same factory for all the middlewares.<h3>Conclusion</h3>In this article, I&#x27;ve attempted to demonstrate an undocumented feature of Zend Expressive: project scalability.The project offers a low learning curve, allowing you to immediately start writing smaller projects, but provides a path for creating larger, maintainable applications.

Project Scalability with Zend Expressive

I was digging into Zend Expressive and how to use controllers that allow me to share dependencies between different routes, instead of having to use different middlewares every time.<a target="_blank" rel="noopener noreferrer" href="https://samsonasik.wordpress.com/">Abdul</a> wrote a great article on this subject that you can find <a target="_blank" rel="noopener noreferrer" href="https://samsonasik.wordpress.com/2016/01/03/using-routed-middleware-class-as-controller-with-multi-actions-in-expressive/">here</a>, which also became part of <a target="_blank" rel="noopener noreferrer" href="https://zendframework.github.io/zend-expressive/cookbook/using-routed-middleware-class-as-controller/">Expressive&#x27;s cookbook</a> some time later.This is a perfect approach that easily allows to reuse some code, but then I thought how to do something similar in a rest environment, having a single class with different dispatchable methods that will be called depending on the request&#x27;s HTTP method.This is a possible solution based on ZF2&#x27;s <a target="_blank" rel="noopener noreferrer" href="https://github.com/zendframework/zend-mvc/blob/master/src/Controller/AbstractRestfulController.php">AbstractRestfulController</a><h3>The abstract implementation</h3>We need some default behavior and some code that can be reused, so this could be our <code>AbstractRestController</code>.<pre><pre><code class="language-php">namespace App\Rest;

use Psr\Http\Message\ResponseInterface as Response;
use Psr\Http\Message\ServerRequestInterface as Request;
use Zend\Diactoros\Response\JsonResponse;
use Zend\Stratigility\MiddlewareInterface;

abstract class AbstractRestController implements MiddlewareInterface
{
 const IDENTIFIER_NAME = &#x27;id&#x27;;

 /**
 * @param Request $request
 * @param Response $response
 * @param null|callable $out
 * @return null|Response
 */
 public function __invoke(Request $request, Response $response, callable $out = null)
 {
 $requestMethod = strtoupper($request-&gt;getMethod());
 $id = $request-&gt;getAttribute(static::IDENTIFIER_NAME);

 switch ($requestMethod) {
 case &#x27;GET&#x27;:
 return isset($id)
 ? $this-&gt;get($request, $response, $out)
 : $this-&gt;getList($request, $response, $out);
 case &#x27;POST&#x27;:
 return $this-&gt;create($request, $response, $out);
 case &#x27;PUT&#x27;:
 return $this-&gt;update($request, $response, $out);
 case &#x27;DELETE&#x27;:
 return isset($id)
 ? $this-&gt;delete($request, $response, $out)
 : $this-&gt;deleteList($request, $response, $out);
 case &#x27;HEAD&#x27;:
 return $this-&gt;head($request, $response, $out);
 case &#x27;OPTIONS&#x27;:
 return $this-&gt;options($request, $response, $out);
 case &#x27;PATCH&#x27;:
 return $this-&gt;patch($request, $response, $out);
 default:
 return $out($request, $response);
 }
 }

 public function get(Request $request, Response $response, callable $out = null)
 {
 return $this-&gt;createResponse([&#x27;content&#x27; =&gt; &#x27;Method not allowed&#x27;], 405);
 }

 public function getList(Request $request, Response $response, callable $out = null)
 {
 return $this-&gt;createResponse([&#x27;content&#x27; =&gt; &#x27;Method not allowed&#x27;], 405);
 }

 public function create(Request $request, Response $response, callable $out = null)
 {
 return $this-&gt;createResponse([&#x27;content&#x27; =&gt; &#x27;Method not allowed&#x27;], 405);
 }

 public function update(Request $request, Response $response, callable $out = null)
 {
 return $this-&gt;createResponse([&#x27;content&#x27; =&gt; &#x27;Method not allowed&#x27;], 405);
 }

 public function delete(Request $request, Response $response, callable $out = null)
 {
 return $this-&gt;createResponse([&#x27;content&#x27; =&gt; &#x27;Method not allowed&#x27;], 405);
 }

 public function deleteList(Request $request, Response $response, callable $out = null)
 {
 return $this-&gt;createResponse([&#x27;content&#x27; =&gt; &#x27;Method not allowed&#x27;], 405);
 }

 public function head(Request $request, Response $response, callable $out = null)
 {
 return $this-&gt;createResponse([&#x27;content&#x27; =&gt; &#x27;Method not allowed&#x27;], 405);
 }

 public function options(Request $request, Response $response, callable $out = null)
 {
 return $this-&gt;createResponse([&#x27;content&#x27; =&gt; &#x27;Method not allowed&#x27;], 405);
 }

