Proposal
COmanage should switch to a different PHP Framework, such as Laravel.
Candidate frameworks are:
| Name | Version | License | Popularity* | Notes |
|---|---|---|---|---|
| CakePHP | 3 or 4 | MIT | 3 | |
| Laravel | 5.5 | MIT | 1 | |
| Symfony | 3.x (3.3) | MIT | 2 | |
| 2.0 | BSD | 4 | better AJAX support | |
| Zend | 3 | BSD | 5 |
*Popularity ranking of framework as search terms from trends.google.com
https://trends.google.com/trends/explore?date=2014-08-05%202017-09-05&q=laravel,cakephp,symfony,yii,zend
1 = highest, 5 = lowest (take with appropriate grain of salt)
Evaluation Criteria
- The selected framework must have a substantial history and a reasonable likelihood of being supported in the long-term.
- The selected framework must support plugins.
- The selected framework should not impose a significant burden on the developers.
- Possibly including IDE support.
- The selected framework must work with the existing data model largely unmodified.
- The selected framework must offer "out of the box" security management equivalent to current CakePHP capabilities.
- The selected framework must be compatible with the Apache 2 license.
- The selected framework must have an active support community, including good documentation, mailing lists/forums, etc.
Benefits
Cake
- Cake is more familiar; cost of change is always expensive.
- Security features such as built-in support vs. form tampering is strong
Laravel
- UI: webpack support, and other modern UI features - built-in
Drawbacks
Laravel
- There is no equivalent to SecurityComponent, though some specifics like CSRF protection are available. Capabilities like form tampering detection will require reimplementation.
- Laravel favors explicit declaration over convention, so eg all routes need to be explicitly declared. With Cake, only exceptions to the pattern need to be declared.