pear · chilimatic · Feb 2, 2026 · Feb 2, 2026 · Feb 2, 2026 · Feb 2, 2026
diff --git a/.github/workflows/tests.yml b/.github/workflows/tests.yml
@@ -12,7 +12,7 @@ jobs:
     strategy:
       fail-fast: true
       matrix:
-        php: ["5.6", "7.0", "7.1", "7.2", "7.3", "7.4", "8.0", "8.1", "8.2", "8.3", "8.4"]
+        php: ["5.6", "7.0", "7.1", "7.2", "7.3", "7.4", "8.0", "8.1", "8.2", "8.3", "8.4", "8.5"]
 
     name: PHP ${{ matrix.php }}
 
@@ -41,10 +41,10 @@ jobs:
         run: composer install --prefer-dist --no-interaction --no-progress
 
       - name: Install GnuPG v1 (GnuPG v2 does not work with Github Actions)
-        run: sudo apt-get install -y gnupg1
+        run: sudo apt-get install -y gnupg2
 
       - name: Execute tests
-        run: TESTS_GPG_BINARY=/usr/bin/gpg1 vendor/bin/phpunit --stop-on-error tests
+        run: TESTS_GPG_BINARY=/usr/bin/gpg vendor/bin/phpunit --stop-on-error tests
 