 public function patch(Request $request, Response $response, callable $out = null)
 {
 return $this-&gt;createResponse([&#x27;content&#x27; =&gt; &#x27;Method not allowed&#x27;], 405);
 }

 final protected function createResponse($data, $status = 200)
 {
 return new JsonResponse($data, $status);
 }
}
</code></pre></pre>It creates an invokable class that dispatches different methods based on the request HTTP method, passing the <code>$request</code>, <code>$response</code> and next middleware to all of them.By default, it makes all the methods return a 405 status, so that we can leave them unimplemented in concrete controllers and any consumer knows that they are not allowed.This class will be the base for any rest controller.<h3>Concrete implementations</h3>Once we have the abstract controller, we can define any class extending it.<pre><pre><code class="language-php">namespace App\Controller;

use App\Rest\AbstractRestController;
use Psr\Http\Message\ResponseInterface as Response;
use Psr\Http\Message\ServerRequestInterface as Request;

class RestUserController extends AbstractRestController
{
 public function get(Request $request, Response $response, callable $out = null)
 {
 $id = $request-&gt;getAttribute(self::IDENTIFIER_NAME);
 return $this-&gt;createResponse([
 &#x27;id&#x27; =&gt; $id,
 &#x27;name&#x27; =&gt; &#x27;John Doe&#x27;,
 ]);
 }

 public function getList(Request $request, Response $response, callable $out = null)
 {
 return $this-&gt;createResponse([
 [
 &#x27;id&#x27; =&gt; &#x27;e2f7ee10-af32-46e7-86cc-5afe441b69e5&#x27;,
 &#x27;name&#x27; =&gt; &#x27;John Doe&#x27;,
 ],
 [
 &#x27;id&#x27; =&gt; &#x27;04162d88-dd7c-4855-ae4f-cc63e64edd7c&#x27;,
 &#x27;name&#x27; =&gt; &#x27;Jane Doe&#x27;,
 ],
 ]);
 }

 public function create(Request $request, Response $response, callable $out = null)
 {
 return $this-&gt;createResponse([
 &#x27;message&#x27; =&gt; &#x27;You have created a new user&#x27;,
 ]);
 }

 public function delete(Request $request, Response $response, callable $out = null)
 {
 $id = $request-&gt;getAttribute(self::IDENTIFIER_NAME);
 return $this-&gt;createResponse([
 &#x27;message&#x27; =&gt; sprintf(&#x27;You have deleted the user with id %s&#x27;, $id),
 ]);
 }
}
</code></pre></pre>This class overrides only 4 of the public methods, returning custom responses.We will usually inject some service on this controller and use it to perform CRUD operations. In this example I have just hardcoded the responses. <h3>Register the route</h3>Once the controller is created, we need to register a route setting this controller as the middleware and allowing any method, since the HTTP method check will be performed in the controller itself.If you have created your app starting from the <a target="_blank" rel="noopener noreferrer" href="https://github.com/zendframework/zend-expressive-skeleton">skeleton application</a>, you just need to open the <code>config/autoload/routes.global.php</code> file and add the route and register your controller as a service.The registration of the controller will depend on the container implementation and how it needs to be created. In this case I&#x27;m using the Zned\ServiceManager component, and the controller is a simple invokable service without dependencies.Also, the route definition could slightly change depending on the chosen router. I&#x27;m using FastRoute.<pre><pre><code class="language-php">use App\Action\RestUserController;
use Zend\ServiceManager\Factory\InvokableFactory;

return [
 &#x27;dependencies&#x27; =&gt; [
 &#x27;factories&#x27; =&gt; [
 RestUserController::class =&gt; InvokableFactory::class,
 ],
 ],

 &#x27;routes&#x27; =&gt; [
 // [...]

 [
 &#x27;name&#x27; =&gt; &#x27;rest.client&#x27;,
 &#x27;path&#x27; =&gt; &#x27;/rest/user[/{id}]&#x27;,
 &#x27;middleware&#x27; =&gt; RestUserController::class,
 ],
 ],
];
</code></pre></pre>When the <code>allowed_methods</code> key is not set, it allows any method by default.Now, a GET request to the /rest/user route will return the list of users, a DELETE request to /rest/user/123 will delete the user 123 and so one.

