Question 1

How do I set up GPG verification with Tooly?

Accepted Answer

Install the tm/gpg-verifier package via Composer and ensure GPG is in your PATH. Then, add the sign-url parameter for each tool in the composer.json extra section. Note that you may need to import the author's public key for it to work, as mentioned in the README.

Question 2

Can Tooly manage tools that aren't PHAR files?

Accepted Answer

No, Tooly is specifically designed for PHP Archive (PHAR) files only. For other binaries, you'd need alternative solutions like manual scripts or using containerization tools like Docker.

Question 3

Tooly vs using Docker for PHP tool management?

Accepted Answer

Tooly integrates with Composer for per-project, version-controlled PHAR management, ideal for reproducible builds within PHP projects. Docker bundles tools in containers, offering better isolation but may not sync tool versions as declaratively across projects.

Question 4

How to mark a tool as development-only in Tooly?

Accepted Answer

In the composer.json extra section for a tool, set the 'only-dev' parameter to true. This ensures the tool is only installed when running composer without --no-dev, keeping production environments lean.

Question 5

What happens if a PHAR download URL fails with Tooly?

Accepted Answer

Tooly can use a fallback-url if provided in the configuration. If both primary and fallback URLs fail, the installation will error out, so it's important to maintain reliable sources or use static versions.

Question 6

Is Tooly suitable for large teams with many tools?

Accepted Answer

Yes, Tooly helps standardize tool versions across teams by declaring them in composer.json, reducing setup inconsistencies. However, it adds overhead to Composer scripts and requires managing URLs and signatures, which can become complex with many tools.

Tooly

What is Tooly?

Overview

Use Cases

Best For

Related Projects

Found a gem we're missing?

Not Ideal For

Pros & Cons

Pros

Cons

Frequently Asked Questions