       - name: Upload artifacts
         uses: actions/upload-artifact@master

diff --git a/Crypt/Console/PinCliParameters.php b/Crypt/Console/PinCliParameters.php
@@ -0,0 +1,22 @@
+<?php
+
+namespace Crypt\Console;
+
+class PinCliParameters
+{
+    private $verbose;
+    private $log;
+
+    public function __construct($verbose = 0, $log = null) {
+        $this->verbose = $verbose;
+        $this->log = $log;
+    }
+
+    public function getVerbose() {
+        return $this->verbose;
+    }
+
+    public function getLog() {
+        return $this->log;
+    }
+}
diff --git a/Crypt/Console/SimpleCliWrapper.php b/Crypt/Console/SimpleCliWrapper.php
@@ -0,0 +1,184 @@
+<?php
+
+namespace Crypt\Console;
+
+
+require_once __DIR__ . '/PinCliParameters.php';
+
+class SimpleCliWrapper
+{
+    const DEFAULT_VERBOSITY = 0;
+    const INVALID_INPUT = -1;
+    const VERBOSE_LONG = 'verbose';
+    const VERBOSE_SHORT = 'v';
+    const HELP_SHORT = 'h';
+    const HELP_LONG = 'help';
+    const LOG_SHORT = 'l';
+    const LOG_LONG = 'log';
+    const OPTIONAL_INDICATOR = '::';
+
+    /**
+     * The old definition for the CLI options was:
+     * ```xml
+     *  <description>Utility that emulates GnuPG 1.x passphrase handling over pipe-based IPC for GnuPG 2.x.</description>
+     *      <version>@package-version@</version>
+     *      <option name="log">
+     *          <short_name>-l</short_name>
+     *          <long_name>--log</long_name>
+     *          <description>Optional location to log pinentry activity.</description>
+     *          <action>StoreString</action>
+     *      </option>
+     *          <option name="verbose">
+     *          <short_name>-v</short_name>
+     *          <long_name>--verbose</long_name>
+     *          <description>Sets verbosity level. Use multiples for more detail (e.g. "-vv").</description>
+     *          <action>Counter</action>
+     *          <default>0</default>
+     *      </option>
+     *  </description>
+     * ```
+     *
+     * @return PinCliParameters
+     */
+    public function parseCli()
+    {
+        $shortOpts = implode('', [
+            self::VERBOSE_SHORT . self::OPTIONAL_INDICATOR,
+            self::LOG_SHORT . self::OPTIONAL_INDICATOR,
+            self::HELP_SHORT . self::OPTIONAL_INDICATOR
+        ]);
+
+        $longOpts = [
+            self::VERBOSE_LONG . self::OPTIONAL_INDICATOR,
+            self::LOG_LONG . self::OPTIONAL_INDICATOR,
+            self::HELP_LONG . self::OPTIONAL_INDICATOR
+        ];
+
+        $opts = getopt($shortOpts, $longOpts);
+        if (isset($opts[self::HELP_SHORT]) || isset($opts[self::HELP_LONG])) {
+            $this->printHelp();
+            exit(1);
+        }
+
+        $verbosityLevel = self::getVerbosityLevel($opts);
+        if ($verbosityLevel === self::INVALID_INPUT) {
+            $this->writeToErrOrEcho("Invalid verbosity level. Please use -h or --help.\n");
+            exit(1);
+        }
+
+        $logLocation = self::getLogLocation($opts);
+        if ($logLocation === self::INVALID_INPUT) {
+            $this->writeToErrOrEcho("Invalid log location. Please use -h or --help.\n");
+            exit(1);
+        }
+
+        return new PinCliParameters(
+            $verbosityLevel,
+            $logLocation
+        );
+    }
+
+    /**
+     * replication of previous behavior from PEAR Console_CommandLine
+     * which is abandoned now.
+     *
+     * ```
+     * public function stderr($msg)
+     * {
+     *      if (defined('STDERR')) {
+     *          fwrite(STDERR, $msg);
+     *      } else {
+     *          echo $msg;
+     *      }
+     * }
+     * ```
+     *
+     * @param $msg
+     * @return void
+     */
+    public function writeToErrOrEcho($msg)
+    {
+        if (defined('STDERR')) {
+            fwrite(STDERR, $msg);
+        } else {
+            echo $msg;
+        }
+    }
+
+    private function printHelp()
+    {
+        echo "
+Utility that emulates GnuPG 1.x passphrase handling over pipe-based IPC for GnuPG 2.x.
+
+Options:
+    -h, --help: Display this help message.
+    -l, --log: Optional location to log pinentry activity.
+    -v, --verbose: Verbosity level for logging.
+
+    The default verbosity level is 0.
+    Increase verbosity levels for more detail:
+        Short Syntax: -vvv
+        Long Syntax: --verbose 3
+
+    Set the Log Location:
+        Short Syntax: -l/path/to/log/file
+        Long Syntax: --log /path/to/log/file
+
+    the short syntax will be taken before the long syntax.
+";
+    }
+
+
+    /**
+     * @param array $opts
+     *
+     * @return int
+     */
+    public static function getVerbosityLevel(array $opts)
+    {
+        if (!isset($opts[self::VERBOSE_SHORT]) && !isset($opts[self::VERBOSE_LONG])) {
+            return self::DEFAULT_VERBOSITY;
+        }
+
+
+        // the default options with just a -v is false, but based
+        // on the old system, it would be level 0
+        if (isset($opts[self::VERBOSE_SHORT])) {
+            if ($opts[self::VERBOSE_SHORT] === false) {
+                return self::DEFAULT_VERBOSITY;
+            }
+
+            // the first v will be stripped -v so we count the amounts of v's after that
+            return (int)mb_strlen($opts[self::VERBOSE_SHORT]);
+        }
+
+        if (isset($opts[self::VERBOSE_LONG]) && !is_numeric($opts[self::VERBOSE_LONG])) {
+            return self::INVALID_INPUT;
+        }
+
+        if (isset($opts[self::VERBOSE_LONG])) {
+            return (int)$opts[self::VERBOSE_LONG];
+        }
+
+        return self::INVALID_INPUT;
+
+    }
+
+
+    public static function getLogLocation(array $opts)
+    {
+        if (!isset($opts[self::LOG_SHORT]) && !isset($opts[self::LOG_LONG])) {
+            return "";
+        }
+
+        if (isset($opts[self::LOG_SHORT]) && is_string($opts[self::LOG_SHORT])) {
+            return $opts[self::LOG_SHORT];
+        }
+
+        if (isset($opts[self::LOG_LONG]) && is_string($opts[self::LOG_LONG])) {
+            return $opts[self::LOG_LONG];
+        }
+
+        return self::INVALID_INPUT;
+    }
+}
diff --git a/Crypt/GPG/PinEntry.php b/Crypt/GPG/PinEntry.php
@@ -32,7 +32,7 @@
 /**
  * CLI user-interface and parser.
  */
-require_once 'Console/CommandLine.php';
+require_once __DIR__ . '/../Console/SimpleCliWrapper.php';
 
 /**
  * A command-line dummy pinentry program for use with gpg-agent and Crypt_GPG
@@ -137,7 +137,7 @@ class Crypt_GPG_PinEntry
     /**
      * The command-line interface parser for this pinentry
      *
-     * @var Console_CommandLine
+     * @var \Crypt\Console\SimpleCliWrapper
      *
      * @see Crypt_GPG_PinEntry::getParser()
      */
@@ -192,13 +192,13 @@ class Crypt_GPG_PinEntry
      */
     public function __invoke()
     {
-        $this->parser = $this->getCommandLineParser();
+        $this->parser = new \Crypt\Console\SimpleCliWrapper();
 
         try {
-            $result = $this->parser->parse();
+            $result = $this->parser->parseCli();
 