Dispatch REST-like requests with a single controller class in Zend Expressive

Performance is an important subject when a project grows.There are some good practices that make projects more maintainable, like <a target="_blank" rel="noopener noreferrer" href="https://en.wikipedia.org/wiki/Dependency_injection">dependency injection</a>, however, creating all the objects at the beginning of the request could reduce the application performance.If some of the created objects are not finally used, we have wasted CPU time and memory for no reason.<h3>DI pattern basics</h3>The dependency injection pattern is &quot;simple&quot;. It is one way to implement the <a target="_blank" rel="noopener noreferrer" href="https://en.wikipedia.org/wiki/Dependency_inversion_principle">Dependency Inversion Principle</a>, and it says that all the objects that certain subject depends on should be injected on it when the subject is created, rather than letting the subject internally create them at runtime.This decouples every part of the application and eases testing each subject.However, what happens if some of those objects are not finally used?<h3>The proxy pattern to the rescue</h3>A proxy is a lightweight wrapper for an expensive object. It implements the same type of the wrapped object, but delays the object creation until it is going to be really used, for example by overriding all the public methods and initializing the wrapped object the first time one of them is called.If we used proxies for every expensive dependency, the previous problem would be solved. We can still inject the dependency, but it will be wrapped by the proxy, which will create the object itself once we need it, or never, if it is not finally used.This is the principle behind lazy services. The ServiceManager makes use of the <a target="_blank" rel="noopener noreferrer" href="https://github.com/Ocramius/ProxyManager">ocramius/proxy-manager</a> package to create proxies on the fly for all the services configured as lazy.<h3>Lazy services config</h3>The <code>lazy_services</code> config block used to be an independent block on v2 of the ServiceManager. On v3 it has been integrated on the ServiceManager configuration itself, along with <code>factories</code>, <code>invokables</code> and such.This is an example of <code>lazy_services</code> usage:<pre><pre><code class="language-php">use Acelaya\Database\DbConnFactory;
use Acelaya\Service\MyExpensiveService;
use Acelaya\Service\MyExpensiveServiceFactory;
use Zend\ServiceManager\Proxy\LazyServiceFactory;
use Zend\ServiceManager\ServiceManager;

$sm = new ServiceManager([
 &#x27;factories&#x27; =&gt; [
 &#x27;db_connection&#x27; =&gt; DbConnFactory::class,
 MyExpensiveService::class =&gt; MyExpensiveServiceFactory::class,
 ],

 &#x27;lazy_services&#x27; =&gt; [
 &#x27;class_map&#x27; =&gt; [
 &#x27;db_connection&#x27; =&gt; \PDO::class,
 MyExpensiveService::class =&gt; MyExpensiveService::class,
 ],
 &#x27;proxies_target_dir&#x27; =&gt; &#x27;data/proxies&#x27;,
 &#x27;proxies_namespace&#x27; =&gt; &#x27;AcelayaProxy&#x27;,
 &#x27;write_proxy_files&#x27; =&gt; getenv(&#x27;APPLICATION_ENV&#x27;) === &#x27;prod&#x27;,
 ],

 &#x27;delegators&#x27; =&gt; [
 &#x27;db_connection&#x27; =&gt; [
 LazyServiceFactory::class,
 ],
 MyExpensiveService::class =&gt; [
 LazyServiceFactory::class,
 ],
 ],
]);
</code></pre></pre>But how does this work?The first thing we have to do is register our services the regular way. In this case I have registered 2 services in the <code>factories</code> block, the <code>db_connection</code>and the <code>MyExpensiveService</code>. I can fetch those services in a normal way, and their factories will be hit in order to create them.But we don&#x27;t want that. We want a proxy to be returned, wrapping the factory that will be hit only when the object is going to be used.The next block, <code>lazy_services</code>, wraps some config params, like the <code>class_map</code>, which determines the class that needs to be proxied for each service (sometimes the service name is the class itself, but we still have to map it).Finally, by making use of the <code>delegators</code> block, we have to add a built-in delegator to each lazy service, the <code>Zend\ServiceManager\Proxy\LazyServiceFactory</code>.Important!: If your service needs more delegators, this one should be the last one of the list, so that it is the first one hit.This delegator is the one which makes the magic. Instead of calling the next delegator until the factory is hit, it returns the generated proxy, and makes it wrap the next factory, so that the delegators chain which ends on the main factory, is only hit the first time the object is going to be used.The rest of the <code>lazy_services</code> properties are only used for convenience.<ul><li>The <code>proxies_target_dir</code> tells where proxies should be created. If you don&#x27;t define it, the system temp dir will be used.</li><li>The <code>proxies_namespace</code> tells the namespace to be used for proxy classes.</li><li>The <code>write_proxy_files</code> property is a boolean which tells whether to persist generated proxies or generate them every time. It is a good idea that you set it to false on development, so that proxies are regenerated every time, in case the proxied classes have changed, and true on production to improve performance, so that once a proxy has been created, the same file is used every time.</li></ul><h3>How to fetch lazy services</h3>The good thing is that the whole process is transparent. You don&#x27;t need to change your code.If you were already fetching services and you want to make them lazy, you just need to map them and add the <code>LazyServiceFactory</code> delegator in the ServiceManager config. Everything else remains the same.