phar

Add one or more files or directories to a Phar file

$ phar add -f [path/to/phar_file] [path/to/file_or_directory1 path/to/file_or_directory2 ...]

$ phar list -f [path/to/phar_file]

$ phar delete -f [path/to/phar_file] -e [file_or_directory]

$ phar compress -f [path/to/phar_file] -c [algorithm]

$ phar info -f [path/to/phar_file]

$ phar sign -f [path/to/phar_file] -h [algorithm]

$ phar sign -f [path/to/phar_file] -h openssl -y [path/to/private_key]

$ phar help

Since 'phar' is not a standalone Linux command, its usage revolves around the PHP interpreter:

php <phar_file> [arguments...]

To execute a PHAR archive. The `arguments` are passed to the script inside the PHAR.

php -d phar.readonly=0 -r 'new Phar("archive.phar");'

Example of programmatic interaction with a PHAR archive using PHP CLI's evaluation mode. Actual PHAR creation/manipulation is done via PHP scripts or frameworks, not a direct `phar` command line utility.

<phar_file>
    The path to the PHAR archive to be executed. This is the primary 'argument' to the php interpreter when running a PHAR.

[arguments...]
    Optional arguments passed directly to the PHP script encapsulated within the PHAR archive. These are parsed by the script's logic, not the php interpreter itself.

-d <name>[=<value>]
    (PHP CLI option) Sets a PHP INI entry (e.g., memory_limit) for the execution of the PHAR. This affects the PHP runtime environment.

-c <path>
    (PHP CLI option) Specifies an alternative php.ini file to be used instead of the default when executing the PHAR.

-n
    (PHP CLI option) Prevents any php.ini file from being loaded, ensuring a clean PHP runtime environment for the PHAR execution.

The term "phar" refers to a PHP Archive, a file format introduced in PHP 5.3 that packages an entire PHP application into a single file. Unlike standard Linux commands like `tar` or `zip`, `phar` is not a standalone system utility. Instead, it's a specialized archive format primarily executed and managed by the PHP interpreter.

A PHAR file can contain source code, images, and other assets, making deployment and distribution of PHP applications easier. It behaves much like a `.jar` file for Java or an `.exe` file for Windows, allowing an application to run by simply invoking the PHAR file with the PHP CLI (e.g., php myapp.phar).

The PHAR extension within PHP provides functionalities to create, modify, and extract these archives programmatically. From a command-line perspective on Linux, interacting with a PHAR typically involves using the `php` executable to run the archived script or to manage the archive itself.

The `phar` format is specific to PHP and requires a PHP interpreter to be installed and accessible on the system. It is not a general-purpose archiving tool like `tar` or `zip`. Security is a significant concern: executing untrusted PHAR files can lead to severe vulnerabilities, as they are essentially executable PHP scripts. The phar.readonly PHP INI setting (defaulting to '1') prevents modification of PHAR archives, requiring it to be explicitly set to '0' for creation or modification operations, typically for security reasons.

PHAR archives are typically created and modified programmatically using PHP's built-in Phar class. Developers write PHP scripts that leverage this class to add files, set a bootstrap script, sign the archive, and compress its contents. There isn't a standalone `phar` command-line utility for this purpose; it's all handled within PHP scripts or tools built on top of the Phar class (e.g., Composer's `phar-util`).

PHAR files are executables. Just like any other executable, they can contain malicious code. PHP includes features like PHAR signing (SHA1, SHA256, MD5) to verify the integrity and origin of an archive. Users should only execute PHAR files from trusted sources. The phar.readonly INI setting is a crucial security measure, preventing accidental or malicious modification of existing PHARs on a server.

The PHAR (PHP Archive) format was introduced in PHP 5.3, released in June 2009. Its development aimed to address the need for a single-file distribution mechanism for PHP applications, similar to Java's JAR archives. Before PHAR, deploying PHP applications often involved distributing many individual files and managing dependencies. The PHAR extension provided a robust, built-in solution for packaging, signing, and executing PHP applications as self-contained units, significantly simplifying deployment and management tasks for developers.

php(1), tar(1), zip(1)