I have a Composer plugin that does some of our package asset installations, etc.
I'm adding some logic that occurs on a package uninstall. However, sometimes the plugin itself is removed before other packages that are being installed and need the functionality of the plugin.
Is there a way to get a list of all packages that are goin to be removed before the removals start?
Or, is there a way to force the plugin to be removed last?
Related
I have the problem that during a Shopware 6 update (e.g. 6.4.18.0 -> 6.4.19.0) the root composer.json changes.
Since it is possible to install plugins via composer require all the required plugins and installed plugins are missing after the update.
How do i handle that? What is the best-practice for this case?
How did you install shopware in the first place? When you install shopware over the webinstaller, then you should update over that way as well and changes in the composer.json will be overwritten by an update so you have to add those changes manually again.
If you set up your project using composer you should update by pulling the latest changes and if you have manual changes in the composer.json, those changes will be merged via git.
With the new symfony flex setup all of this should not be necessary anymore and your root composer.json should not be touched anymore during updates. The flex setup will be the default setup starting with 6.5 and also the webupdater will switch the existing installations to this setup.
You can follow this guide on how to switch to the new setup.
I am using Neos CMS for my website. Now I am trying to update the CMS via composer update. Inside my project I installed a package that is now abandoned. That resulted in a failed update because the composer.json inside the package does not require the newer version of the CMS. Basically I just need a way to completely ignore that package while composer is updating. --no-dev did not work. That resulted in: Running update with --no-dev does not mean require-dev is ignored, it just means the packages will not be installed. If dev requirements are blocking the update you have to resolve those problems. Would be great if someone has an idea.
If the source of the abandoned package is still available, you may create a fork of it, change the requirement settings and then include your fork like described in How to require a fork with composer?
A much better way would be to exchange the package with something else which is still maintained. If you rely on the functionality of this package in your project(s), it may be worth to maintain an updated fork of it on your own.
We currently are using govendor to manage packages in our go repository. Since we are using a lot of packages, we have decided to check-in the packages sources code into vendor folder, so that:
Saving time downloading all packages every time the repository needs to be built in build machines.
Avoiding the possibility of one package becoming unavailable online (being deleted, network issues, etc...)
I am interested to use the modules notion introduced in v1.11. However I can't seem to find a similar approach of check-ing in the packages instead of having to download all the packages.
Any ideas?
Go modules provide a go mod vendor command that will create a vendor directory in your package root, same as glide or govendor or dep do.
I'm installing Drupal 8.x via composer downloading any dependencies from the Internet and all works fine.
In this way however there is no guarantee that the same versions of dependencies will be available every time I install. One server might have an updated version of a module than another Drupal server if I install in different time. I would like to prevent against this by using a local mirror.
Is it possible to provide a local mirror to composer and how?
Any example / reference / suggestions?
If you are worried about the versions, then the best way would be to define the exact versions you want in your composer.json if need. But apart from that, after you install your dependencies, you have a composer.lock file that has the exact versions in it. This file is committed to your version control and used as the base to install: this way you always get the same versions (until you update of course).
A separate problem might be that there is no internet, or the specific versions are not available for some reason. This shouldn't happen (often), but in that case you should pick this up before you 'release'.
The best practice would be to build (finding out if you have all packages available) and then release. You could even create a separate build server that creates your project including the vendor dir, and push from there. The fact that your vendor dir is not in your version control does not mean you have to get all dependencies on your production server each time
This means you have a local copy of your vendor, which is not a local mirror of composer per se, but close enough for comfort.
Is there any utility or service that allows to know what packages have released new versions given a custom composer.json file?
It would be very useful in order to plan packages upgrades.
You can run composer show --outdated to get the list of outdated packages.
Outdated are all packages, which have a newer version available or are abandoned/replaced by another package.
In case you want a full overview including outdated and up-to-date ones, then you can use composer show --latest.
For more: composer show --help.
Referencing: https://getcomposer.org/doc/03-cli.md#show
Some repositories use external services like VersionEye to track, whether their dependencies are up to date. The status is often indicated by a "dependency up-to-date" badge, which is added to the readme of the project. You can find that for instance in the Readme of the Yii2 Framework.