Package Base Details: php70

Git Clone URL: (read-only)
Submitter: betrixed
Maintainer: wget
Last Packager: wget
Votes: 10
Popularity: 0.044457
First Submitted: 2017-02-05 08:12
Last Updated: 2019-04-28 22:32

Pinned Comments

wget commented on 2018-04-24 22:41

This package makes use of GPG keys for integrity verification. Here are the PGP keys you need to import (if you trust them):

$ gpg --recv-keys 1A4E8B7277C42E53DBA9C7B9BCAA30EA9C0D5763 6E4F6AB321FDC07F2C332E3AC2BF0BC433CFC8B3

Receiving GPG keys might fail with the following error message: $ gpg: keyserver receive failed: Connection refused. If this happens, just check your DNS or use other ones.

Latest Comments

« First ‹ Previous 1 2 3 4 5 6

lilmike commented on 2017-05-02 13:53

When looking at the php56 package, which does detect openssl-1.0 correctly, I noticed before the ./configure etc steps:

export PKG_CONFIG_PATH=/usr/lib/openssl-1.0/pkgconfig

This (seems to have) done the trick. Perhaps this could be tested and incorporated into the package if it works?
-Michael. commented on 2017-04-27 14:37

openssl-1.0 installs in a way PHP doesn't detect.

Here's my (dirty) way to compile it anyway:

1. install openssl-1.0
2. mkdir -p /opt/openssl-1.0/include
3. ln -s /usr/lib/openssl-1.0/ /opt/openssl-1.0/lib
4. ln -s /usr/include/openssl-1.0/openssl/ /opt/openssl-1.0/include/openssl

5. edit PKGBUILD, change

VVL commented on 2017-04-25 14:59

After upgrading OpenSSL to 1.1.0 gives error:
"configure: error: OpenSSL version >= 1.1 is not supported."
even if openssl-1.0 installed. Cant find it at PKGBUILD to fix manually.
On seems php support openssl 1.1.0. What ways make it work? :)

eschwartz commented on 2017-04-20 08:49

After someone asked about this in the #archlinux IRC channel, I looked at this PKGBUILD, and you really need to add the validpgpkeys array back.

I don't know why you thought it should be removed in the first place, because now everyone *definitely* has problems since makepkg tries to verify the PGP signature but doesn't recognize the key!


gpg --verify warned you that the key has not been marked as a trusted key, but this is not actually problematic in any way, since makepkg and gpg are two entirely different things... see the wiki for more details:

Particularly the part about "[makepkg] will ignore the trust values from the keyring".

cutgah commented on 2017-04-20 08:44

From the #archlinux IRC:

The maintainer should put that array back where it came from [the validpgpkeys array] because the whole point of that array is to tell makepkg that the named key is trusted, but manually running gpg --verify does not have the same trust.

grawity commented on 2017-04-20 08:37

The point of validpgpkeys is that it bypasses the web of trust. It's telling makepkg that these keys are always trusted, and *only* these keys.

So basically you're supposed to list in validpgpkeys the key fingerprints of all developers who sign those PHP tarballs.

betrixed commented on 2017-04-11 02:45

Response to tomaszgasior comment on 2017-04-08 19:06

Release 2

c-client dependency added.

php extension LDAP is compiled into the PHP binary. I guess this was/is a flaw with the php56 PKGBUILD that I modified to make the php70 PKGBUILD. I have changed the name of the 'conflicts' and 'replaces' to php70-ldap, -even though its not created here, so this will remove the potential for conflict with the vanilla php package name php-ldap. I haven't investigated, I don't know the cost/benefit of having LDAP extension compiled into the binary. I don't know how big it is, how often it gets used, etc.

As for PGP of php-7.0.17.tar.xz, I got a "Good Signature" but Warning, its not certified with a trusted signature! The pgpkey in the PKGBUILD array is the primary key 'fingerprint' of the owners key (Anatol Belski <>). I don't know which steps are needed for further automation into web of trust, or whether it is easier not to use this in the package and rely on that I trust the source.

Since its giving a problem, I've removed the validpgpkeys for this release, at least until I understand how it should be properly used.

TomaszGasior commented on 2017-04-08 19:06

Please rename conflict package from php-ldap to php70-ldap or remove it from PKGBUILD. Currently because of it PHP 7.1 and this package cannot be installed in the same time.

Also check PGP keys. Key of php-7.0.17.tar.xz is incorrect.

TomaszGasior commented on 2017-03-26 22:25

Is there any repository where I can find compiled older versions of PHP?

makikatze commented on 2017-02-07 16:38

This package needs the "c-client" package as a dependency, otherwise the configuration during build process will fail.

Though I did not test if it's only needed for compilation (make) or for php to run, it's most probably needed for running, as the package "php-imap" from the Extra repository needs it for both, compiling and running.

Furthermore, the check() function failed for me without installing something that provides "/usr/bin/sendmail" (I chose to install msmtp which works).
Skipping the checks with makepkg's "--nocheck" option should also work, of course.