5
I had not realized the new module code was doing this. Cool feature.
I've got a few thoughts.
Looks like we should be checking the CURLINFO_RESPONSE_CODE with curl_getinfo() to make sure the return is a 200. A lot of other codes can be returned with a valid json body that are totally different than the releases body. An example is the 403 response code for a rate limit exceded error -
https://developer.github.com/v3/#rate-limitingWe might also consider a more precise end point, like this:
https://api.github.com/repos/XoopsModules25x/publisher/releases/latest
To be good github citizens, we should cache the results for some period of time so we don't generate hundreds of checks while doing publisher setup activities. The period could easily be an hour or more. Xmf\Module\Helper\Cache::cacheRead() could make that easy.
One last observation not directly related to this issue, since publisher can be cloned, it looks like this check will not get any data, or wrong data from another module.