-            $this->setVerbosity($result->options['verbose']);
-            $this->setLogFilename($result->options['log']);
+            $this->setVerbosity($result->getVerbose());
+            $this->setLogFilename($result->getLog());
 
             $this->connect();
             $this->initPinsFromENV();
@@ -211,10 +211,6 @@ public function __invoke()
             }
 
             $this->disconnect();
-
-        } catch (Console_CommandLine_Exception $e) {
-            $this->log($e->getMessage() . PHP_EOL, self::VERBOSITY_ERRORS);
-            exit(1);
         } catch (Exception $e) {
             $this->log($e->getMessage() . PHP_EOL, self::VERBOSITY_ERRORS);
             $this->log($e->getTraceAsString() . PHP_EOL, self::VERBOSITY_ERRORS);
@@ -259,57 +255,19 @@ public function setLogFilename($filename)
         }
 
         if ($filename != '') {
-            if (($this->logFile = fopen($filename, 'w')) === false) {
+            if (($this->logFile = fopen($filename, 'wb')) === false) {
                 $this->log(
                     'Unable to open log file "' . $filename . '" '
                     . 'for writing.' . PHP_EOL,
                     self::VERBOSITY_ERRORS
                 );
                 exit(1);
-            } else {
-                stream_set_write_buffer($this->logFile, 0);
             }
-        }
 
-        return $this;
-    }
-
-    /**
-     * Gets the CLI user-interface definition for this pinentry
-     *
-     * Detects whether or not this package is PEAR-installed and appropriately
-     * locates the XML UI definition.
-     *
-     * @return string|null The location of the CLI user-interface definition XML.
-     */
-    protected function getUIXML()
-    {
-        // Find PinEntry config depending on the way how the package is installed
-        $ds    = DIRECTORY_SEPARATOR;
-        $root  = __DIR__ . $ds . '..' . $ds . '..' . $ds;
-        $paths = [
-            '@data-dir@' . $ds . '@package-name@' . $ds . 'data', // PEAR
-            $root . 'data', // Git
-            $root . 'data' . $ds . 'Crypt_GPG' . $ds . 'data', // Composer
-        ];
-
-        foreach ($paths as $path) {
-            if (file_exists($path . $ds . 'pinentry-cli.xml')) {
-                return $path . $ds . 'pinentry-cli.xml';
-            }
+            stream_set_write_buffer($this->logFile, 0);
         }
 
-        return null;
-    }
-
-    /**
-     * Gets the CLI parser for this pinentry
-     *
-     * @return Console_CommandLine the CLI parser for this pinentry.
-     */
-    protected function getCommandLineParser()
-    {
-        return Console_CommandLine::fromXmlFile($this->getUIXML());
+        return $this;
     }
 
     /**
@@ -331,7 +289,7 @@ protected function log($data, $level)
                 fwrite($this->logFile, $data);
                 fflush($this->logFile);
             } else {
-                $this->parser->outputter->stderr($data);
+                $this->parser->writeToErrOrEcho($data);
             }
         }
 

diff --git a/composer.json b/composer.json
@@ -25,9 +25,8 @@
         }
     ],
     "require": {
-        "php": ">=5.4.8",
+        "php": ">=5.6",
         "ext-mbstring": "*",
-        "pear/console_commandline": "*",
         "pear/pear_exception": "*"
     },
     "suggest": {
@@ -52,5 +51,10 @@
     },
     "archive": {
         "exclude": ["tools"]
+    },
+    "config": {
+        "audit": {
+            "block-insecure": false
+        }
     }
 }
diff --git a/data/pinentry-cli.xml b/data/pinentry-cli.xml
diff --git a/scripts/crypt-gpg-pinentry b/scripts/crypt-gpg-pinentry
@@ -10,8 +10,6 @@ $root  = __DIR__ . $ds . '..' ;
 $paths = [
     '@php-dir@', // PEAR or Composer
     $root, // Git (or Composer with wrong @php-dir@)
-    $root . $ds . '..' . $ds . 'Console_CommandLine', // Composer
-    $root . $ds . '..' . $ds . 'console_commandline', // Composer
     // and composer-installed PEAR_Exception for Console_CommandLine (#21074)
     $root . $ds . '..' . $ds . '..' . $ds . 'pear' . $ds . 'pear_exception',
 ];